Category: ADVISORIES

ADVISORIES | September 20, 2007

Multiple Buffer Overflows in legacy mod_jk2 apache module 2.0.3-DEV and earlier

By Josh Betts Jason Larsen & Walter Pearce

CVE-2007-6257, VU#245025. Discovered: 05.01.07. Reported: 06.27.07. Disclosed: 09.20.07. A buffer overflow vulnerability exists in the Host Header field of the legacy version of the mod_jk2 apache module (jakata-tomcat-connectors), which allows for remote code execution in the context of the Apache process. (more…)

ADVISORIES |

Multiple Total Remote Compromise Vulnerabilities in Mercury SiteScope Monitoring Software

By Chris Paget

CVE-2007-6257, VU#245025. Discovered: 10.05.06. Disclosed: 09.20.07. Critical vulnerabilities exist within the Mercury SiteScope server monitoring software. Some of these can result in a complete remote compromise of the entire monitored network, as well as arbitrary code execution on all servers managed by the SiteScope software. (more…)

ADVISORIES |

Buffer Overflow in Mono BigInteger Montgomery Reduction Method

By Jason Larsen & Walter Pearce

VU#146292. Discovered: 07.25.07. Reported: 08.24.07. Disclosed: 09.20.07. An exploitable buffer overflow vulnerability exists in the Montgomery reduction method within the Mono Frameworks BigInteger Class (Mono.Math.BigInteger). (more…)

ADVISORIES | March 26, 2007

Static Microsoft Windows WPAD entries might allow interception of traffic

By Chris Paget

CVE-2007-1692. Disclosed: 03.26.07. The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries. A remote attacker could leverage this to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests. (more…)