Joomla GolfCourseGuide component versions 0.9.6.0 Beta and 1 Beta suffer from a remote SQL injection vulnerability.
c3d20cf389cff928da4dbb4ad7fd832d03fccb5ab9c000e761ebb0bc5f5bae5fMandriva Linux Security Advisory 2010-138 - Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply. The updated packages have been patched to correct these issues.
18104719beea5b46ca8f389d76fb415df95834e77108878de2bc04a65edcc28aWATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
1c9176931e9eb16200b5f597d7e02aa077d50ac84bc99faa3d877cb9a2fa7907Ubuntu Security Notice 930-5 - USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. It was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.
1bc694bb7364fe045af2c603420b4ce5c13f78d79389c7548df6bc16771c9714Ubuntu Security Notice 930-4 - USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6. If was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.
503b3e80fd666c5b552b19fdd7eca8d7aca2731d1cbcf9e0be54a272cdad137fUbuntu Security Notice 927-8 - USN-927-1 fixed vulnerabilities in NSS. This update provides the Thunderbird update to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.
87749ab295184597b7a07e1590a02ca81b8acc8591a5ebf3e19b6017071a64aaPhotoPost PHP versions 4.0 through 4.6 suffer from a remote SQL injection vulnerability.
1d139e534cdcf0c4e65c6bba0c76664268345d077ff81b076e223d7dc2fad601SAP NetWeaver SLD versions 6.4 through 7.02 suffer from multiple cross site scripting vulnerabilities.
8b641e06e58f7c35d9140a710b83cde908ed39795c6e2eedaaa58b596a3b8385ZeeMatri version 3x suffers from a shell upload vulnerability.
7ae764dcd3f9cfe94ffc925e298693155de1b8ed74f05a92be3a8f82ab14465cSAP Netweaver versions 6.4 through 7.0 suffer from a cross site scripting vulnerability.
3a33cbd84a9db933f995cbae70e001e3a89be10e4fa30b160c720ca941a9066eAIX 5l with FTP server remote root hash disclosure exploit. Creates a coredump including the root user hash from /etc/security/passwd. This is the second version that was written to be more portable between hosts.
3cbe3f2d71c1a259294434762694c1239444ee2fd3f2d2dc144601f1fe0a5675ZeeNetworking 1x suffers from a shell upload vulnerability.
48a1e0a10c033ad783e42cba65397d88ed108418e7798d8eec913f84ab073ca5LILDBI version 1.2 suffers from a shell upload vulnerability.
864cfbbdebc134ab41dcdfddef5df0bf4d519b4dcf637250720ceda162dcb908ZeeAdBox version 2x suffers from a remote SQL injection vulnerability.
1022f5f1735c187463f38136fbe414f41f51aa9ed28d88a575fef3ea1b4257c3Ubuntu Security Notice 957-1 - Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Various integer overflows and other issues have also been addressed.
102cde32fa8d891e54788fea852e8b6a825b5afe8a3b7b8afa40b6db0cea7fcfUbuntu Security Notice 927-7 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.
029b0a950c4c98aaeb2e0905f2a79e7e3fc90edc62763387ac0165267b47cd4aUbuntu Security Notice 927-6 - USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 9.04. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.
fc403a3536ccafffb088a5a80dccc88c06a03937a82209fc68213061032efc12Skipfish is a fully automated, active web application security reconnaissance tool. It is high speed, has a low false positive rate, and is easy to use.
4f7aab33039ef0826cbb1473f80c7de5c0319bb5c435c94688e44069e395bcd8Secunia Security Advisory - Fedora has issued an update for thunderbird and sunbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.
55331df301ef539362b49ff55ccad090ecf4612f804ccbd892939ac783102910Secunia Security Advisory - Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, and compromise a user's system.
f54ae5af48a5e47d104e5ea0c1159ea7891a4b055d759cd44e813f1f4307f835Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to conduct DNS cache poisoning attacks.
bc1e8faf0c3af5ac178ff93bacc70d3f1837153303358119860420b19526eb33Secunia Security Advisory - IBM has acknowledged a security issue in IBM Java, which can be exploited by malicious people to bypass certain security restrictions.
2439ed6f270878a3650193fcff12988ab8d34826e2d3bbec74252a44cb026d2dSecunia Security Advisory - A vulnerability has been discovered in the myLinksDump plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
f2383613d9efa3d58a855632b0c7ae97dbe67e75df6829339e619aebceab0bf8Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.
a6d7b600382f6f27ee8385d297f17535c0b5cfa3cfd4cfc9ddb7cf45b5417eb2Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, and compromise a user's system.
cbb110ddcd1c33f243f8346b1f3b1a856fd5e51da78dccc65f260405ef299681
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed