Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "send_mailslot()" function. This can be exploited to cause a stack-based buffer overflow with zero bytes via a specially crafted "SAMLOGON" domain logon packet containing a username string placed at an odd offset followed by an overly long GETDC string. Samba version 3.0.27a is affected.
376828bcf7196a6f58b655b7aa9db87615a7a3a43f8bd8bb0026f562a2b0bbbbWordPress suffers from a charset remote SQL injection vulnerability.
c4922041081fb83f07587e9397942e70b467c3ab4c837d76561e96ba931f84bcThe Serendipity blog system contains a plugin to display the content of feeds in the sidebar (serendipity_plugin_remoterss). If an attacker can modify the RSS feed, it is possible to inject javascript code in the link part, because it is not correctly escaped. Versions below 1.2.1 are affected.
532a5907669cbc68a7275efbcc42fe90f3ef0ef37fef8ab43b25ea77019e9b13Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect is only be exploited when the "domain logons" parameter has been enabled in smb.conf. Samba versions 3.0.0 through 3.0.27a are affected.
7be840f338968d163f66836652eabb8e43e8b074bb11c1088262591d3245d4a5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed