Secunia Security Advisory - rPath has issued an update for texinfo. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
420c9805eb6912bbafd7687afb66db7974f82347096d9985cfcbb145d871f84fNuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
c0b71af4d2ec64471905d30d232280a58734adc007c3b1b1cb8026cd783bb2e6Transient Bluetooth Environment Auditor includes an ncurses-based Bluetooth scanner (a bit similar to kismet), a Bluetooth DoS tool, and a Bluetooth hidden device locator.
9bcae88fc93eb6840341b1682f06fecb5a3503218620e15e7a6ba157691e27ddGentoo Linux Security Advisory GLSA 200611-22 - Ingo H3 fails to properly escape shell metacharacters in procmail rules. Versions less than 1.1.2 are affected.
beb1c73b7b992fd2546c459fa2a97f874f61dc157643d494d37798bb50feb878Gentoo Linux Security Advisory GLSA 200611-21 - Kile fails to set the same permissions on backup files as on the original file. This is similar to CVE-2005-1920. Versions less than 1.9.2-r1 are affected.
9c12afa12a8dab17aca312906527e06803fc6c6529ab28579449cf3493220ecbDebian Security Advisory 1220-1 - Brian May discovered that pstotext, a utility to extract plain text from Postscript and PDF files, performs insufficient quoting of file names, which allows execution of arbitrary shell commands.
64ec0df7d0f4dfe700974edb25dd99297888b2f611ee7451f940d325b9c33f49Aimject facilitates man-in-the-middle attacks against AOL Instant Messenger's OSCAR protocol via a simple GTK interface.
48101949b13bb6ba02b0cc6cbe6f9c377d39e802481cf75c631befc73ee96b4cNetBIOS Enumeration Utility (NBTEnum) is a utility for Windows that can be used to enumerate NetBIOS information from one host or a range of hosts. The enumerated information includes the network transports, NetBIOS name, account lockout threshold, logged on users, local groups and users, global groups and users, and shares. If run under the context of a valid user account additional information is enumerated including operating system information, services, installed programs, Auto Admin Logon information and encrypted WinVNC/RealVNC passwords. This utility will also perform password checking with the use of a dictionary file. Runs on Windows NT 4.0/2000/XP/2003. PERL source included.
b45e9b8f0dfd57e2ccef45caba51ab4a9a17ce8fc9154b6a7eaae3fb6e43d23cCahier de texte version 2.0 remote SQL code execution exploit.
30a747b1f9476c5761a0d7df7fc3730fdfaa6d220cec8b7669f7361fd73f3d1f278 byte shellcode for Solaris that downloads a binary named evil-dl from a host and saves it to /tmp/ff and then executes it.
bf7207f4db48a0b9dde6f35a1c6b899fc0c0213145bbf35b353cba491c4e83f3Full write up discussing password theft with Firefox using RCSR, aka Reverse Cross-Site Request attacks.
ae4f7b381219369a7cde2ec73988e91a25e4193c848436f3362179131786ab74WebHost Manager version 3.1.0 suffers from cross site scripting vulnerabilities.
7c6830472aa995fe76c5296982b5a89d450c123c1ca6a1787136c2c9f8f6636cCPanel 11 Beta suffers from cross site scripting vulnerabilities.
37c0ec5c154b75739e01f107c8db1f5097b0d3287d7383606abc3880e9f057b1MidiCart ASP Shopping Cart suffers from a SQL injection vulnerability.
d3a56ae6b4de823925a16198e79beadfb509672fc92147013a67fc32e476da69ASP ListPics version 5.0 suffers from a SQL injection vulnerability.
65a55b13eaeab07d49db1dcd2f3c0b2fed1066b8ec84e5b9bede42bdef02fc3d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed