FrSIRT Security Advisories

FrSIRT Security Advisories http://www.frsirt.com/english FrSIRT - Vulnerabilities and Security Advisories 24/7 en Copyright (c) FrSIRT.COM FrSIRT - TFTP Server SP Error Message Handling Buffer Overflow Vulnerability http://www.frsirt.com/english/advisories/2008/1468 A vulnerability has been identified in TFTP Server SP, which could be exploited by remote attackers to cause a denial of service or execute arbitrary code... 2008-05-09 FrSIRT - rdesktop Multiple Code Execution and Denial of Service Vulnerabilities http://www.frsirt.com/english/advisories/2008/1467 Multiple vulnerabilities have been identified in rdesktop, which could be exploited by attackers to cause a denial of service or execute arbitrary code... 2008-05-09 FrSIRT - SAP Internet Transaction Server "wgate.dll" Cross Site Scripting Issue http://www.frsirt.com/english/advisories/2008/1466 A vulnerability has been identified in SAP Internet Transaction Server, which could be exploited by attackers to execute arbitrary scripting code... 2008-05-09 FrSIRT - Sun Java System AS and WS JSP Source Code Disclosure Vulnerability http://www.frsirt.com/english/advisories/2008/1457 A vulnerability has been identified in Sun Java System Application Server and Web Server, which could be exploited by remote attackers to gain knowledge of sensitive information... 2008-05-08 FrSIRT - Sun Solaris Tcl GUI Toolkit Library Code Execution Vulnerabilities http://www.frsirt.com/english/advisories/2008/1456 Multiple vulnerabilities have been identified in Sun Solaris, which could be exploited by attackers to cause a denial of service or execute arbitrary code... 2008-05-08 FrSIRT - Sun Java System Web Server Cross Site Scripting Vulnerability http://www.frsirt.com/english/advisories/2008/1455 A vulnerability has been identified in Sun Java System Web Server, which could be exploited by attackers to execute arbitrary scripting code... 2008-05-08 FrSIRT - Sun Ray Server Kiosk Mode Root Privilege Escalation Vulnerability http://www.frsirt.com/english/advisories/2008/1454 A vulnerability has been identified in Sun Ray Server Software, which could be exploited by malicious users to obtain elevated privileges... 2008-05-08 FrSIRT - Sun Solaris TCP Implementation Remote Denial of Service Vulnerability http://www.frsirt.com/english/advisories/2008/1453 A vulnerability has been identified in Sun Solaris, which could be exploited by remote attackers to cause a denial of service... 2008-05-08 FrSIRT - Linux Kernel Privilege Escalation and Denial of Service Vulnerabilities http://www.frsirt.com/english/advisories/2008/1452 Two vulnerabilities have been identified in Linux Kernel, which could be exploited by local attackers to bypass security restrictions or gain elevated privileges... 2008-05-08 FrSIRT - Linux Kernel "fcntl_setlk()" and "close()" Race Prevention Vulnerability http://www.frsirt.com/english/advisories/2008/1451 A vulnerability has been identified in Linux Kernel, which could be exploited by attackers to bypass security restrictions... 2008-05-08 FrSIRT - HP-UX LDAP-UX Unspecified Local Unauthorized Access Vulnerability http://www.frsirt.com/english/advisories/2008/1450 A vulnerability has been identified in HP-UX, which could be exploited by local attackers to bypass security restrictions... 2008-05-08 FrSIRT - HP-UX Netscape Directory Server Privilege Escalation Vulnerability http://www.frsirt.com/english/advisories/2008/1449 A vulnerability has been identified in HP-UX, which could be exploited by local attackers to gain elevated privileges... 2008-05-08 FrSIRT - Sun Solaris Security Update Fixes OpenSSH Information Disclosure http://www.frsirt.com/english/advisories/2008/1448 A weakness has been identified in Sun Solaris, which could be exploited by local attackers to gain knowledge of sensitive information... 2008-05-07 FrSIRT - SIPp Message Processing Remote Buffer Overflow Vulnerabilities http://www.frsirt.com/english/advisories/2008/1447 Two vulnerabilities have been identified in SIPp, which could be exploited by attackers to cause a denial of service or execute arbitrary code... 2008-05-07 FrSIRT - Licq Incoming Connections Handling Remote Denial of Service Issue http://www.frsirt.com/english/advisories/2008/1446 A vulnerability has been identified in Licq, which could be exploited by attackers to cause a denial of service... 2008-05-07 FrSIRT - NASA Common Data Format "Read32s_64()" Buffer Overflow Vulnerability http://www.frsirt.com/english/advisories/2008/1440 A vulnerability has been identified in NASA Common Data Format (CDF), which could be exploited by attackers to cause a denial of service or execute arbitrary code... 2008-05-06 FrSIRT - phpDirectorySource Multiple Remote SQL Injection Vulnerabilities http://www.frsirt.com/english/advisories/2008/1432 Multiple vulnerabilities have been identified in phpDirectorySource, which could be exploited by remote attackers to execute arbitrary SQL queries... 2008-05-05 FrSIRT - cpLinks Remote SQL Injection and Cross Site Scripting Vulnerabilities http://www.frsirt.com/english/advisories/2008/1431 Multiple vulnerabilities have been identified in cpLinks, which could be exploited by remote attackers to execute arbitrary SQL queries or scripting code... 2008-05-05 FrSIRT - Scorp News "site" Parameter Remote File Inclusion Vulnerability http://www.frsirt.com/english/advisories/2008/1430 A vulnerability has been identified in Scorp News, which could be exploited by remote attackers to compromise a vulnerable web server... 2008-05-05 FrSIRT - Sun Solaris SCTP Protocol Remote Denial of Service Vulnerabilities http://www.frsirt.com/english/advisories/2008/1429 Two vulnerabilities have been identified in Sun Solaris, which could be exploited by attackers to cause a denial of service... 2008-05-05