The Internet Anywhere Mail Server has weaknesses that allow an attacker to remotely crash the server. Sending abnormally long arguments with certain POP3 and SMTP commands will cause the server to crash. These vulnerabilities have been exploited as denial-of-service attacks but could potentially be used for remote shell exploits.
Certain versions of AnyForm CGI did not perform user supplied data sanity checking and could be exploited by remote intruders to execute arbitrary commands. The commands were issued as the UID which the web server runs as, typically 'nobody'. The exploit involves creating a form with a hidden field and submitting it to the AnyForm CGI on the server.
Certain versions of Ascends (Lucent) router software listen on port 9 (UDP Discard). An attacker can send a specially formatted packet to UDP port 9 that will cause MAX and Pipeline routers running certain software versions to crash.
Certain versions of Ascends (Lucent) router software listen on port 9 (UDP Discard). An attacker can send a specially constructed UDP packet to the port 9 that will cause the routers to crash.
The PHP/FI package, specifically versions shipped with mylog.html and mlog.html, is vulnerable to an insecure file inclusion vulnerability. The issue arises from the lack of escaping slashes in the include statement, allowing an attacker to specify any file on the system and view its contents. By manipulating the 'screen' parameter in the URL, an attacker can access files accessible to the http daemon user id.
The phpMyBackupPro application is vulnerable to Local File Inclusion. The vulnerability exists in the definitions.php file, where user-supplied input is not properly validated before being used in a file include function. An attacker can exploit this vulnerability to include arbitrary files from the server, leading to remote code execution.
There is a buffer overflow in the Internet Explorer Registration Wizard control (regwizc.dll). This control is marked 'Safe for Scripting'. Arbitrary commands may be executed if the control is run in a malicious manner.
This exploit allows an attacker to disclose passwords in Emesene, a software used for instant messaging. The script reads a file called 'users.dat' located in the '.config/emesene1.0' directory and prints out the email and corresponding password in clear text. This vulnerability can be exploited if the user has enabled the 'remember password' feature.
There is a buffer overflow in the 4.71.0.10 version of the MSN Setup BBS ActiveX control (setupbbs.ocx). This ActiveX control is marked 'Safe for Scripting'. Arbitrary commands may be executed if the ActiveX control is run in a malicious manner.
A buffer overflow vulnerability in GNOME's shared libraries handling of the 'espeaker' command line argument may allow local users to attack setuid binaries linked against these libraries to obtain root access.
Services By CQR