Secunia Security Advisory - Debian has issued an update for isakmpd. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
e32ea3b967124b15610fa34e352b53ffd1583a8d65cfbc4e0ae3b461c7c1d69cSecunia Security Advisory - A vulnerability has been reported in the Userreview module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks.
000098959d38be617353a224ee837a5bec7ed6bd6d313b245798a631a8804a2cSecunia Security Advisory - Gentoo has issued an update for libXfont. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
e8b12bf55d7f183f834acc997ee641a053a1c519ac57132b1d75a0f1d5deccdcSecunia Security Advisory - A vulnerability has been reported in HP-UX, which potentially can be exploited by a malicious, local user to cause a DoS (Denial of Service).
ffdfdeef9aa5bd86b074b5f08e68853da89824adde94220da2dac29114f582ccSecunia Security Advisory - sZ has discovered some vulnerabilities in Downstat, which can be exploited by malicious people to compromise a vulnerable system.
4166ba539f3e61442ac9b00c84a5582bf4fd3b235d03c808bd2ca6e4d90e14adSecunia Security Advisory - HP has acknowledged a vulnerability in HP OpenView Operations and HP OpenView Operations for Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
d6a213aff7ced61c5d77cb2b77762aeecab27bf161700e14d5065b9a9c87d808Secunia Security Advisory - Dj ReMix has discovered a vulnerability in TualBLOG, which can be exploited by malicious people to conduct SQL injection attacks.
1f11f9d8416f9be5aa66495c18e135120ba02e1b91df17d73b26771ea4f4e54fSecunia Security Advisory - Gentoo has issued an update for xine-lib. This fixes a weakness, which can be exploited by malicious people to crash certain applications on a user's system.
15dcabb57625a6ac1df6751330bd681f6da6639a3a6736c95f0c9284feab1addSecunia Security Advisory - Gentoo has issued an update for ffmpeg. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
1fc0c0498d9a3ced0cd8064a0676334c0f9319b8b2da20622c84af89199bbc9eMailman version 2.1.8 suffers from cross site scripting and log file injection vulnerabilities.
40bdec7e01b7583e1c4f60c05ebc6fef3a41a83fc2273667a7a4ec8f8c53d1afHotmail/MSN suffers from a slew of cross site scripting vulnerabilities.
fdce82a30bb280fb585e168012d410d3eaa28083187e2b58bd2e9c1e24b1822cRoxio Toast 7 Titanium on Mac OSX executes the kextload command with root privileges. The kextload command contains two vulnerabilities which can be exploited by a local user to gain local root access to the system. This advisory outlines both issues.
4d9a1d1c4b802566deb492490350c56c3638f0b626e4adf257715a70770d86bbDebian Security Advisory 1176-1 - It was discovered that the Zope web application server does not disable the csv_table directive in web pages containing ReST markup, allowing the exposure of files readable by the Zope server.
7d5e27726d2a9b6dd2482b16d30ab635f8ef12021869035a17a82f6a7020b46aGentoo Linux Security Advisory GLSA 200609-09 - FFmpeg contains buffer overflows in the AVI processing code. Versions less than 0.4.9_p20060530 are affected.
e894111e706ba6e0d94a2682ffa26cd829cb09aeb83fe08c09553f7e9c368e85Gentoo Linux Security Advisory GLSA 200609-08 - xine-lib contains buffer overflows in the processing of AVI. Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP plugin (xineplug_inp_http.so) via a long reply from an HTTP server. Versions less than 1.1.2-r2 are affected.
4994ebb197003a0bf6f15db373e7a719a02a3e13f8b9b66ff8be86b9ac90dcbeHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running ARPA transport software. The vulnerability could be exploited by a local, authenticated user to create a denial of service condition.
fc3dd46b55ba5e91498450a7c3136e5489bc556ecdfc00b961646a6f195e5c53HP Security Bulletin - A potential security vulnerability has been identified in HP OpenView Operations. This potential vulnerability could be exploited remotely to allow unauthorized access or to create a denial of service condition.
f09c59c3b089800f7f86e4cbf9a43b37008bfbbe7a0734bdceda06fb6427c72ePapers and presentations are now being accepted for PAKCON III, Pakistan's Underground Hacking Convention.
497013df1603c2c08ceea448f779ac4f4fac4a11be5e6c0e323856a8b799f953Rubyforger is a raw packet manipulation tool. It allows you to easily send, receive, and modify Ethernet, ARP, IP, TCP, UDP, and ICMP packets. Creating and modifying packets is easily done by adding layers and changing their parameters. Visualforge is a GUI packet crafter based on Rubyforger create, send, and receive packets and export the Ruby code in just a few clicks.
d6ab0d76f911eb76be67fdce47d26660b2c1c76b556c2702b0890bc108a0c4d9Gentoo Linux Security Advisory GLSA 200609-07 - Several integer overflows have been found in the CID font parser. Versions less than 1.2.1 are affected.
8746663d0745bb6bda011ad8451509af20d2d528c17259f03aa41a258675cf29Technical Cyber Security Alert TA06-256A - Apple QuickTime version 7.1.3 resolves multiple vulnerabilities in the way different types of image and media files are handled. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted image or media file with a vulnerable version of QuickTime. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page.
1293b4bb60313deb49941c1d7b6745a422a5f6db7b1f74e9b9b49b2973616d8fMcAfee Avert(tm) Labs Security Advisory - Seven code execution vulnerabilities are present in QuickTime support for various multimedia formats including: MOV, H.264, FLC, FPX and SGI. Exploitation could lead to execution of arbitrary code. User interaction is required for an attack to succeed. Vulnerable systems include QuickTime versions 7.1.2 and below for Mac OS X, QuickTime for Windows versions 7.1.2 and below.
baa83c53a32c6e6b2ca767a2b148f0a75247b22b96d758cc380dd86d88589895Debian Security Advisory 1175-1 - A flaw has been found in isakmpd, OpenBSD's implementation of the Internet Key Exchange protocol, that caused Security Associations to be created with a replay window of 0 when isakmpd was acting as the responder during SA negotiation. This could allow an attacker to re-inject sniffed IPsec packets, which would not be checked against the replay counter.
f0cd5a3c32823dfca5f684784b046ba9072799269ce0d6e3d6828ead14fae162Snitz Forums version 3.4.06 suffers from a cross site scripting vulnerability.
fed24b80dece106e69347b2b3dbe8d77332ca58a38f53ee761b2cd3faa743d58Internet Explorer COM object heap overflow download execution exploit.
8a10b87969039fc475bee722faa30092bf9e8e2e683b37a05ca04195ba81e11f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed