Symphony version 2.3.1 suffers from a remote SQL injection vulnerability.
7e746f6f0becdb1c3bf1082b0fc80a06a0763df2b35b291a8f3a205d747948ae
FreeBSD Security Advisory - A flaw in the OpenSSL handling of OCSP response verification could be exploited to cause a denial of service attack. OpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS and DTLS. The weakness could reveal plaintext in a timing attack.
b53bfd66b506dafcb90c6c9516eb9205fffab27069d0f3a35836d94fab93d2fe
FreeBSD Security Advisory - A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.
1dd487d7a38a6be933444db11b02dd1e2e265a2e5fb5dd7875698187215034f8
Google Active Directory Sync (GADS) Tool versions 3.1.3 and below suffer from a local information disclosure vulnerability.
5af6fac3359b45806a514cce9e316949ac1c763760a0a252335bc60361e5db98
e107 CMS version 1.0.2 suffers from a reflective cross site scripting vulnerability.
b0a7d7d19b1bf2785fccdbdb0f2175d28946b402c3fbfdcc3590de48c18ffc57
Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.
3b58e8bd3a82e8c37c44eb2f52ee1833913d60800103e936466bbd2328c0a6dc
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues.
e4cabaa55b9baede126441bc2d835d83d47424d8b948c120e1c5c9b9c8012a2b
Sophos Web Protection Appliance version 3.7.8.1 suffers from OS command injection, cross site scripting, and file disclosure vulnerabilities.
e23113a1748c2be870f5cf2ef66700daa14d3f01fcf098583228dcf13f1434ee
Novell GroupWise version 12.0.0.8586 suffers form an untrusted pointer dereference vulnerability.
47e0f623fea3a5ed097e984178caf98801bcbed84209598283926cafe7ba2d6e
FUDforum version 3.0.4 suffers from an arbitrary code execution vulnerability.
36279cc79b9bb26cd0dfb7956cb4f1df702478b62a9a137f7cb48f7ac0e3c190
iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.
5eb19e8d6cf7acaf5393a22e953b5672f0def1483e43ed8b95e6693b98ba0995
Red Hat Security Advisory 2013-0700-01 - Jenkins is a continuous integration server. It was found that all SSL certificate checking was disabled by default in the Apache Maven Wagon plug-in of Jenkins. This would make it easy for an attacker to perform man-in-the-middle attacks. Users of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to this updated package, which corrects this issue.
2e1474d74bdc6d15346e98b54cdf58c4ef035856653a88200746b02f047d94db
Red Hat Security Advisory 2013-0701-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks by creating different types of malicious objects. For example, it could initiate a denial of service attack through resource consumption by using a JSON document to create arbitrary Ruby symbols, which were never garbage collected. It could also be exploited to create internal objects which could allow a SQL injection attack. It was found that documentation created by rubygem-rdoc and ruby193-rubygem-rdoc was vulnerable to a cross-site scripting attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc and ruby193-rubygem-rdoc are used for creating documentation for Ruby source files, it is not a common scenario to make such documentation accessible over the network.
21efbd85baf775bf343fbbe58aead019bee9fbcbd96c4e3f3a252fe9940c4e97
Ubuntu Security Notice 1787-1 - Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). A memory use after free error was discover in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). Various other issues were also addressed.
e7193629413cdad2b463bf06a7df8e90528471a345357eea7d9c6807f31923fa
This is a whitepaper that discusses using Compute Unified Device Architecture (CUDA) GPU cracking to crack passwords.
73c83fc3029646d3e3bb2f6758ef93e292ef63789d5c4c52472d85962bf1620e
SmallFTPd version 1.0.3 denial of service exploit that is written in AutoIT.
490e57206bbfaabcb311fd30eaeb013e30240b0f0f106cd454c6062b57aa06e9