Whitepaper discussing intrusion detection system evasion. It specifically focuses on polymorphic attacks using scmorphism. This document is written in Brazilian Portuguese.
4c01788c64835335cd4d03cfe30a9b30ba0acb96462888063ab547453608b1d0Bigwebmaster Guestbook versions 1.0.2 and below suffer from cross site scripting flaws.
c9cca4c093f598a1257dd03cc910c0d0601370b28c6f1f9e9f5274df891f8e53CuteGuestbook is susceptible to cross site scripting attacks.
02b73543425bd93a8ea0cef739a024abdf91289a44c374148431fbf3f71ed1b5There is a log manipulation vulnerability in Microsoft ISA Server 2004, which when exploited will enable a malicious user to manipulate the Destination Host parameter of the log file.
180e0b54cd958067ade383676e274a12124bedb9b441eba0612cd5038901f83aIt appears that Panda Antivirus and ClamAV may be susceptible to bypass for the "I Love You" virus when a simple variable is changed.
2af94d1600d05886722bf0eeb3dad39133549907d1afe1b06819c4fa835cf1f6Ubuntu Security Notice 280-1 - The Render extension of the X.org server incorrectly calculated the size of a memory buffer, which led to a buffer overflow. A local attacker could exploit this to crash the X server or even execute arbitrary code with root privileges.
4252ccbc2fa1be87bfa9830eeceead304eb917d6bbb3ed937fbe535b1568bf57Ubuntu Security Notice 281-1 - Multiple vulnerabilities have been discovered in the Linux 2.6 kernel. The sys_mbind() function did not properly verify the validity of the 'maxnod' argument. A local user could exploit this to trigger a buffer overflow, which caused a kernel crash. The SELinux module did not correctly handle the tracer SID when a process was already being traced. A local attacker could exploit this to cause a kernel crash. Al Viro discovered a local Denial of Service in the sysfs write buffer handling. By writing a block wit h a length exactly equal to the processor's page size to any writable file in /sys, a local attacker could cause a kernel crash. John Blackwood discovered a race condition with single-step debugging multiple processes at the same time. A local attacker could exploit this to crash the system. This only affects the amd64 platform. Marco Ivaldi discovered a flaw in the handling of the ID number of IP packets. This number was incremented after receiving unsolicited TCP SYN-ACK packets. A remote attacker could exploit this to conduct port scans with the 'Idle scan' method (nmap -sI), which bypassed intended port scan protections. Pavel Kankovsky discovered that the getsockopt() function, when called with an SO_ORIGINAL_DST argument, does not properly clear the returned structure, so that a random piece of kernel memory is exposed to the user. This could potentially reveal sensitive data like passwords or encryption keys. A buffer overflow was discovered in the USB Gadget RNDIS implementation. While creating a reply message, the driver did not allocate enough memory for the reply structure. A remote attacker could exploit this to cause a kernel crash. Alexandra Kossovsky discovered an invalid memory access in the ip_route_input() function. By using the 'ip' command in a particular way to retrieve multicast routes, a local attacker could exploit this to crash the kernel.
f07cfa72c65837f67fad1ccb0fdf321f1e3761c7e3af1e3608d6513ebf5ee200Debian Security Advisory 1051-1 - Several security related problems have been discovered in Mozilla Thunderbird. This advisory addresses those issues.
232c1e59451ba03dd106421d74bb4f3f9811b16a64b7cd1f747ecb410bee5574Albinator Pro versions 2.0.8 and below suffer from a remote command execution vulnerability. Exploit included.
7dc4733b402c6a4ad4bc2eb3761a00dae2cb10f8fd266a865534865bb5fc43derewterz has discovered a critical vulnerability in Sami FTP Server. This vulnerability may allow a remote attacker to overwrite memory with user controlled data and execute arbitrary code in the context of the user who executed the Sami FTP Server.
3a0cbc4bddf22efd49018ca85646aa9e1bf187168c0b13735ff7fac3d0d85ff6rewterz has discovered a critical vulnerability in XM Easy Personal FTP Server. This vulnerability may allow a remote attacker to overwrite memory with user controlled data and execute arbitrary code in the context of the user who executed the XM Easy Personal FTP Server.
77d331b4b7937322930da713b75459d0ce4f65cf43c0e3ae5ddf857cb1568703Mandriva Linux Security Advisory MDKSA-2006-082 - Several bugs were discovered in libtiff that can lead to remote Denial of Service attacks. These bugs can only be triggered by a user using an application that uses libtiff to process malformed TIFF images.
38743c1428f91d9aad98232a65e3557b789b0391414f626ed5d12a340f17cfb7OpenVPN version 2.0.7 allows for full authentication bypass due to having an administrative interface wide open via telnetd.
8fbdbc9c629ac63b345361fbdd8e3b97d91dec821bcfe5b9dcccf16c1f6162e3Ubuntu Security Notice 279-1 - Jayesh KS discovered that the nasl_split() function in the NASL (Nessus Attack Scripting Language) library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this vulnerability to cause the Nessus daemon to crash.
82f35fda1138e8ecebf21b1f0ac12d01b4fd5e721f8ad6382c3d5164747790e0Ubuntu Security Notice 278-1 - Marcus Meissner discovered a race condition in gdm's handling of the ~/.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts (like cron jobs), the attacker could eventually leverage this flaw to execute arbitrary commands with root privileges.
c94bf3a790de59e2145a73f203ef5ec6fe3fcd4cadef4be4005bd2f47cf19336PunBB version 1.2.11 suffers from a cross site scripting flaw.
a8c8a719646c3bd65c34c6d9fe39c1959af50f181fc3f8b9280c9ff5a82c32c0Debian Security Advisory 1050-1 - Ulf Harnhammar and an anonymous researcher from Germany discovered a vulnerability in the protocol code of freshclam, a command line utility responsible for downloading and installing virus signature updates for ClamAV, the antivirus scanner for Unix. This could lead to a denial of service or potentially the execution of arbitrary code.
9c4b762a70dff5cd5f6f80156cada5f3fe6b372dc0ebb9ad419336a64f893088Ubuntu Security Notice 277-1 - Tavis Ormandy and Andrey Kiselev discovered that libtiff did not sufficiently verify the validity of TIFF files. By tricking an user into opening a specially crafted TIFF file with any application that uses libtiff, an attacker could exploit this to crash the application or even execute arbitrary code with the application's privileges.
ba4e453f24970b3973ae9d131096186a83cba08cbb8ffdaef37aaeeff2993f3aSUSE Security Announcement SUSE-SA-2006-023 - Miscalculation of a buffer size in the X Render extension of the X.Org X11 server could potentially be exploited by users to cause a buffer overflow and run code with elevated privileges.
52d90b0b78168a60644274e0a3f413c07be58b05e633809e2a7b89236c5a4fc1BankTown Client Control 1,4,2,51817 suffers from a buffer overflow related to ActiveX.
b11b763682cb2694a7443738ac43746545cc4dbf1b10f7f0ffdb6bd762eb3807Ubuntu Security Notice 276-1 - A large number of mozilla-thunderbird related vulnerabilities have been patched for Ubuntu.
0d54d1afd2d2c09f93f209b3493047c92cd797d04fd014a8b876c31b3209fcbeA vulnerability exists in the way Ultr@VNC-1.0.1 handles MS-Login authentication.
e0a05d0fd6fb9c3497fadef1e2eaa09b466ae41c374bb1b1d791932fbb29e84fSmall write-up discussing dynamic evaluation vulnerabilities in PHP applications.
a217e9eefc906363f69f40b0accf98bbda961516dbf227b93297f62febc5822aQuagga RIPD suffers from an unauthenticated route injection issue. Verified on Quagga Suites 0.98.5 and 0.99.3.
32e8e4251d1b775980f3db64774374e5e04bb624043d2dba0af30a0de55e3369Quagga RIPD suffers from an unauthenticated route table broadcast issue. Verified on Quagga Suites 0.98.5 and 0.99.3.
c449513208a094287aa203473cbac6b648a2b8373c46461978e0b9894acac7e8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed