It has been reported that a vulnerability in the handling of some types of requests exists in lprm. When an attacker sends a maliciously crafted string to a configured printer through the lprm command, it may be possible to execute code.
A vulnerability exists in Password Wizard configured to generate Java applets to password protect pages. Specifically, the authentication credentials are stored in the HTML code. The credentials may be encrypted using an algorithm that can be cracked by an attacker. An attacker can simply view the HTML source code to obtain authentication credentials.
A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names. An attacker is able to exploit this vulnerability by creating a malicious folder name of excessive length. When a virus scan is initiated, processing the folder name will trigger the buffer overflow condition. Successful exploitation of this issue will result in the execution of attacker-supplied code with the privileges of the Dr. Web virus scanner process.
A vulnerability has been reported in the 3Com Superstack 3 Firewall. HTTP content filters put in place by the device fail to assemble fragmented data, potentially allowing an attacker to access unauthorized web sites. An attacker could exploit this vulnerability by connecting a web server using a protocol in which data is fragmented when transferred.
It has been reported that a stack overflow exists in the file program. It is likely that this issue could be exploited to execute code as the user invoking file. An exploit code is provided which does cp /bin/sh /tmp/.sh;chmod 4755 /tmp/.sh and also echos the correct filename followed by ': data'. This exploit works without silly targets or offsets.
It has been reported that a memory allocation issue exists the file program. Although details of this issue are currently unavailable, it is likely that this issue could be exploited to cause a denial of service condition, and potentially execute code as the user of the file utility.
Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploit this vulnerability by setting the XLOCALEDIR environment variable to an overly long value. When the vulnerable utilities are executed, the buffer overflow vulnerability will be triggered.
Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploit this vulnerability by setting the XLOCALEDIR environment variable to an overly long value. When the vulnerable utilities are executed, the buffer overflow vulnerability will be triggered.
Several XFree86 utilities may be prone to a buffer overflow condition. The vulnerability exists due to insufficient boundary checks performed by these utilities when referencing the XLOCALEDIR environment variable. A local attacker can exploit this vulnerability by setting the XLOCALEDIR environment variable to an overly long value. When the vulnerable utilities are executed, the buffer overflow vulnerability will be triggered.
A problem with JetDirect printers could make it possible for a remote user to gain administrative access to the printer. It has been reported that HP JetDirect printers leak the web JetAdmin device password under some circumstances. By sending an SNMP GET request to a vulnerable printer, the printer will return the hex-encoded device password to the requester. This could allow a remote user to access and change configuration of the printer.