Five models of the Zoom Telephonics ADSL modem/router line suffers from authentication bypass, plain-text credential storage, improper handling, and traversal vulnerabilities.
44c6fde6671c4ea90e34564c3f3a20d93c0520abfb5edcbfb3a4dc36ffa44802WinArchiver version 3.2 suffers from a SEH-based buffer overflow vulnerability.
6e206a8a5bb2693cb96ef406b23482f125a2165e42334ccf58a79646e69b5217Wiz version 5.0.3 suffers from a user mode write access violation vulnerability.
63d43930c87c789aa57942fdecbe974ffb10518802ad97ec2eb9eb227bbc7784PWStore version 2010.8.30.0 suffers from cross site scripting and denial of service vulnerabilities.
62cf2734ff3e28570fd22dd8b33efaa47690cdfc48bd30e61e0caf0cb757102dFuzeZip version 1.0.0.131625 suffers from a SEH based overflow and stack based overflow which is protected by stack cookies.
7997f627ad9bdf3236c4f71c63ca741f2fbd67c404def236820282873b3f4e8dGentoo Linux Security Advisory 201309-3 - A buffer overflow in Xlockmore might allow remote attackers to cause a Denial of Service. Versions less than 5.43 are affected.
2d2e1635de685f4eeb9f823a8bd416409c0a7b50e399a1de015ce15a464b0f89Gentoo Linux Security Advisory 201309-2 - Multiple vulnerabilities have been found in strongSwan, possibly allowing remote attackers to authenticate as other users or cause a Denial of Service condition. Versions less than 5.1.0 are affected.
e5de6a7527422acc9f93e2938d3bd572a9d0efb8c22e1b9eec52ad5f16412f47Mandriva Linux Security Advisory 2013-225 - Fixed one critical bug in the DDOC parsing routines. By persuading a victim to open a specially-crafted DDOC file, a remote attacker could exploit this vulnerability to overwrite arbitrary files on the system with the privileges of the victim.
00eba3769f6c26bc880ee29f23ceca071d3246112c5eecfb48159db88d1cbb92Mandriva Linux Security Advisory 2013-224 - Pedro Ribeiro and Huzaifa S. Sidhpurwala discovered multiple vulnerabilities in various tools shipped by the tiff library. Processing a malformed file may lead to denial of service or the execution of arbitrary code.
d884754430c6583ac8b007978378c6bbb0dc76a3035da478c1c21be20416bfc1Debian Linux Security Advisory 2749-1 - Colin Cuthbertson and Walter Doekes discovered two vulnerabilities in the SIP processing code of Asterisk - an open source PBX and telephony toolkit -, which could result in denial of service.
64f259e26777b4eda664b410ea07d6756308f234bf56cbd36c690cf8ae3a017cSlackware Security Advisory - New gnutls packages are available for Slackware 14.0 and -current to fix a security issue.
d2c6387efc945856664a72d145fbc9931f3ccd30292ea3c12bdaae3ef265eb12Palms version 3.6 suffers from a remote SQL injection vulnerability.
1aa5484c2a82ec54fceee98744da5fa88ea2ceb2c745fec53f6c55ac32c4dfadPalms version 3.6 suffers from a cross site scripting vulnerability.
37feb0677c587aacff966cd6ffd579536af08f6c2fbd34c1ab9cf4ab479943bdGnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
119570af3eb83b411252bf617688b9b9143e4349f48657b7ebaea57d90ff707fGentoo Linux Security Advisory 201309-1 - A NULL pointer dereference in Cyrus-SASL may allow remote attackers to cause a Denial of Service condition. Versions less than 2.1.26-r3 are affected.
ab968551f4e15425cd83161245fa5213284ec0cc8224de16f469841985abbc43Debian Linux Security Advisory 2740-2 - The wheezy part of the previous python-django update, DSA-2740-1, was incorrectly built and did not include all legacy symbolic links for the jquery Javascript library.
5e6816e5fa58781c3179ef4898e51fdfb7c6d1502467e3f7e26f061403e6e395Debian Linux Security Advisory 2748-1 - Several denial-of-service vulnerabilities were discovered in the dcraw code base, a program for processing raw format images from digital cameras. This update corrects them in the copy that is embedded in the exactimage package.
c9a0cab3e1f4a48b9b65d8a6dcb658b1a312ef348d95a3a39a6d4b3d5beb124dWordPress IndiaNIC Testimonial plugin version 2.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
8a114d95eee5f58c8d052e9c08a3ac6cd312a696abb9a3f300be085897e9b1e3This archive contains all of the 191 exploits added to Packet Storm in August, 2013.
058cdd9ee708055a538eca696d3d41f58b70c1432ccddd8b82e1c322ee38d708
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed