Sending crafted packets to a 2.6 series kernel with netfilter rules matching TCP options (using the --tcp-option match) may result in a Denial of Service.
28a31023e011acd43ed42575cb7c55864db29f0f4463ce4e22d18f0616b771b0Lotus Domino versions 6.5.1 and newer allow for a crash of the complete server when a client attempts to open up large email messages.
c863f377714ee793987ca641e89b97e2a9c985276e7df71aad4774fe8082568bHP advisory against running Netscape on HP-UX platform.
a72a850733bc195347ebf860a972d445623600a72e9289d3018140620f0dad84Cisco Security Advisory: Cisco Collaboration Server (CCS) versions earlier than 5.0 ship with ServletExec versions that are vulnerable to attack where unauthorized users can upload any file and gain administrative privileges.
c27435809679f62f710dbc1cabebb748075a1a39b8ec098aa8b1b57ef052d7c0There is a remotely exploitable bug in all Linux kernel 2.6 series due to using an incorrect variable type. The vulnerability is connected to the netfilter subsystem and may cause denial of service.
6f09bd6743231d03859c045e5fc8585f6cf520ffeea8f3dd74a58d2152406393The Prestige 650HW-31 is susceptible to a denial of service attack when supplied with an overly long password string.
a171e099b3c6f9636623d0144066db02fed88a4589c5086b44b93f9c026c5bafGentoo Linux Security Advisory GLSA 200406-22 - Pavuk contains a bug potentially allowing an attacker to run arbitrary code.
ebb810e4bedd7600c3a44346577c4f3e6b4e24b4a167c1ba9af18ad914c39946There exists multiple integer overflows in routines that handle copying in user supplied data for the Linux Sbus PROM driver. They allow for a local denial of service attack and possible code execution.
d82e6c596490895e4fdf7268fb5bd8cee56764769900a142ebd3a32e518925b8A potential vulnerability has been identified in the HP-UX ARPA Transport which could be exploited by a local user to create a Denial of Service. Impacted versions: HP-UX B.11.00, B.11.04, B.11.11.
17f663c163cc0a1b3955e0baaedcee9ff9074517b9c67194e9c1726046d3f4cbA potential vulnerability has been identified with HP-UX running ObAM 5.0 with the WebAdmin capability enabled. This vulnerability could be exploited remotely to allow unauthorized access. Impacted version: HP-UX B.11.11 running ObAM 5.0.
a5d595e7e8db5feb1e24a0320f356a22d80058000f4edf28636fd3d517698024A vulnerability in JUNOS can be exploited by transmitting specially-crafted IPv6 packets.
12ff91720d4131c0c520633c03bd6f056ede06b3fb7f9246677476486695d7b3A security issue has been discovered in BEA WebLogic, potentially allowing unauthorised users to access affected web applications. Due to improper filtering of data, an asterisk may be used in a spot to allow for a random user to get loaded into a role. The issue affects WebLogic Server and WebLogic Express version 8.1 and 7.0.
7dbb3e1ef8269fddff36b4231c3c003fb8a07bf8f1ece8e1cfcd8c3cb95191b5There is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.
a8cc5f8ac30aaea07627d9adc2917e311c049a9732c8e5df1d08b9e3855672e0Confixx Pro 2 and 3 are susceptible to an attack where files in /root can be accessed due to an error in the backup script.
e3a9ee63cd35f3378997d12f529189f75d0e6e0f0b1e74d1c4cc326272ac4347Two authentication errors within a verify_x509cert() function allows for malicious people to bypass security restrictions. Affected products include: superfreeswan 1.x, openswan 1.x to 2.x, strongSwan below 2.1.3, and any version of FreeS/WAN 1.x or 2.x with the X.509 patch.
253023ac78a99200fa4a578eb2c552042b67862d2e97d6c8f5ec337c052c25e6Secunia Security Advisory - Valerie Holfield has discovered a vulnerability in phpmyfamily, which can be exploited by malicious people to gain edit privileges. It is possible to be automatically logged in as user nobody when clicking to download a document and then leaving the page. This grants the person ability to add people, change information, upload and delete documents and images.
ef0bd9a2a68bcae1d6b1b92976dc9b320fce5d68f1024b28d5795349f5c19787An off-by-one condition exists in the POP3 handler code present in popclient 3.0b6. By crafting a malicious email a remote attacker may cause a denial of service against users of this software.
37477ee91fb39858381402adf7f0db7f0667492f2d0b8d2109a09061ffc25866A remote exploit has been discovered in the Apache 2.0.49 HTTP server which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached.
d52c9414d2197f648b3d31a6f01f66b36cd2811cf96502d02d2519eb5d7614b1Original research data regarding ISC DHCPD 3.0.1 rc12 and rc13 denial of service attacks.
af7361e4caaf6e24854e73423f133ae3002cdac83b977215361840b8ae51b713csFAQ is susceptible to a path disclosure vulnerability.
e82731bb7aafdfb21d28fa46bad6977a00deffb2a4e5fb1caabc0fdedba9efaaPowerPortal version 1.x suffers from full path disclosure, cross site scripting, and arbitrary directory browsing flaws.
c2ead58aa5b18cef122380780b1677c7bfd50ea35b5f30c403f12cce123047e2CuteNews version 1.3.1 is susceptible to a cross site scripting flaw.
7ed2bbb81e542045e1ee215883d3871bb25403d00ee7161199bfb071268e10bdDuring the client-side Windows installation of Lotus Notes, a notes: URL handler is registered in the registry. An argument injection attack allows an intruder to pass command line arguments to notes.exe, which can lead to execution of arbitrary code.
7f1d5d7fa6e4854573d335dc29ba01617e06478c0fbeabab00dc2a8338959037The Zone-H Security Team has discovered a SQL injection flaw in Infinity WEB that allows malicious attackers to bypass the authentication mechanism without having an account.
38f4ddea3d5eb05ff4217cd5f69e210542b334b36ba152257c34449d81ff759eartmedic_links 5, the PHP script, is susceptible to a file and URL inclusion vulnerability.
fcb5bd9d71d92305c88ad7546002bb9461b97c61d6b4476192e7c92d834817af
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed