Gentoo Linux Security Advisory GLSA 200709-04 - The po4a development team reported a race condition in the gettextize() function when creating the file /tmp/gettextization.failed.po. Versions less than 0.32-r1 are affected.
8c854fdf2da8c4aac438f630d55a13b97c9bd46b0017008ea3841d9e656877b2Gentoo Linux Security Advisory GLSA 200709-03 - Chris Rohlf discovered several boundary errors in the httplib_parse_sc_header() function when processing HTTP headers. Versions less than 1.62.2 are affected.
bfd4f2b0df6680d5f2e45f07cbd031298d9352d2ab2429f1ede3566f6dc21402Gentoo Linux Security Advisory GLSA 200709-02 - Stefan Cornelius from Secunia Research discovered that the parseIrcUrl() function in file src/kvirc/kernel/kvi_ircurl.cpp does not properly sanitise parts of the URI when building the command for KVIrc's internal script system. Versions less than 3.2.6_pre20070714 are affected.
90d4937d305e3af40aa7ae6c9d542bb105c2c3b6bdb32ff4be1d2d3fe479490dMandriva Linux Security Advisory - The bgpd daemon in Quagga prior to 0.99.9 allowed remote BGP peers to cause a denial of service crash via a malformed OPEN message or COMMUNITY attribute.
2ec6bbec1236fc1f6e3127765b7e55e3fa0d31fcf3e7f94056179cc3a5c00830Mandriva Linux Security Advisory - A stack buffer overflow vulnerability was discovered in the RPCSEC_GSS RPC library by Tenable Network Security that could potentially allow for the execution of arbitrary code.
fcb6d093bfd1297505d92ab2f4a3e29b414561911105c5fe46ae25a93ef65eafK-Rate Clone is susceptible to a SQL injection vulnerability.
84d9350bc743ec2b37640ca0347dffa86b039b03c33e1f4a3ae543f59c978c7fPacket Storm new exploits for July, 2007.
a17aa4778272538856a766813fdd1b6c661b0319fe91e563bd323e03f8b78f8fWinSCP versions 4.03 and below appear to install url protocol handlers that allow malicious web content the ability to automatically upload files from a local system.
ef4292f59dbd9b5cfdf98a5f44fceb43efc90576edad4d802b8309ed5d032f65Quagga bgpd version 0.99.8 suffers from a remote denial of service vulnerability.
a643fe7b20e97d462b4461df79f25858f310676b357a7736c5fd8f8217bcdf15A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of MIT Kerberos. Authentication is not required to exploit this vulnerability. The specific flaw exists in the svcauth_gss_validate() function. By sending a large authentication context over RPC, a stack based buffer overflow occurs, resulting in a situation allowing for remote code execution.
4f27736766dd291c21626e29d205e6321ce49701a70947701679ef544a592165Apache2 suffers from a UTF-7 cross site scripting vulnerability via mod_autoindex.c.
6ace88cbe8daee6b008a24582728c2d92a83999b7307799abfda77d5dfe36e81Code Audit Labs has discovered heap overflows and denial of service vulnerabilities in multiple media players including MPlayer, StormPlayer, etc.
3124963071341b2df128e1303498b4c664007564f3f0bdbe585e20b5fe6dedbbDue to poor memory allocation management, Ekiga versions 2.0.5 and below are susceptible to a denial of service condition.
f96123da6a4fdf8c6cf9e4c413f57a25dee873f75f0e9569dcef9eb45344294dRSA EnVision version 3.3.6 build 0115 suffers from a cross site scripting vulnerability.
155d097d8a21c44bf3097bf7800097e4b27435f541f97b12cd7875ff33342cdfApple Quicktime proof of concept command execution exploit that leverages browsers.
c877deb8b315ef3440d68833644675a5aafe7641e58cac18e44be9b40b4e27e5Microsoft SQL Server Distributed Management Objects buffer overflow exploit that launches calc.exe.
ab1ff9171983a3eb09286b7da5a6a2cc8cda7250e7fbc0d31fec028f93f25b8fThe Joomla Radio component version 5 suffers from a remote file inclusion vulnerability.
73572a59238405f9eb855be115717e009cbc4fb1322660e92f68b650ba67544cThe KwsPHP module suffers from a remote SQL injection vulnerability.
890046b59d1ad8486871d3eeab911d263bf9d8350bb58ea8f1c094c2c49711c9Wordpress Pwnpress Exploitation Toolkit. Works on multiple versions. GUI version.
4236e25c7800fe6d54c5450e16f609b6908b17972d3041718a691185d3b31202Wordpress Pwnpress Exploitation Toolkit. Works on multiple versions.
8580b757e2416565607ead6887542d2326719b6a466bf96d6daa3fefa95ed7f0JetCast Server version 2.0.0.4308 remote denial of service exploit.
26d83bca37fa70cfba6ad1cad22a7195c2a873cf842dee029b47023fa3477c2dSecunia Security Advisory - A vulnerability has been reported in Plesk, which can be exploited by malicious people to conduct SQL injection attacks.
e2b525b275de64363bf3d8f423d7adf7f18f792cd11ac84b21a92d8dd31c563fSecunia Security Advisory - Slackware has issued an update for php. This fixes a weakness and some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users and malicious, local users to bypass certain security restrictions.
76e282a8e8144ad0e3d4e16441e261c16311f83edb48c7517fb8a7a55b38dac3Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some weaknesses, a security issue, and some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to bypass certain security restrictions and cause a DoS.
c2f477a267b98972522e9ff03b2c646631dddf1fce66156a7fb426bc91e0bb14Secunia Security Advisory - Slackware has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
ae91a5a3d829c4de61e04ff56f9716a403e3d19e8442883463d861db06bf251b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed