barnowl uninitialized memory reference
Published:		06.09.2010
Source:		BUGTRAQ
SecurityVulns ID:		11117
Type:		remote
Level:		5/10
Description:		libzephyr library functions return code is not checked.

CVE:

CVE-2010-2725 (BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.)

Original document

DEBIAN, [SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution (06.09.2010)

Discuss:

Read or add your comments to this news (0 comments)

HP Operations Agent security vulnerabilities
Published:		06.09.2010
Source:		BUGTRAQ
SecurityVulns ID:		11119
Type:		remote
Level:		6/10
Description:		Code execution, privilege escalation.

CVE:		CVE-2010-3005 (Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows local users to gain privileges via unknown vectors.)
		CVE-2010-3004 (Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows remote attackers to execute arbitrary code via unknown vectors.)

Original document

HP, [security bulletin] HPSBMA02572 SSRT100082 rev.1 - HP Operations Agent Running on Windows, Local Elevation of Privileges and Remote Execution of Arbitrary Code (06.09.2010)

Discuss:

Read or add your comments to this news (0 comments)

Novell Netware SSH buffer overflow updated since 06.09.2010
Published:		14.09.2010
Source:		BUGTRAQ
SecurityVulns ID:		11118
Type:		remote
Level:		6/10
Description:		Buffer overflow on oversized SCP GET request.

Affected:

NOVELL : Netware 6.5

Original document		ZDI, ZDI-10-169: Novell Netware SSHD.NLM Remote Code Execution Vulnerability (14.09.2010)
		Francis Provencher, {PRL} Novell Netware OpenSSH Remote Stack Overflow (06.09.2010)

Discuss:

Read or add your comments to this news (0 comments)