Gentoo Linux Security Advisory 201309-9 - Multiple vulnerabilities have been found in LibRaw and libkdcraw, the worst of which may lead to arbitrary code execution. Versions less than 0.15.4 are affected.
52a8c598df68ee6a3a077cfac14839f89cfad5c2257f847715992991b2fc8a06Red Hat Security Advisory 2013-1264-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to cause a denial of service on a system or, potentially, escalate their privileges on that system. A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers.
9a5ec9f9c7d4781ea08fab5e5ddb59d96541a57787d7f358e43fe24a1469e30ccodecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.
277dbeecac4cd5fc2e53a30456b96c3020f64e3c1fdc8a01436bdc1e4c9eddc9OWASP ESAPI versions 2.0GA and 2.0.1 suffer from a symmetric encryption MAC bypass.
bbf9dbd4f10035de0105eec7f00e048b0c50838a31f3c331c90bbb38815ebcd5Mandriva Linux Security Advisory 2013-235 - Multiple vulnerabilities has been discovered and corrected in mediawiki. Full path disclosure in MediaWiki before 1.20.7, when an invalid language is specified in ResourceLoader. Several API modules in MediaWiki before 1.20.7 allowed anti-CSRF tokens to be accessed via JSONP. An issue with the MediaWiki API in MediaWiki before 1.20.7 where an invalid property name could be used for XSS with older versions of Internet Explorer. Several unspecified security issues were fixed with the 1.20.6 version. This replaces the MediaWiki 1.16.5 version, which has been EOL upstream for quite some time now, that was shipped with MBS 1. MediaWiki removed the Math extension for the 1.18 release, but it is now available separately. It has been packaged in the mediawiki-math package. The mediawiki-graphviz and mediawiki-ldapauthentication packages have also been updated to work with the new MediaWiki packages. The updated packages provides a solution to these issues.
59975cc64e426aac4d28c6370707a149449b05281ac9ce4423d50df3c6b488daGentoo Linux Security Advisory 201309-8 - Multiple vulnerabilities have been found in FileZilla, the worst of which could result in arbitrary code execution. Versions less than 3.7.3 are affected.
4f06c38780cba5d3c1f42721cffad7b55565b65890519d1c0729e4c8222a8578Moodle CMS version 2.5.0-1 suffers from a cross site scripting vulnerability.
e3ac4ae54569cb79f99f56b55d391649ec34ad904958620a13e84eeeba37dd72This Metasploit module exploits a buffer overflow vulnerability found in the STOR command of the PCMAN FTP v2.07 Server when the "/../" parameters are also sent to the server.
92e3649883cf46261d7a290c18c45a30760946ef4d2f40d99301ed717313473cTiendas Online Shopping Cart suffers from a remote SQL injection vulnerability.
f1736572630e4ef99a00a389b392b357d4daf482b49e3f6559e877cbce74a31bMitsubishi MC-WorkX version 8.02 active-x control file execution proof of concept exploit.
051bf2d457fb3478224730c5a764957e57768528962485ff7c0f290f39f09becGentoo Linux Security Advisory 201309-7 - A buffer overflow vulnerability in libotr could allow a remote attacker to execute arbitrary code or cause a Denial of Service condition. Versions less than 3.2.1 are affected.
b9f7d64ccd5178355d93a04d585ebd34103534407075dc6870418e5fe5e26682Red Hat Security Advisory 2013-1263-01 - Red Hat Storage Console is a powerful and simple web based Graphical User Interface for managing a Red Hat Storage 2.1 environment. This feature is provided as a Technology Preview, and is currently not supported under Red Hat Storage subscription services.
c957fc6e28d6f5410a47239edc8db138720f483a00f1d5ba548d3897fb5d1e89Whitepaper called Malware Memory Forensics. Written in Persian.
af09beac815402b485548bfdee267decdf2d1128cff277a07887798b1b7fbe9aSites powered by phpLinks suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
aba84ecf6554a51d8c9ee444970d50efcba44b72b4d8f42f312ec1480fae1beaWhitepaper called Password Secrets of Popular Windows Applications. Written in Persian.
2f2d636dd3b0d33b256e0011a95a9894ba4f4cdb485fd3aa852c13d9dd37e586
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed