Ubuntu Security Notice 319-1 - A race condition has been discovered in the file permission handling of the /proc file system. A local attacker could exploit this to execute arbitrary code with full root privileges.
5f3d92ad959c30a89bf81dbf98acf093ccc125b1767d7b1bd7a8e67d0b344e41GeoAuctions Premier version 2.0.3 and GeoClassifieds Basic version 2.0.3 suffer from blind SQL injection flaws.
c76935fa4653ae91652bb2c25d7cb4ec847848088a52129dc8030e9f35f32c57RuxCon 2006 Call For Papers - The RuxCon staff would like to announce the call for papers for the fourth annual RuxCon conference. This year the conference will run from the 30th of September to the 1st of October, over the long weekend. As with previous years, RuxCon will be held at the University of Technology, Sydney, Australia.
5ce189ddc3eeac2819f6c3aee283455405b4838640c3b3ebb1905f7e4d0ab771ToorCon 2006 Call For Papers - Papers and presentations are being accepted for ToorCon 2006 to be held at the Convention Center in San Diego, CA on September 29th through October 1st.
e02b0ba03e348295eef66d816c9b5560d131f8133d38d5f35d38e611d235fb06DeluxeBB versions 1.07 and below suffer from multiple vulnerabilities including SQL injection and cross site scripting flaws.
e7b9d8c50687835bc5e05c6edf288fcfbd7f0ef3d44d6ac19bd3a1b312e25ef1Debian Security Advisory 1111-1 - Several local vulnerabilities have been discovered in the MySQL database server, which may lead to denial of service.
7e8fdd5e3fa32fce27e25605affba95b2f239b75b54844e27584f2a5a48d78d4mail2forum versions 1.2 and below suffer from remote file inclusion vulnerabilities.
5bb66ce5823c22baa2e4fd51d4bd92bef36bd24f8587658c318e8d33ed9ddf43A remote stack overflow exists in a range of wired and wireless D-Link routers. This vulnerability allows an attacker to execute privileged code on an affected device. When a specific request is sent to an affected device, a traditional stack overflow is triggered allowing an attacker complete control of the router. With the ability to execute code on the device, it is then possible to apply modified firmware, and ultimately compromise the entire network.
25d882c6fb0ae5a475f5d6f2351d4ac9dc574a80eed93c6005f7c73dc6e35280ToendaCMS versions 1.0.0 and below Shizouka stable 'F(u)CKeditor' remote command execution exploit.
4078edb0692788bf72e86e7b49a7f3e7fb493a4be972d72abf20b7fa6618583cProfessional PHP Tools Guestbook suffers from multiple SQL injection vulnerabilities.
640930a07c780ac17351173383e5b462e04a89e1f67d9d4191f1e37868973c9bZoho Virtual Office version 3.2 is susceptible to cross site scripting attacks.
f04e06c4a2693acb9dab221b5a1b84dce745609b225f70f60601b367d1ffea6bSecunia Security Advisory - Multiple vulnerabilities have been reported in CS-MARS, which can be exploited by malicious, local users to bypass certain security restrictions and malicious people to gain knowledge of system information and compromise a vulnerable system.
34fb5b94d27284768d694017270c4bae8e4332dc9d32448cba47904217e7a66eSecunia Security Advisory - r0t has reported a vulnerability in PhpLinkExchange, which can be exploited by malicious people to compromise a vulnerable system.
da7fac10924fa873be3aaadea52998a1adc3c066006c7cd4584c3a9516bb8569PacSec 2006 Call For Papers - The conference will be held November 27th through the 30th in Tokyo. The conference focuses on emerging information security tutorials.
c8dba8f0dd7e0dcf4eebcc332cd12b1322ddf4cca48580b85f37c7d99d76bfc1OSdate versions 1.1.7 and below are prone to cross site scripting attacks.
16af6833a9dfb3853798f4606ad1990864dd9eade7bfd3b117ebb62b00afe622Secunia Research has discovered two vulnerabilities in IceWarp Web Mail, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and compromise a vulnerable system. Merak Mail Server version 8.3.8.r with IceWarp Web Mail 5.6.0 is affected.
ea34c0a33de7ac0c8a3533381aaf94e7d5a0210039b64aa97bdbafdab97a3e5dSecunia Research has discovered two vulnerabilities in Visnetic Mail Server, which can be exploited by malicious users and by malicious people to disclose potentially sensitive information and to compromise a vulnerable system. Visnetic Mail Server version 8.3.5 is affected.
d2398297f500288373c0f6859e9be8e326afb0527008903d4c171dd3f33601b2Secunia Research has discovered a vulnerability in BitZipper, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in UNACEV2.DLL when extracting an ACE archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow when a user extracts a specially crafted ACE archive. BitZipper version 4.1 SR-1 is affected.
7fdb872ca2833cabf09fea315d78509c20750c1c879788b34c7cc8be31075bedNew Article Mambo Component versions 1.0 and below suffer from remote file inclusion vulnerabilities.
a96106182968428ab29ec9869871a6c2d3e02e4b606f41105f51711cf185d341boastMachine versions 3.1 and below remote SQL injection exploit that also demonstrates a cross site scripting vulnerability.
732b0fa3568c40d35435ef55b2e9eef6b65e90306bba137361a2493f1cd0ddb9Outpost Firewall Pro version 3.51.759.6511 and Lavasoft Personal Firewall version 1.0.543.5722 suffer from a privilege escalation vulnerability that leads to SYSTEM access.
faabb88abd7c7462e4696e14728468c1dbc0b2d62ce1bedce788c3afe18c5b1cAnalysis whitepaper detailing Cyber-terrorism defacement attacks on pro-Israeli servers by Team Evil.
b5c0b1a8f42634e6f235bab6d79b65c54bd1315b316a4aad456f35821a58aaa9Plesk control panel versions 8.0.0 and below suffer from a cross site scripting flaw.
1940826459537f4a61a1db36f39692d78500639e1bfdbeab4141c8f0091c9f2eListMessenger version 0.9.3 suffers from a remote file inclusion flaw.
542e818958a613af56f7f6fda483accc6f07546a162465809d34478ca851bd28
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed