ksb26 [Kernel SOCKS Bouncer] is a Linux Kernel 2.6.x Loadable Kernel Module that that redirects tcp connection (to user-defined target hosts) through socks 4/5 chains. This is obviously quite useful if you want to transparently tunnel certain things through a given proxy to remain anonymous, or if you want to be able to sniff certain network traffic transparently.
7b0c7c9721ff3b547506a51fc009dec734716c84cb16c991ee9373228c98b5fbGolden Ftp Server Pro version 2.52 suffers from a directory traversal vulnerability.
fd19d17533a88ed38fa3c31bec9d660c6f4afadd17e6668d8a8e20c1c039de05The C Code Analyzer (CCA) is a static analysis tool for detecting potential security problems in C source code. It's fully automatic; no code annotations or the like are required. It features an automatic user input tracer, potential buffer overflow detection, and more. An eclipse front-end plugin is included.
5d74391e149b1f0f985f97eee613874bc72c6cb0570f533ca7438927fc5a3d77RaidenFTPD versions below 2.4.2241 allow for a directory traversal attack via urlget.
b157b789ba21b614aa3d84f4e229b30854ba58b5ca1aa2b90b36bcb7f08773c5Video Cam Server version 1.0.0 is susceptible to a directory traversal attack.
ada3a5328ddaa14bdc136ad11e095dc6ab58a6c24f3b0f31394aa705cb84dc7dCMS Made Simple has a cross site scripting vulnerability.
21cd8c5ae9fdd9b4369221dfae8b8053792af0ac1b701f001bc7b6db27b8c781PROPS has a cross site scripting vulnerability.
5e8dfb2ca4883736a3217089e4d9665fcc154044472d541ebf1ee57b173ffe58Ovidentia has a cross site scripting vulnerability.
aab632b4f7ca95ef0f288b8147d3eb759ca0490964eb652b86d5472e360c91a8Wordpress has a cross site scripting vulnerability.
ad8a89de323a90ed1a5c6de1d636b3c5555167a92cd2d163b6a3c15d45079f41Exponent suffers from a cross site scripting vulnerability.
17391fe57e89c0f09aec93ab7a628fa3f9c6bcbc7581b85c7cf6198214ca4bfdClevercopy suffers from a cross site scripting vulnerability.
0db8a163f89b6ef31bfb82f064aa53461ea16b6a8ecaf6cd100e4c29b3a2ddabGentoo Linux Security Advisory GLSA 200505-20 - infamous41d discovered several vulnerabilities in GNU Mailutils. imap4d does not correctly implement formatted printing of command tags (CVE-2005-1523), fails to validate the range sequence of the FETCH command (CVE-2005-1522), and contains an integer overflow in the fetch_io routine (CVE-2005-1521). mail contains a buffer overflow in header_get_field_name() (CVE-2005-1520). Versions less than 0.6-r1 are affected.
c2fb67e7ef5e9d7869519665523ab1b56b6a1f13618b8118efd53ef25ee92044Gentoo Linux Security Advisory GLSA 200505-19 - Exworm discovered that gxine insecurely implements formatted printing in the hostname decoding function. Versions less than 0.4.4 are affected.
ff8bdf466cde935fabc1f41a965e7bcc0c76a699d5691dbb519735aab32494e5Gentoo Linux Security Advisory GLSA 200505-18 - The fixproc application of Net-SNMP creates temporary files with predictable filenames. Versions less than 5.2.1-r1 are affected.
55ae58d4091c9513eec1db8f4df5e6697cdf1f1e7a159b4294f30dc6b5b91720Gentoo Linux Security Advisory GLSA 200505-17 - Jens Steube discovered that Qpopper doesn't drop privileges to process local files from normal users (CVE-2005-1151). The upstream developers discovered that Qpopper can be forced to create group or world writeable files (CVE-2005-1152). Versions less than 4.0.5-r3 are affected.
5f79ff0a88cc0ec2c54f6ceed5e00a22614019b40a6b651f22b9fb0d59a11434Gentoo Linux Security Advisory GLSA 200505-16 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a Denial of Service vulnerability in the XWD decoder of ImageMagick and GraphicsMagick when setting a color mask to zero. Versions less than 6.2.2.3 are affected.
7cd890831c972168a96e842608bd68f5ae3853773f99cba71d5868a21d6da6e4Gentoo Linux Security Advisory GLSA 200505-15 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the BFD library, resulting in a heap overflow. A review also showed that by default, gdb insecurely sources initialisation files from the working directory. Versions less than 6.3-r3 are affected.
a438150f4f7635d000ccf3b00ec02b17b42aa4f822c4d5404b56c1e3ee3fa395Gentoo Linux Security Advisory GLSA 200505-14 - Brian Bird discovered that Cheetah searches for modules in the world-writable /tmp directory. Versions less than 0.9.17-rc1 are affected.
853bd930b30b1dc75326033673188777ab4477db6183a979bd5d53e35f1ff993Gentoo Linux Security Advisory GLSA 200505-13 - Primoz Bratanic discovered that the sql_escape_func function of FreeRADIUS may be vulnerable to a buffer overflow (BID 13541). He also discovered that FreeRADIUS fails to sanitize user-input before using it in a SQL query, possibly allowing SQL command injection (BID 13540). Versions less than 1.0.2-r3 are affected.
f0e8ee31b44589588be2f25ad27a3e4ee5e6a3d3ebf3acbeef7867a4d0644570Gentoo Linux Security Advisory GLSA 200505-12 - PostgreSQL gives public EXECUTE access to a number of character conversion routines, but doesn't validate the given arguments (CVE-2005-1409). It has also been reported that the contrib/tsearch2 module of PostgreSQL misdeclares the return value of some functions as internal (CVE-2005-1410). Versions less than 8.0.2-r1 are affected.
f343524cabdc8563fd558ecf9418e6857706907df010ed93fb9711dc15817069Gentoo Linux Security Advisory GLSA 200505-11 - The Mozilla Suite and Firefox do not properly protect IFRAME JavaScript URLs from being executed in context of another URL in the history list (CVE-2005-1476). The Mozilla Suite and Firefox also fail to verify the IconURL parameter of the InstallTrigger.install() function (CVE-2005-1477). Michael Krax and Georgi Guninski discovered that it is possible to bypass JavaScript-injection security checks by wrapping the javascript: URL within the view-source: or jar: pseudo-protocols (MFSA2005-43). Versions less than 1.0.4 are affected.
6b81a217ce3f87b99e5aadf53821e66be801d2bc37dc498629b18c3918b3ad7cGentoo Linux Security Advisory GLSA 200505-10 - phpBB is vulnerable to a cross-site scripting vulnerability due to improper sanitization of user supplied input. Coupled with poor validation of BBCode URLs which may be included in a forum post, an unsuspecting user may follow a posted link triggering the vulnerability. Versions less than 2.0.15 are affected.
9d4330f075d84b5e3a57149a41002a7d4ac072e81cac2868e4e27c0b7a6f36d4Gentoo Linux Security Advisory GLSA 200505-09 - Stu Tomlinson discovered that Gaim is vulnerable to a remote stack based buffer overflow when receiving messages in certain protocols, like Jabber and SILC, with a very long URL (CVE-2005-1261). Siebe Tolsma discovered that Gaim is also vulnerable to a remote Denial of Service attack when receiving a specially crafted MSN message (CVE-2005-1262). Versions less than 1.3.0 are affected.
52d6d35d922abc92a5c62a156c06b0a964358c9c04b130bca8c8ab047e64a971Gentoo Linux Security Advisory GLSA 200505-08 - Tavis Ormandy of the Gentoo Linux Security Team discovered an integer overflow in the ELF parser, leading to a heap-based buffer overflow. The vendor has reported that an unrelated buffer overflow has been discovered in the PE parser. Versions less than 0.8.0-r2 are affected.
bb50f3d10e9687ec9e2dcff2d81fd8f709c3bc9465d6ba8708274ced00dc0797Gentoo Linux Security Advisory GLSA 200505-07 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a stack based buffer overflow in the libTIFF library when reading a TIFF image with a malformed BitsPerSample tag. Versions less than 3.7.2 are affected.
10f00fb5875050a3e524daa001dab1ae2df6cb0acba56164a9325e4481f90dbf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed