Gentoo Linux Security Advisory GLSA 200904-14:02 - An error in F-PROT Antivirus may lead to a Denial of Service. Jonathan Brossard from iViZ Techno Solutions reported that F-PROT Antivirus does not correctly process ELF binaries with corrupted headers. Versions less than 6.0.2 are affected.
82d28bc1a529f6c35f7c71015ff9ee684721401f31f8cd7e77d3d1b1146faeb4Gentoo Linux Security Advisory GLSA 200904-13 - A vulnerability has been discovered in Ventrilo, allowing for a Denial of Service. Luigi Auriemma reported a NULL pointer dereference in Ventrilo when processing packets with an invalid version number followed by another packet. Versions less than 3.0.3 are affected.
66dd41cd38bd5c170217b8a4502deabda0f4e6560c706854c3660e425ba72045Zero Day Initiative Advisory 09-017 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Applications Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Oracle Process Manager and Notification (opmn) daemon which is an HTTP daemon listening on a TCP port above 6000. The daemon fails to properly handle format string tokens in the POST URI when logging to the file $ORACLE_HOME/opmn/logs/opmn.log. Exploitation of this issue can result in arbitrary code execution.
d4a0cae85f98836a15a513e84a677bf8efe05f9345b1dae4573ab58863fa97d9Technical Cyber Security Alert TA09-104A - Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Windows Server, and ISA Server.
9b04e5e2a87dfc9f3da504bcc671faffbfb29a475348c6d8ffbd50699cc618ediDefense Security Advisory 04.14.09 - Exploitation of a stack corruption vulnerability in Microsoft Corp.'s Word 2000 WordPerfect 6.x Converter could allow an attacker to execute code in the context of the current user. Microsoft Word is able to open documents created in other applications by transparently applying a filter module which converts them to a format Word can use. The WordPerfect 6.x converter from Office 2000 fails to perform sufficient sanity checking on input files. A maliciously constructed WordPerfect document can cause potentially exploitable stack corruption. iDefense Labs have confirmed that the WordPerfect 6.x converter (WPFT632.CNV, with file version 1998.1.27.0) in Microsoft Word 2000 Service Pack 3 is vulnerable. However, the version of this converter installed with Word 2003 is not affected by this vulnerability.
d7e06c594ee675783098ca1a2f12b2ee798b05b631ffdf21d98e79bb64fc7399Whitepaper called How Conficker makes use of MS08-067.
c85e38425c879865b44dab94c6cdc62028015e130f3558fc226371b1a7cead19The Bug! Magazine numero 0x03. Written in Portuguese.
c5179579ef3303f3dd17d97d311560d849797321294cf8ff8290ae1aadec8e66
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed