Mico set_answer_invoke() Function DoS

Network Security News – Sunday, July 09, 2006 Events

Mico set_answer_invoke() Function DoS

Mico contains a flaw that may allow a remote denial of service. The issue is triggered when an unspecified error occurs when handling wrong object key by the 'set_answer_invoke()' function, and will result in loss of availability for the service.. Read more at osvdb.org/27029

Microsoft IE OutlookExpress.AddressBook COM Object NULL Dereference

Microsoft IE contains a flaw that may allow a local denial of service. The issue is triggered when a COM object in OutlookExpress.AddressBook is referred to a null pointer, and will result in loss of availability for the service.. Read more at osvdb.org/26836

PHPMailList ml_config.dat Cleartext Administrator Password Disclosure

PHPMailList contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the 'ml_config.dat' file, which will disclose administrator's username and password and system information resulting in a loss of confidentiality.. Read more at osvdb.org/27018

shadow setuid Failure Local Privilege Escalation

Shadow contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when passwd, called with the -f, -g, or -s option, did not check the result of the 'setuid' call. This flaw may lead to a loss of Confidentiality and Integrity.. Read more at osvdb.org/26995