The Microsoft Windows 2000 Help facility does not perform sufficient bounds checking on .cnt files. If a .cnt file containing an unusually long :Link URI was opened by the Windows Help facility, a buffer would be overrun, allowing the execution of arbitrary code.
A memory corruption vulnerability has been discovered in BitchX 1.0c19. This issue occurs when handling server-supplied data and may cause characters to be written to sensitive stack memory. As a result, it may be possible for a malicious IRC server to execute arbitrary commands on a vulnerable client.
It has been reported that tcpdump is vulnerable to a denial of Service when some packet types are received. By sending a maliciously formatted packet to a system using a vulnerable version of tcpdump, it is possible for a remote user to cause tcpdump to ignore network traffic from the time the packet is received until the application is terminated and restarted.
It has been reported that some models of the SGSN made by Nokia do not properly handle remote requests for information. Vulnerable devices may disclose sensitive information which could enable an attacker to mount further attacks on network resources.
The Splatt Forum module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker could use the information gathered in this manner to mount further attacks against the host.
The News module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the information gathered in this manner to mount further attacks against the host.
The AvantGo module for PHPNuke has been reported prone to a vulnerability which, when exploited, may disclose sensitive path information to a remote attacker. An attacker may use the information gathered in this manner to mount further attacks against the host.
VPOPMail is vulnerable to command injection due to insufficient sanitization of user-supplied input. An attacker can manipulate URI parameters to include malicious system commands, which would be executed with the privileges of the web server process.
A vulnerability has been discovered in PGP4Pine. The problem occurs when parsing an email message for PGP data. Due to insufficient bounds checking, when processing lines of excessive length, a buffer may be overrun. This would result in sensitive locations in memory being overwritten with data supplied in the message. Successful exploitation of this issue may allow a remote attacker to execute arbitrary commands on a target system. All instructions executed would be run with the privileges of the users running the software.
A buffer overflow vulnerability exists in Multitech RouteFinder 550 VPN firmware release 4.63 and earlier. By passing excessive data to the device in an HTTP GET request, an attacker can corrupt memory and cause a denial of service. It is also possible for an attacker to execute arbitrary commands.
Services By CQR