NetPanzer Surface.hpp setFrame() Remote DoS

Network Security News – Thursday, June 01, 2006 Events

NetPanzer Surface.hpp setFrame() Remote DoS

NetPanzer contains a flaw that may allow a remote denial of service. The issue is triggered when a client uses a flag (called also frameNum) greater than 41, and will result in loss of availability for the service.. Read more at osvdb.org/25737

Mac OS X Mail MacMIME Attachment Integer Overflow

A remote overflow exists in Mac OS X. Mail fails to validate MacMIME encapsulated attachments resulting in an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/25593

Mac OS X passwd Temp File Symlink Arbitrary File Manipulation

Mac OS X contains a flaw that may allow a malicious local user to create arbitrary files on the system. The issue is due to the passwd program creating temporary files insecurely, using the form /tmp/.pwtmp.<pid> where <pid> is the process id
of the passwd process. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.. Read more at osvdb.org/23647

Mac OS X Preview Directory Hierarchy Overflow

A local overflow exists in Mac OS X. Preview fails to validate deep directory hierarchies resulting in a stack buffer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/25596

Mac OS X Safari LaunchServices Long Extension Safe File Open Bypass

Mac OS X contains a flaw that may allow a malicious user to cause Safari to automatically open unsafe content. The issue is triggered when long file name extensions are used to prevent Download Validation from correctly determining the file type. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/25591

Mac OS X Keychain Lock Bypass

Mac OS X contains a flaw that may allow a malicious application to access Keychain items without first requesting that the Keychain be unlocked. The issue is triggered when the application has obtained a reference to a Keychain item prior to the keychain being locked, which may allow the application to continue to use the item. It is possible that the flaw may allow unauthorized access to login information resulting in a loss of confidentiality.. Read more at osvdb.org/25590

Mac OS X FTP Server Path Name Overflow

A remote overflow exists in Mac OS X. The FTP server fails to handle several unspecified boundary conditions resulting in a buffer overflow. With a specially crafted request, an authenticated user can cause arbitrary code execution with the privileges of the FTP server resulting in a loss of integrity.. Read more at osvdb.org/25589

Mac OS X Firmware Unspecified Password Bypass

Mac OS X contains an unspecified flaw related to the firmware authentication on Intel-based machines that may allow an attacker to bypass the fireware password. No further details have been provided.. Read more at osvdb.org/24399

Mac OS X CoreFoundation Untrusted Bundle Arbitrary Code Execution

Mac OS X contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when CoreFoundation registers an untrusted bundle without user interaction. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/25586

Mac OS X CFNetwork Integer Overflow

A remote overflow exists in Mac OS X. The CFNetwork component used by Safari and other applications fails to validate chunked transfer encoding resulting in an integer overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/25585

Vuln: Chipmunk Guestbook Index.PHP SQL Injection Vulnerability

Chipmunk Guestbook Index.PHP SQL Injection Vulnerability. Read more at securityfocus.com/bid/18195

Vuln: WeOnlyDo SFTP ActiveX Control Remote Arbitrary File Access Vulnerability

WeOnlyDo SFTP ActiveX Control Remote Arbitrary File Access Vulnerability. Read more at securityfocus.com/bid/18192

Vuln: Mozilla Firefox Marquee Denial of Service Vulnerability

Mozilla Firefox Marquee Denial of Service Vulnerability

. Read more at securityfocus.com/bid/18165

Vuln: Secure Elements Class 5 AVR Multiple Remote Vulnerabilities

Secure Elements Class 5 AVR Multiple Remote Vulnerabilities. Read more at securityfocus.com/bid/18191

Internet explorer Vulnerbility

Internet explorer Vulnerbility

. Read more at securityfocus.com/archive/1/435492

SUSE Security Announcement: rug (SUSE-SA:2006:029)

SUSE Security Announcement: rug (SUSE-SA:2006:029). Read more at securityfocus.com/archive/1/435491