Secunia Security Advisory - JosS has reported a vulnerability in Pre Real Estate Listings, which can be exploited by malicious people to conduct SQL injection attacks.
40a84063ca635f859079b08c47639d53c690d921f0a267ab4530843e37668292Debian Security Advisory 1638-1 - It has been discovered that the signal handler implementing the login timeout in Debian's version of the OpenSSH server uses functions which are not async-signal-safe, leading to a denial of service vulnerability.
3dcd1c93684523b379aae5ed130ab55e469f477cb01b57983baa4faa0beb27f7Team SHATTER Security Advisory - The XMLQUERY and XMLEXISTS functions are vulnerable to a stack based buffer overflow by passing an overly long parameter. The XMLQUERY and XMLEXISTS functions are installed by default. IBM DB2 Database Server versions 9.1 and 9.5 on the Windows platform are affected.
5efd448731a6482ab43eb286aea980a1d038f94b64579c7415920afbcf71422aTeam SHATTER Security Advisory - It is possible to use the CLR stored procedure deployment feature of IBM Database add-ins for Visual Studio to produce a privilege escalation or denial of service on a DB2 server. IBM DB2 Database Server versions 9.1 and 9.5 on the Windows platform are affected.
93159e714894796764bdfc5cbc6de85425718a0e10e81c6b0e87ed2a5c4ac87bHotel Reservation System suffers from a blind SQL injection vulnerability in city.asp.
099d2a6a6ff181537cff7566196df27a42dd0e757128fa85df4c47a557028c73Server shutdown exploit for Unreal Engine which suffers from a failed assertion vulnerability.
b7e7f1463c21f51de7f49c1f903f44cdd78632aa54a69a21b30c8bf88a042f62Unreal Engine suffers from a failed assertion vulnerability that allows for server shutdown.
83af6f51a1662c1603b02411ceb0ebbbaeea83057640b31febbbbed85f5c3498Mandriva Linux Security Advisory - A symlink vulnerability was found in the javareconf script in R that allows local users to overwrite arbitrary files. The updated packages have been patched to prevent this issue.
b99d99c5158b1d3ecb006714bbc150f0f8ab552425f2bd64778e1edb59aea90eosCommerce version 2.2rc2a suffers from an information disclosure vulnerability.
e83060bf47d164489717852d1a3a79a00be142c4234277d1607a6d9bd3bcab5eGonafish LinksCaffePRO version 4.5 suffers from a remote SQL injection vulnerability in index.php.
1ed8d0b3ed66fdadf46f94be8e874ab1cb1f72fe01267fe740b4b1005dd5bd4cSecunia Security Advisory - Hussin X has reported a vulnerability in Downline Goldmine Builder and related scripts, which can be exploited by malicious people to conduct SQL injection attacks.
70af6bb163eaa902c4d009c0747b55657c3d6c869479181051299fddb80cbed7Secunia Security Advisory - r45c4l and h4x0r have reported a vulnerability in iBoutique, which can be exploited by malicious people to conduct SQL injection attacks.
38b0b87c2a2ffb1d0acbeb1ce4833b95df9a1bfc836fa17db74960a02b25b8acDenial of service exploit for Postfix versions 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel.
be4de29c579743f90fbea63e452a1da0c2f608677d7e66f78cf782b3ccc6d70cTechnical Cyber Security Alert TA08-260A - Apple has released Security Update 2008-006 and Mac OS X version 10.5.5 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.
6981f18fc007237448cbbcff01311de8cb7f02161d2087f761e73d95e3fb661cThe InstallShield Update Agent uses insecure methods of retrieving operational script code from unauthenticated, unverified external sources over HTTP. Arbitrary remote code execution is possible on all known product versions.
1caa2ebe74269b4c59aec52aa22dd6110a144d0f811fc378edf727096abb151fThe Bharti DSL modem provided by Airtel suffers from credential disclosure and various other vulnerabilities that allow for device compromise.
5387ef2787954a632868302fa5bcce59a93d245c0de73e75ec3a8cf45382811eAttachmax Dolphin versions 2.1.0 suffer from remote file inclusion, blind SQL injection, and file disclosure vulnerabilities.
396f18db7ab2ae873121a9ba9406547b40cca65e257e8e23c490d2653b356560Secunia Security Advisory - A vulnerability has been reported in Sun Management Center (SunMC), which can be exploited by malicious people to cause a DoS (Denial of Service).
c8b1880bb39add510e2efb175189cc90e92079955e3f1b0516dc2a3e62043f34Secunia Security Advisory - wins.mallow has reported a vulnerability in Nokia E90 Communicator, which can be exploited by malicious people to cause a DoS (Denial of Service).
9b1a455864bd4e611fd2985682ac015e62d769943469c4ec407981c2fb1a4c84Secunia Security Advisory - A security issue with an unknown impact has been reported in OSADS.
8e89ca3a98861443cd56f230e90f3d8757ef8b3eeb65537b818f9bc88ec82f4bSecunia Security Advisory - A vulnerability has been reported in multiple LANDesk products, which can be exploited by malicious people to compromise a vulnerable system.
eb9676e9967b7d3cb43a95bae52cd33056cb6f8b3c274e9106f0e271cddd3bdfOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
e8fc5fcfb715ffe925b2982aa9ca287832a93495d7fff03f17f6449f0732718ciScripts EasyIndex suffers from a remote SQL injection vulnerability.
64ea09d2a18a16f5b60b3f00b47f30df6f77a937660c6c902140a07fc9552851A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LANDesk Management Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the QIP Server Service (qipsrvr.exe) which listens by default on TCP port 12175. The process makes a vulnerable call to MultiByteToWideChar using values obtained from packet data. A malicious 'heal' request can allow an attacker to control both the pointer to the StringToMap and the StringSize arguments. The destination buffer is either allocated on the stack or heap depending on the specified sizes. In both cases it can be overflown leading to arbitrary code execution under the context of the SYSTEM user.
ff6889cec64d47b85818ece735464037c8c4a2e41b36d8a8b02923a7d1f1cecdSecunia Security Advisory - Red Hat has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
12b3b9af0017e805a3e8615f2acb487ae0edbe912f03857bd3a88f3e85653aaa
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed