Computer Security

Search:Vulnerability:08.09.2004
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



cdrecord privilege escalation
Published:08.09.2004
Source:BUGTRAQ
SecurityVulns ID:3986
Type:local
Level:5/10
Description:Privileges are not dropped on user specified program invocation.
Affected:CDRECORD : cdrecord 2.01
Original documentdocumentMANDRAKE, [Full-Disclosure] MDKSA-2004:091 - Updated cdrecord packages fix local root vulnerability (08.09.2004)
Discuss:Read or add your comments to this news (0 comments)

star privilege escalation
Published:08.09.2004
Source:FULL-DISCLOSURE
SecurityVulns ID:3987
Type:local
Level:5/10
Affected:STAR : star 1.5
Original documentdocumentGENTOO, [Full-Disclosure] [ GLSA 200409-11 ] star: Suid root vulnerability (08.09.2004)
Discuss:Read or add your comments to this news (0 comments)

multi-gnome-terminal information leak
Published:08.09.2004
Source:BUGTRAQ
SecurityVulns ID:3988
Type:local
Level:5/10
Description:Keystrokes are logged to user's home in debugging mode.
Affected:GNOME : multi-gnome-terminal 1.6
Original documentdocumentGENTOO, [ GLSA 200409-10 ] multi-gnome-terminal: Information leak (08.09.2004)
Discuss:Read or add your comments to this news (0 comments)

Usermin crossite scripting
Published:08.09.2004
Source:BUGTRAQ
SecurityVulns ID:3989
Type:remote
Level:6/10
Description:Crossite scripting with HTML messages.
Affected:WEBMIN : Usermin 1.070
 WEBMIN : Usermin 1.080
Original documentdocumentsnsadv_(at)_lac.co.jp, [SNS Advisory No.77] Usermin Remote Arbitrary Shell Command Execution Vulnerability (08.09.2004)
Discuss:Read or add your comments to this news (0 comments)

Serverview weak permissions
Published:08.09.2004
Source:BUGTRAQ
SecurityVulns ID:3990
Type:local
Level:5/10
Description:Weak permissions for configuration file allow to change SNMP MIBs structure.
Affected:FUJITSU : serverview 3.0
Original documentdocumentRene, serverview 3.0 - insecure file permissions (08.09.2004)
Discuss:Read or add your comments to this news (0 comments)

Net-Acct symbolic links problem
Published:08.09.2004
Source:SECUNIA
SecurityVulns ID:3991
Type:local
Level:5/10
Description:Symbolic links problem on temporary files creation in "write_list()" and "dump_curr_list()" functions
Affected:NETACCT : Net-Acct 0.71
Original documentdocumentSECUNIA, [SA12476] Net-Acct Insecure Temporary File Creation Vulnerability (08.09.2004)
Discuss:Read or add your comments to this news (0 comments)

Multiple Safari bugs
Published:08.09.2004
Source:SECUNIA
SecurityVulns ID:3992
Type:client
Level:6/10
Description:Security Bypass, Cross Site Scripting, Manipulation of data, Exposure of system information, Exposure of sensitive information, Privilege escalation, DoS, System access.
Affected:APPLE : MacOS X 10.2
 APPLE : MacOS X 10.3
Original documentdocumentSECUNIA, [SA12491] Mac OS X Security Update Fixes Multiple Vulnerabilities (08.09.2004)
Discuss:Read or add your comments to this news (0 comments)

Qt/imlib buffer overflow
updated since 22.08.2004
Published:08.09.2004
Source:BUGTRAQ
SecurityVulns ID:3929
Type:library
Level:7/10
Description:Buffer overflow on BMP files paring.
Affected:IMLIB : imlib 1.9
 QT : qt 3.3
 IMLIB : imlib2 1.0
 IMAGEMAGIC : imagemagick 6.0
Original documentdocumentMANDRAKE, [Full-Disclosure] MDKSA-2004:089 - Updated imlib/imlib2 packages fix BMP crash vulnerability (08.09.2004)
 documentChris Evans, CESA-2004-004: qt (22.08.2004)
Files:EXPLOIT: Qt bmp heap overflow
Discuss:Read or add your comments to this news (0 comments)

RKDetect - behaviour based rootkit detection utility
updated since 12.05.2004
Published:08.09.2004
Source:offtopic1
SecurityVulns ID:3682
Description:Rkdetect is a little anomaly detection tool which can find services hidden by generic Windows rootkits like Hacker Defender. Tool very simply. It enumerates services on remote computer through WMI (user level) and Services Control Manager (kernel level), compare result and display difference. In this way we can find hidden services which usual used to start rootkit. Similar approach can be used to enumerate processes, files, registry keys and anything that rootkits can to hide. Rkdetect available here: Updated on 08.09.2004: Support for localized systems added. http://www.security.nnov.ru/files/rkdetect.zip
Original documentdocumentSergey V. Gordeychik, rkdetect updated (08.09.2004)
 documentSergey V. Gordeychik, RKDetect (12.05.2004)
Files:RKDetect - rootkit anomaly detector
Discuss:Read or add your comments to this news (0 comments)

mpg123 buffer overflow
updated since 14.01.2003
Published:08.09.2004
Source:BUGTRAQ
SecurityVulns ID:2540
Type:client
Level:5/10
Description:Stack overflow on mp3 frame processing in sync_stream() function.
Affected:MPG123 : mpg123 0.59
Original documentdocumentDavide Del Vecchio, [Full-Disclosure] mpg123 buffer overflow vulnerability (08.09.2004)
 documentGOBBLES_(at)_hushmail.com, Local/remote mpg123 exploit (14.01.2003)
Files:local/remote exploit for mpg123
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru