Gentoo Linux Security Advisory GLSA 200905-06 - An error in acpid might allow remote attackers to cause a Denial of Service. The acpid daemon allows opening a large number of UNIX sockets without closing them, triggering an infinite loop. Versions less than 1.0.10 are affected.
f1e0c2c3eb13db748b80959e4536ceb5f4064f30cb5095885b73fd49e31a3c6bGentoo Linux Security Advisory GLSA 200905-05 - Multiple integer overflows in FreeType might allow for the remote execution of arbitrary code or a Denial of Service. Tavis Ormandy reported multiple integer overflows in the cff_charset_compute_cids() function in cff/cffload.c, sfnt/tccmap.c and the ft_smooth_render_generic() function in smooth/ftsmooth.c, possibly leading to heap or stack-based buffer overflows. Versions less than 2.3.9-r1 are affected.
e9b36985a193949654f83a9a009ec43d8a047444740d6c527ab4e63b6108f5bbSecunia Research has discovered a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow error in "sadmind" when allocating memory for incoming "sadmind" requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. Successful exploitation may allow execution of arbitrary code. Solaris versions 8 and 9 are affected.
2588276a4d4549d8fc09c553a149ec640174afe73c0379fa6574623a52c9e2ebSecunia Research has discovered a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in "sadmind" when decoding request parameters. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. Successful exploitation allows execution of arbitrary code. Solaris versions 8 and 9 are affected.
6effaf2c14d97816be959ffb5ea357ea6d0c0ee1105a70e8cb1cbc0d3b392880MiniTwitter versions 0.3-Beta and below suffer from remote SQL injection and cross site scripting vulnerabilities.
dc6e0a0e1309a74dcfc723b6db99848b02e2c34a14526b35359f3b9f83b4ac2bAndroid, an open source mobile phone platform, improperly checks developer certificates when installing packages that request the shared user identifier (uid) permission. Android versions greater and equal to 1.5 CRB17 and less than or equal to 1.5 CRB42 are affected.
4529118996146152d1d83f69c6d70389ced40256af266233bb1f2cd14f0ae955The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
d524c6272e03bae71b8cfb8b64310680e24c0e94d3d435156f2d5a6cd3b01580Whitepaper called How Do I Crack Your WEP: The FMS Attack Explanation. Written in Italian.
2370a8ac5f10c5e45ca9fc7af76d2290a878ed122c845ab2f0992dd048d5f459
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed