Security Corporation - Weekly Summary


Help - Search - Member List - Calendar Full Version: Security Corporation - Weekly Summary GovernmentSecurity.org > The Archives > Exploit Articles GaLiaRePt Sep 15 2003, 07:25 PM ================================================= Security Corporation - Weekly Summary - Issue #24 - 2003-09-15 http://www.security-corporation.com ================================================= Visit Security-Corporation for the latest security news. http://www.security-corporation.com Read newsletter archive : http://www.security-corporation.com/newsletter.html Put Security-Corporation Vulnerability Alerts on Your Web Site for Free! For more information: http://www.security-corporation.com/backend/ ADVISORIES ================================================= As always, if you've found a vulnerability, let us know by e-mail at: vuln@security-corporation.com Security advisories of the week : ------------- 2003-09-15 ------------- - Buffer Overflow in WideChapter Browser » http://www.security-corporation.com/articl...030915-000.html ------------- 2003-09-14 ------------- - ChatZilla remote DoS vulnerability » http://www.security-corporation.com/articl...030914-000.html ------------- 2003-09-12 ------------- - vbPortal SQL Injection vulnerability » http://www.security-corporation.com/articl...030912-001.html - Asterisk CallerID CDR SQL Injection » http://www.security-corporation.com/articl...030912-000.html ------------- 2003-09-11 ------------- - Gordano Messaging Suite - Multiple Vulnerabilities » http://www.security-corporation.com/articl...030911-008.html - Integer overflow in OpenBSD kernel » http://www.security-corporation.com/articl...030911-007.html - FTGate Pro Server - Multiple Vulnerabilities » http://www.security-corporation.com/articl...030911-006.html - Invision Power Board : XSS in [FONT] and [COLOR] tags » http://www.security-corporation.com/articl...030911-005.html - setgid man MANPL overflow » http://www.security-corporation.com/articl...030911-004.html - MySQL Buffer overflow vulnerability » http://www.security-corporation.com/articl...030911-003.html - myPHPNuke : Copy/Upload/Include Files » http://www.security-corporation.com/articl...030911-002.html - Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability » http://www.security-corporation.com/articl...030911-001.html - Two Exploitable Overflows in PINE » http://www.security-corporation.com/articl...030911-000.html ------------- 2003-09-10 ------------- - Buffer Overflow in UDP broadcasts for Microsoft SQL Server client utilities » http://www.security-corporation.com/articl...030910-002.html - Microsoft RPC Heap Corruption Vulnerability » http://www.security-corporation.com/articl...030910-001.html - Buffer Overrun In RPCSS Service Could Allow Code Execution » http://www.security-corporation.com/articl...030910-000.html ------------- 2003-09-09 ------------- - Winamp 2.91 lets code execution through MIDI files » http://www.security-corporation.com/articl...030909-003.html - Multiple Heap Overflows in FTP Desktop » http://www.security-corporation.com/articl...030909-002.html - Rogerwilco server buffer overflow vulnerability » http://www.security-corporation.com/articl...030909-001.html - WebX 1.1 web server Directory Traversal Vulnerability » http://www.security-corporation.com/articl...030909-000.html EXPLOITS ================================================= Security exploits of the week : ------------- 2003-09-15 ------------- - Mysql 3.23.x/4.0.x remote exploit » http://www.security-corporation.com/exploi...030915-001.html - Windows RPC DCOM DoS exploit » http://www.security-corporation.com/exploi...030915-000.html ------------- 2003-09-14 ------------- - ChatZilla v0.8.23 remote DoS exploit » http://www.security-corporation.com/exploi...030914-000.html ------------- 2003-09-13 ------------- - Windows 9x/NT Denial Of Service Exploit » http://www.security-corporation.com/exploi...030913-000.html ------------- 2003-09-11 ------------- - Microsoft Windows 98 Denial Of Service Exploit » http://www.security-corporation.com/exploi...030911-001.html - MyServer 0.4.3 Remote Denial Of Service Exploit » http://www.security-corporation.com/exploi...030911-000.html ------------- 2003-09-09 ------------- - RogerWilco server buffer overflow exploit » http://www.security-corporation.com/exploi...030909-001.html - Realplayer 9 Unix Local Privileges Escalation Exploit » http://www.security-corporation.com/exploi...030909-000.html DISLAIMER ================================================= The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. FEEDBACK ================================================= Please send suggestions, updates, and comments to: Security Corporation http://www.security-corporation.com info@security-corporation.com This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.

Invision Power Board © 2001-2005 Invision Power Services, Inc.