This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the szone_free() to overwrite the size() or free() pointer in initial_malloc_zones structure. OSX version.
41df3765c835402280aab01fc03d46c9b2c7b29c3dc978680897dd0fb25af88eThis Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method (credit Ramon and Adriano), which only works with Samba versions 3.0.21 through 3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher than "2". Solaris version.
de2f7abb618670f26477578d2cf35a14414c6516b9a7f7271f2d1b1d3ca0ba65This Metasploit module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method (credit Ramon and Adriano), which only works with Samba versions 3.0.21 through 3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher than "2". Linux version.
ecad9d88ed773b5eba7139281a534e16adc238b07ada385028643a4c54900d67Mandriva Linux Security Advisory - A vulnerability in the RAR VM in ClamAV allowed user-assisted remote attackers to cause a crash via a crafted RAR archive which resulted in a NULL pointer dereference.
5bd6f768c2ae91923dcae724be1114f97ea01aa9ddc53c7418e3a41d321b7fecKiwicon '07 Call For Papers - Kiwicon '07 will be a largely informal conference, organized by the security community for the security community. It will be held in Wellington, New Zealand, on the weekend of the 17th and 18th of November, 2007.
770669ef9174806a2a98bf2bc584b87632fbfa72fede610d04f510c61fed8270Mandriva Linux Security Advisory - The DNS query id generation code in BIND9 is vulnerable to cryptographic analysis which provides a 1-in-8 change of guessing the next query ID for 50% of the query IDs, which could be used by a remote attacker to perform cache poisoning by an attacker. As well, in BIND9 9.4.x, the default ACLs were note being correctly set, which could allow anyone to make recursive queries and/or query the cache contents.
6b86dfec16962004867daf39c7cfdac46f389704063d633f444e270dcfe9bb1bDebian Security Advisory 1341-1 - Amit Klein discovered that the BIND name server generates predictable DNS query IDs, which may lead to cache poisoning attacks.
88410bd247777324f4bc7b4a5f630f56927bb335206462a9bc6b463559bd8022A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of BakBone NetVault Reporter. User interaction is not required to exploit this vulnerability. BakBone NetVault Reporter version 3.5 prior to Update4 is susceptible.
c3eba9e3a239ceea1a75f4975440e4f47f2979ceeb1fcddc729b4d6201491bbcThe Mozilla application platform currently has an unpatched input validation flaw which allows you to specify arbitrary command line arguments to any registered URL protocol handler process. Thunderbird version 2.0.0.5 fixes this. Full exploits included.
b87dd83511bb3193b27560787656bb08cbc129eb12d1eb43241e8ff546fbf7fbMitridat's Form Processor Pro suffers from cross site scripting vulnerabilities.
566d7fda7a4e1adf92ab3b359ce8625c0ac40ac810f5d475c731cebe8cbb296eGentoo Linux Security Advisory GLSA 200707-11 - kadmind is affected by multiple vulnerabilities in the RPC library shipped with MIT Kerberos 5. It fails to properly handle zero-length RPC credentials (CVE-2007-2442) and the RPC library can write past the end of the stack buffer (CVE-2007-2443). Furthermore kadmind fails to do proper bounds checking (CVE-2007-2798). Versions less than 1.5.2-r3 are affected.
33f574675877e6e34e428ed47ba0d62856a4d1f17a20853263cf9c824e89339fGentoo Linux Security Advisory GLSA 200707-10 - Konstantine Shirow reported a vulnerability in default Gentoo configurations of Festival. The daemon is configured to run with root privileges and to listen on localhost, without requiring a password. Versions less than 1.95_beta-r4 are affected.
fe4b3ef3de4f1b7f92b7689b719c1e0cd81f66b4230c08736b7eb4bfe923b085Gentoo Linux Security Advisory GLSA 200707-09 - Sean Larsson from iDefense Labs discovered multiple integer overflows in various GIMP plugins (CVE-2006-4519). Stefan Cornelius from Secunia Research discovered an integer overflow in the seek_to_and_unpack_pixeldata() function when processing PSD files (CVE-2007-2949). Versions less than 2.2.16 are affected.
b640f357c376ba327779e33a6913b26e034899598eb5cb23b3c1dafd75891c02Mandriva Linux Security Advisory - An integer overflow in tcpdump could allow a remote attacker to execute arbitrary code via crafted TLVs in a BGP packet.
2f982f2161f3356e5da0b292f0f1e0ef5c469b4c2135e3c8610f27cd40edbfa1Ubuntu Security Notice 491-1 - A flaw was discovered in Bind's sequence number generator. A remote attacker could calculate future sequence numbers and send forged DNS query responses. This could lead to client connections being directed to attacker-controlled hosts, resulting in credential theft and other attacks.
bff534758165f1f2510a0d68e2038678636558282c0ef43fb9ce4fc837514132Clever Internet ActiveX Suite version 6.2 arbitrary file download/overwrite exploit that makes use of CLINETSUITEX6.OCX.
d6a392f3c1363b79d87f532f253f55b45415f2dc106c486b6c6e87094b9520c6IPSwitch IMail server 2006 SEARCH remote stack overflow exploit. Binds a shell to port 1154.
b5435382b53d5e12ca72274477308b144b194b6e9c81f213dbda373a92218328IndexScript versions 2.8 and below suffer from a SQL injection vulnerability in showcat.php.
1100602100f77adb05ad45735391639e49021305360d88d105d205e3ef2a46fcWebyapar version 2.0 suffers from multiple SQL injection vulnerabilities.
3ee3e4499cc66037cc1f076b120a23d6da2764f3b7226d1f629898c8d98d9814ifoto version 1.0 suffers from a directory traversal vulnerability.
515f80aeae4c062e76087e67bcaf8da27e538714cd8b5c87bb1ab74a17b91c67A denial of service vulnerability exists in CA eTrust Antivirus when parsing .CHM files. The vulnerability is present in CA eTrust Antivirus software previous to file arclib.dll version 7.3.0.9.
456f1593f1c7a4bd074c2182ce0fd75e3dc29468994fc5830bbb56719be5eff6Denial of service exploit for Microsoft Windows XP and Vista that uses ARP.
521d20576bef0e344d07aa66023e71bc289eb0f833d90bbd647ea744f24f7996OpenPKG Security Advisory - BIND 9 versions 9.4.1-P1 and below suffer from multiple vulnerabilities that allow for recursive queries and cache poisoning.
c368a04ffba7fa0bd16a6fd660ba328818e7e86d86faf603e8fd15ff53b9f706Vikingboard version 0.1.2 suffers from multiple cross site scripting vulnerabilities.
4152f6d418d3657569e6f20922d2c74245012db460756216c446753cdd84eceeVikingboard may disclose sensitive information via the debug variable.
d8ec1b54380cdc906a660ece72c26a22cdd39b072675e97aa92cad332dc7e9d8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed