Iamma Simple Gallery versions 1.0 and 2.0 suffer from an arbitrary file upload vulnerability.
a86e9747c5e8a4b6352fb1f6b76303dc9abd5e1fb3cc22419434794c26256a20Whitepaper entitled SNMP Injection - Achieving Persistent HTML Injection via SNMP on Embedded Devices.
ace95e6e015bcde9714bec5eb0612843f605b3cd71d3b207aaadcab78367c8adSecurity Objectives Advisory - Veritas Storage Foundation version 5.0 suffers from an arbitrary file read vulnerability in the qioadmin binary.
922ebd3425d504bed309bc3e70b7c7368ba68eae9ce936182f24c1586db990dcOracle Application Express (APEX) suffers from an excessive privileges issue in relation to the FLOWS database schema/user account.
882a4730a9ac5f34d49c20a010a691e36ff7442ad833b301e662a5a8e1396987Secunia Security Advisory - Some vulnerabilities have been reported in IBM DB2, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) and disclose potentially sensitive information.
cc354d1e9978bb1ceeb4db46cd073b351c2ea40662b5cad70e3b58e467e72a3dCisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. These include Windows NT domain authentication bypass, IPv6 denial of service, and a Crypto Accelerator memory leak.
4bbe080a815103c31678bb76f8bde5b1be713a2e3de8aa81f41ba7f590f11c97phpcrs versions 2.06 and below suffer from a local file inclusion vulnerability in frame.php.
f3f5ceed0b2a882f00799480dd29bb48e51b8f1d7e14fdabb0c036cc052cd176Secunia Security Advisory - Secunia Research has discovered a vulnerability in GNU Enscript, which can be exploited by malicious people to compromise a vulnerable system.
db1aa18bd99016da9ad00135bb5eb7c68e948be22ed3e2241b11acbcb6864f80Secunia Security Advisory - A vulnerability has been reported in Smarty, which can be exploited by malicious people to bypass certain security restrictions.
2e7f66ad0d1c10d7b480e8398cffaa3c69320c3085976841b42345063acd3ee9Secunia Security Advisory - Debian has issued an update for qemu. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
ad99b2a99e9208e677be41c43115374fab8b855bd4516eb01e92edcf0d376d9aSecunia Security Advisory - Two vulnerabilities with unknown impact have been reported in TikiWiki CMS/Groupware.
56e73cb50a6b14ef3f84dea39a125bd2579f3e63fad9cafe76bf5be2e9b73096Secunia Security Advisory - eLiSiA has discovered a vulnerability in FlashChat, which can be exploited by malicious users to bypass certain security restrictions.
2519b427326f7c0ecc3a23a6479d7e7559b2080b57e1763e7a020339a3333e6aSecunia Security Advisory - Ubuntu has issued an update for amarok. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
27970ccf508ba8eae6e7d01b91069ff60c9ee80d132375ed01acf9ee7618b4caSecunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to cause a DoS.
bc6170f320b360bde7894020d8cead97b918d951700e73412f14249b4432b023FreeSSH version 1.2.1 denial of service exploit. Crash #2.
99bda96067e5b98d234446f0a8b67867b6ba03dc493753b12b97cf8aa297df43Debian Security Advisory 1658-1 - Colin Walters discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack.
e2dc1d6f24abf61eb027035600e9019ef79f0978bf307741e9ca42b9769c4cc2A resource exhaustion vulnerability exists throughout multiple EMC NetWorker products through an exploited RPC interface.
01b139fb1a4243988a7bc792cabeacf7c919c50614032c7270583c8894c8be7fSecunia Research has discovered a vulnerability in various HP products, which can be exploited by malicious people to cause a DoS (Denial of Service). The HP OpenView Trace Service exposes an RPC service on TCP port 5051 or 5053 that does not require authentication. By sending a particular sequence of RPC requests, an object is incorrectly referenced, which may cause a memory reference beyond an allocated buffer. HP OpenView Report version 3.70 and HP Performance Agent version 4.70 are both affected.
f1546a2e6eea29b72c45d9610eaa1c4e619fa7532f9d3795a6d74db5cebffeddSecunia Research has discovered a vulnerability in Trend Micro OfficeScan Server, which can be exploited by malicious people to compromise a vulnerable system. A boundary error when parsing CGI requests can be exploited to cause a stack-based buffer overflow via an HTTP POST request to an affected CGI executable with specially crafted form data. Successful exploitation allows execution of arbitrary code. Trend Micro OfficeScan version 7.3 patch 4 build 1367 is affected.
6260bed0c8ef3910412fa8bb89863553ce9240aa159314b903c6583fb3daddf0Secunia Research has discovered a vulnerability in GNU Enscript, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "read_special_escape()" function in src/psgen.c. This can be exploited to cause a stack-based buffer overflow by tricking the user into converting a malicious file. Successful exploitation allows execution of arbitrary code, but requires that special escapes processing is enabled with the "-e" option. GNU Enscript versions 1.6.1 and 1.6.4 beta are vulnerable.
8a7d447dd69db4f8d793cacd7994b607c6795026d0ed31d75ebc239dfccf920dFreeSSH version 1.2.1 denial of service exploit.
d1d23d04a0d96b9bd50bbd0dfc343290a639f6d1a1d82ba7ed4de3104673a0a2Whitepaper on setting up a HTTP controlled botnet. Code examples provided.
86e6a791ef574842a0dda59f57f25c4daf573d63439a32bb2f8fe98b869c1fd2Secunia Security Advisory - Secunia Research has discovered a vulnerability in Trend Micro OfficeScan, which can be exploited by malicious people to compromise a vulnerable system.
6a7b9b2a5c0143ff0518db580ea83cbf0d21e8be85cdda5a882473c18515784cSecunia Security Advisory - A vulnerability has been reported in Sun Integrated Lights-Out Manager, which can be exploited by malicious users to bypass certain security restrictions.
b3b860f93de61c434ac2e5844ef12f6ca4039c395980d050acbf58a0efbf8687Secunia Security Advisory - r45c4l has reported a vulnerability in the Newsletter plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
ff7f52ebc3fe603598841ad4d2377a4b7ad5e7bc58cf0cc47fbdc69210e1aff4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed