WebFileExplorer version 3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e49da55861cd0f74fdaec1e380c299bbe5d9dd12d15f3a53aee92837013d1b1cMandriva Linux Security Advisory 2009-088 - Multiple vulnerabilities has been identified and corrected in wireshark. These include format string and denial of service vulnerabilities.
e9d05a7d6d95c4d6f253e889f5fa1cf1e332b8802b9b95efbab614046fa2d975HP Security Bulletin - A potential security vulnerability has been identified in HP ProCurve Manager and HP ProCurve Manager Plus. The vulnerability could allow remote unauthorized access to data on the ProCurve Manager server. Note that this vulnerability is over a year old.
3d89ab4a511d7057406f3b4f5a98c9e7040ddabc6bb66ae9d8f786736be6dfe3Loud Listener is a light-weight high speed voice packet recorder that can target a particular call based on SIP URL or TG, designed to satisfy regulatory lawful Intercept requirements. This proof of concept code has been designed to be pushed to an FPGA on an accelerated platform but in its current form, it will run on most versions of Linux.
57e5623476d8c06864d49cb43d5ee359c127b0dbbb7a3705578f3519de6a4cefDebian Security Advisory 1754-1 - It was discovered that roundup, an issue tracker with a command-line, web and email interface, allows users to edit resources in unauthorized ways, including granting themselves admin rights.
1d5f494eaa3899e67790d5afdfd5e0665d93ebd6b6b7f46ef5c5f087c83b53d5Debian Security Advisory 1767-1 - It was discovered that multipathd of multipath-tools, a tool-chain to manage disk multipath device maps, uses insecure permissions on its unix domain control socket which enables local attackers to issue commands to multipathd prevent access to storage devices or corrupt file system data.
904b1a5f03572b81de80119e0824a09e315f6e1a9e7a568558324dbb6667828cSecunia Research has discovered a vulnerability in Ghostscript, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error in the included jbig2dec library while decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. Ghostscript version 8.64 is affected.
3e45593976ff44163557ee1faed79a1bbf8b00a557fd8e04db7f2215e79343ccMy Dealer CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
f28e670fc537a9bfa642b803464ee823b8e4ff9af8add0fd85155e7eaccd58dbAbsolute Form Processor version XE-V 1.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
faed5a542ed8d594dd5233d1172f9c1e962af9ced171ca6a7306f1bdfe2acca8Simbas CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
e16cb953dd1bc093276c58b4460cb86cb2151ade7b543564472c3ec1d6bf46e1The Joomla Car component suffers from a remote SQL injection vulnerability.
133484801b0048d2d49478dd762a8492b07159c7a712540456c811e525e041e1AdaptBB version 1.0 Beta suffers from blind SQL injection, dynamic code execution, and arbitrary file upload vulnerabilities.
6e34e15269adcbcfb8335dfbb12dc9119688b86e5b05c0428b2a3fecae0f33daHP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Performance Agent and HP Performance Agent. The vulnerability could be exploited remotely to execute arbitrary code.
61b8f6223dc3ee73a57d54d19de6d87247e5bf6c3c1888a30c1cdecd097c9d47The IBM BladeCenter Advanced Management module suffers from cross site scripting, cross site request forgery, and information disclosure vulnerabilities.
1954725f4d86942fbaa357b00c1b82ca228d2ca128249c34312bc4346ec5b01dFortinet's FortiGuard Global Security Research Team has discovered a buffer overflow vulnerability in EMC RepliStor. Versions 6.2 SP4 and below and 6.3.SP1 and below are affected.
3e443a3255e8c74cf07bc65e9a330033b6a706a1e28dae1653a6c10616777191Debian Security Advisory 1766-1 - Several vulnerabilities have been found in the MIT reference implementation of Kerberos V5, a system for authenticating users and services on a network.
62744b0660268ab7130a3287b506316b68daa390f0f7c8054bab6ce99001b83aExjune Guestbook version 2 remote database disclosure exploit.
5a417a0f4555adc7c0aa35d05df5b057cd46756f087f13e4a6b81571e8fb7af5The seccure toolset implements a selection of asymmetric algorithms based on elliptic curve cryptography (ECC). In particular, it offers public key encryption / decryption, signature generation / verification and key establishment. ECC schemes offer a much better key size to security ratio than classical systems (RSA, DSA). Keys are short enough to make direct specification of keys on the command line possible (sometimes this is more convenient than the management of PGP-like key rings). seccure builds on this feature and therefore is the tool of choice whenever lightweight asymmetric cryptography -- independent of key servers, revocation certificates, the Web of Trust, or even configuration files -- is required.
33d690a7034ee349bce4911a8b7c73e6e3cd13a140f429e9e628d5cd5a3bb955The tcb suite implements the alternative password shadowing scheme on Openwall GNU/*/Linux (Owl) which allows many core system utilities (passwd(1) being the primary example) to operate with little privilege. It is being made available separately from Owl primarily for use by other distributions. This package contains three core components of the tcb suite: pam_tcb (a PAM module which supersedes pam_unix), libnss_tcb (the accompanying NSS module), and libtcb (a library for accessing tcb shadow files, used by the PAM and NSS modules as well as by user management tools on Owl).
3eda3953c5e8d3c0c6cbc0941a2bb9f6fe5a862b4cfbd01c23acf64ccbd73373Geeklog versions 1.5.2 and below SEC_authenticate() remote SQL injection exploit.
9289d8cb946255c3e09f10474f3767b6c11d5d133f66a2107765e2d20994e7efSWF Opener version 1.3 .swf file off-by-one buffer overflow proof of concept exploit.
e6b2bd514a9261b88370cfd32b848a0a83b0d411eff14f469e3f1c893f690ee7BackendCMS version 5.0 suffers from a remote SQL injection vulnerability in main.asp.
30c7fb7d2b26692d50a55414ed1f8cab4579600ab37709e3a694a4327fb92d82Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
80d410969c691878a709a75d5ea8afc9ece8597cb3f362f5fdd4812a529beb88Secunia Security Advisory - Debian has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
1544e3fd30020c1940bd62096f45eb6fa118b113017c757c9543d8c05c3d1530Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Domino, which can be exploited by malicious people to cause a DoS (Denial of Service).
ed873f1875b2daed2710d459bde5c8c9ee1640a117e4acbf5bc3991e6c88c477
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed