Debian Security Advisory 681-1 - It was discovered that synaesthesia, a program for representing sounds visually, accesses user-controlled configuration and mixer files with elevated privileges. Thus, it is possible to read arbitrary files.
4495e8aa92062fd55a0748248392d8bf3ad07ec8aaa2ce5471f8cd4f7159a63dUnofficial patch for the ASPjar Guestbook login.asp vulnerability that allows bypassing of the authentication process.
fc0f8893e127ff46a67d2fd0fcc9c8c314f1c77b8d8fdec1aefa4a8e8584889cDebian Security Advisory 679-1 - Sean Finney discovered several insecure temporary file uses in toolchain-source, the GNU binutils and GCC source code and scripts. These bugs can lead a local attacker with minimal knowledge to trick the admin into overwriting arbitrary files via a symlink attack. The problems exist inside the Debian-specific tpkg-* scripts.
8f2e4326419107ce6f9603bdfcc36159ca05fc8506c9bdf79c6ce053c440fc22Successful exploitation of an input validation vulnerability in scripts from AWStats versions 6.3 and below allows attackers to execute limited perl directives under the privileges of the web server and get sensitive information.
1a226b0593c65789e7210aa2a9b495c75d9c954dc2b889e5c30d5f93af90474dGentoo Linux Security Advisory GLSA 200502-16 - ht://Dig is vulnerable to cross-site scripting attacks. Versions below 3.1.6-r7 are affected.
3c6d93a6140648cf6ccdd7a1cedbb457820579a89d2047fc0827652e708fe7d1Gentoo Linux Security Advisory GLSA 200502-15 - A vulnerability in PowerDNS could lead to a temporary Denial of Service. Versions below 2.9.17 are affected.
e82d44c88c0925e55ad3442e07752baf9cbbd257368c592e0107545404ba4077Proof of concept exploit for the Quake 3 engine making use of a flaw in the handling of big queries.
13956c6e8d433fd1a581c534b1b76326451860d9807d8e671cb9533aa35ae846The Quake 3 engine has problems handling big queries allowing an attacker to shutdown any game server based on this engine.
78b11d8586e5b06edba83d347f651192620eb4e4a532b70eb0b25ab3b3b0947dSymantec Security Advisory - Symantec resolved a potential remote access compromise vulnerability reported by ISS X-Force. The vulnerability was identified in an early version of a Symantec antivirus scanning module responsible for parsing UPX compressed files that is still in limited use in some Symantec security products.
3833aac8ee1f22f7c49c3b4f6c1c82755c821d5be3f9738d371296768d7ffeceGentoo Linux Security Advisory GLSA 200502-12 - Portage-built Webmin binary packages accidentally include a file containing the local encrypted root password. Versions below 1.170-r3 are affected.
085ac67e1cb18a58fc89e2940e8266a6aaca83d1be98543487ee3bf605e8bb78iDEFENSE Security Advisory 02.11.05 - Local exploitation of an invalid pointer dereference vulnerability in Zone Labs LLC's ZoneAlarm personal firewall allows attackers to trigger a denial of service (DoS) condition.
529c1dcacaddb24e327f75a6c7918427310bd07f7cb38f7f278fa90668c9d636Zone Labs Security Alert ZL05-01 - The ZoneAlarm family of products and Check Point Integrity have been updated to address a low risk vulnerability in their Inter-Process Communication (IPC) functions.
66783f094bef1dcfcaa3545dc3f316f3facd7a5e52b779c9ccf1d02de1452e1bThis is a textfile explaining what flister is and does. FLISTER is proof-of-concept code for detecting files hidden by both usermode and kernelmode Windows rootkits. It exploits the bugs in handling ZwQueryDirectoryFile() calls with ReturnSingleEntry set to TRUE. Flister works on Windows 2000, XP and 2003.
5b6b637cd51329f95822be40d03bfadd2f6be2edba391415b001239b956c157eFLISTER is a proof-of-concept code for detecting files hidden by both usermode and kernelmode Windows rootkits. It exploits the bugs in handling ZwQueryDirectoryFile() calls with ReturnSingleEntry set to TRUE. Flister works on Windows 2000, XP and 2003.
1b0ca41806349a159ce574a456c315dd3950d77e4c3d6d18d250afd51bdfc37e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed