Hack In The Box 08 Graphic.
7e275a065b2c96294fad7571a416699e0d7ad8b59532fd600067e8da92370139
Gentoo Linux Security Advisory GLSA 200709-16 - Mattias Bengtsson and Philip Olausson have discovered a buffer overflow vulnerability in the function fcgi_env_add() in the file mod_fastcgi.c when processing overly long HTTP headers. Versions less than 1.4.18 are affected.
3093088bb71ab210ca1f21d2bbb63f87f37f0b88f1048feeb1a9f595f50aa2a1
Gentoo Linux Security Advisory GLSA 200709-17 - Mark Richters discovered a buffer overflow in the open_sty() function in file mkind.c. Other vulnerabilities have also been discovered in the same file but might not be exploitable. Tetex also includes vulnerable code from GD library (GLSA 200708-05), and from Xpdf. Versions less than 3.0_p1-r4 are affected.
ed78c59922461445cd909f77db27128732f72ccca3c1e1af03789734f2ac7444
Debian Security Advisory 1378-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. Evan Teran discovered a potential local denial of service (oops) in the handling of PTRACE_SETREGS and PTRACE_SINGLESTEP requests. Adam Litke reported a potential local denial of service (oops) on powerpc platforms resulting from unchecked VMA expansion into address space reserved for hugetlb pages. Steve French reported that CIFS filesystems with CAP_UNIX enabled were not honoring a process' umask which may lead to unintentionally relaxed permissions. Wojciech Purczynski discovered a vulnerability that can be exploited by a local user to obtain superuser privileges on x86_64 systems. This resulted from improper clearing of the high bits of registers during ia32 system call emulation. This vulnerability is relevant to the Debian amd64 port as well as users of the i386 port who run the amd64 linux-image flavor. Michael Stone reported an issue with the JFFS2 filesystem. Legacy modes for inodes that were created with POSIX ACL support enabled were not being written out to the medium, resulting in incorrect permissions upon remount.
a56c85f0ecdf3e651d2434a366021bc2c8d68d25429c3ec3ac903a06e6f3497b
Mandriva Linux Security Advisory - A buffer overflow vulnerability was discovered in t1lib due to improper bounds checking. An attacker could send specially crafted input to an application linked against t1lib which could lead to a denial of service or the execution of arbitrary code.
a8026709adc16ea23d550adf126409481245d3028976c88f515711b3d24aea52
iDefense Security Advisory 09.27.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Computer Associates International Inc.'s (CA) BrightStor HSM allows attackers to execute arbitrary code with SYSTEM privileges. These problems specifically exist within various command handlers in the CsAgent service. There are eleven command handlers that contain one or more stack based buffer overflow vulnerabilities each. All of these vulnerabilities are simple sprintf() calls that overflow fixed size stack buffers with attacker supplied data. Additionally, there are five command handlers that are vulnerable to integer overflow vulnerabilities. In addition to this, the function responsible for reading in and dispatching a request to the appropriate handler also contains an integer overflow vulnerability. iDefense has confirmed the existence of these vulnerabilities in Computer Associates BrightStor HSM version r11.5. Previous versions may also be affected.
3d9fe570146e0a06df94ce7623638630d7d96e1cc82bd6f5fff193c4ce9c5e51
IntegraMOD Nederland version 1.4.2 suffers from a remote file inclusion vulnerability.
c18d630a0995ca3cc89ee83e4abd52a27fa505389db37da92a394e90b5b7722f
Chupix CMS version 0.2.3 suffers from a remote file inclusion vulnerability.
a4e953901d2a70f58038414dd8415b25e8d4e55d7af26f54cdf81ae81e2e37a9
lustig.cms BETA version 2.5 suffers from a remote file inclusion vulnerability in forum.php.
1c5ce0430a7ee0d8823d612e455cf0d1f02aac4aad55020743d7ad457aca07e5
Local root exploit for the x86_64 Linux kernel ia32syscall emulation bug.
8d91a3219d851d8406ae0d6bc5f4d6d08474c37d42d187149534fafa463a0295
The Promise NAS NS4300N web GUI allows an administrative user to change the root password.
296acc5d1ca21ed112707b6bddc76675c50f0159dfb90a26d10bdc0466809919
OpenSSL versions before 0.9.7m and 0.9.8e suffer from an off-by-one buffer overflow in SSL_get_shared_ciphers().
14554756f6b961b55d3c66f67ef71356931c21b86d987c2959039bdbdf012665
NukeSentinel version 2.5.12 suffers from a critical SQL injection vulnerability.
8609aaa24647aa6d87049087ff33424aec448d0783a2661c0daf4ed2c1fddc9e
SiteX CMS is susceptible to an unauthorized file upload vulnerability.
f140776b42ea2d5cfcabf66ae5f0716bd312a92afebbe27bf5a4c4df5a2838a4
NukeSentinel version 2.5.11 suffers from another critical SQL injection vulnerability.
751572a1ba8344ba43dfda90368c4ff5c343d4c58e533eea361458d6dc46e8a5
SiteX CMS version 0.7.3 Beta is susceptible to a SQL injection vulnerability.
af8c767f684397966c70f06cbee096e2f2b77708232e24509fb8f58e529c878f
Cisco Security Advisory - Cisco Catalyst 6500 and Cisco 7600 series devices use addresses from the 127.0.0.0/8 (loopback) range in the Ethernet Out-of-Band Channel (EOBC) for internal communication. Addresses from this range that are used in the EOBC on Cisco Catalyst 6500 and Cisco 7600 series devices are accessible from outside of the system. The Supervisor module, Multilayer Switch Feature Card (MSFC), or any other intelligent module may receive and process packets that are destined for the 127.0.0.0/8 network. An attacker can exploit this behavior to bypass existing access control lists that do not filter 127.0.0.0/8 address range; however, an exploit will not allow an attacker to bypass authentication or authorization. Valid authentication credentials are still required to access the module in question.
d6651fc0cc8bf0819bf2d81153fe0bf85e0cb9c2ab0437f6f9fc89515635ec02