Packet Storm new exploits for May, 2009.
a5588d38f3448a98a81542c11a88a649877e48cd616731ceac7cf6a0489724f2
The Linksys WAG54G2 web manager console suffers from an arbitrary command execution vulnerability.
242c4cc4c2c31313cfbdcbf2f57fea5dbd4335c967877faa3d4b6bf26d74123b
The ASMAX AR 804 Gu web management console suffers from an arbitrary command execution vulnerability.
33b4587e6647267afbf6c0eb9606a9cfb87f2fd747d9ffb5d8014bddcaf365c9
Roxio CinePlayer version 3.2 remote buffer overflow exploit that leverages IAManager.dll.
ed043f658dc686287db1e0e676a4fb93641cbdd2fea1a8fd928f21deb467711b
Debian Security Advisory 1808-1 - Markus Petrux discovered a cross-site scripting vulnerability in the taxonomy module of drupal6, a fully-featured content management framework. It is also possible that certain browsers using the UTF-7 encoding are vulnerable to a different cross-site scripting vulnerability.
5755dfe6d523cc338bc55c72c1ca5ca245f4daddc9ff1a385a1067ef0b9868d8
Debian Security Advisory 1807-1 - James Ralston discovered that the sasl_encode64() function of cyrus-sasl2, a free library implementing the Simple Authentication and Security Layer, suffers from a missing null termination in certain situations. This causes several buffer overflows in situations where cyrus-sasl2 itself requires the string to be null terminated which can lead to denial of service or arbitrary code execution.
afb4f27e7294bb89587a5da4a5b1dee6b80a732514182675444d918eba3d9825
Mandriva Linux Security Advisory 2009-125 - Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. This update provides Wireshark 1.0.8, which is not vulnerable to this issue.
faaf8e79cc4b029323a76268c9c17989f0f5d0412a4e6803567fd063ae1fb6db
Mandriva Linux Security Advisory 2009-124 - Multiple vulnerabilities has been found and corrected in apache including a memory leak in libssl, a cross site scripting vulnerability in proxy_ftp.c, and a local privilege escalation issue.
621d485edd40612668fe7da7038e0c1f04a40ce36dbfca578ba3006c909d9dca
Secunia Security Advisory - Some vulnerabilities have been discovered in Escon SupportPortal, which can be exploited by malicious people to conduct SQL injection attacks.
38d2bfe7228478b7607d1b1b6399d9f41e12332249ee753ddb0b39819f8b1864
Secunia Security Advisory - Jacques Copeau has reported a vulnerability in WoltLab Burning Board, which can be exploited by malicious users to conduct cross-site scripting attacks.
fec8125989710002470d7a424e79eb58f331128b8c8c2217e2f41f40554faa36
Secunia Security Advisory - ByALBAYX has reported a security issue in ASP Football Pool, which can be exploited by malicious people to disclose sensitive information.
cb0eb3d9dbe9b24f60875d8138a7dcf060d8403895cc4cc0fe0f22dbe7e4d3ee
Secunia Security Advisory - xoron has discovered a vulnerability in AdaptBB, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.
544eb66d879d0e11539cc59477fbf73946eac28eace128293a51625dfd67d87b
Secunia Security Advisory - Inferno has discovered a vulnerability in LogMeIn, which can be exploited by malicious people to conduct cross-site request forgery attacks.
8257777d86cf6120609ed0a0b53368a1ab9e8729a26ad36cebf4d0c63defa708
Secunia Security Advisory - Some vulnerabilities have been discovered in Online Grades, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
b1a4aeba46e28b55bac3d19cd48bc15660a7c37ab1e890e32ee28982315a7121
Secunia Security Advisory - A vulnerability has been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
c8f28ff79b0d298a094add2bdb453be73c52da378febc9d399b20e28327d9fc9
Secunia Security Advisory - Nico Leidecker has discovered a vulnerability in OCS Inventory NG, which can be exploited by malicious people to conduct SQL injection attacks.
7df3c01c9c35d5ceec448cb25b7830a16420d0a1797793f386e806ec8d38cbf1
Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and bypass certain security restrictions, and by malicious users and malicious people to cause a DoS and potentially execute arbitrary code.
f4fc897b9e07a1f77a48b1a61d91f65b728e1822e439767857589f227aa823b3
Secunia Security Advisory - A vulnerability has been reported in RadCLASSIFIEDS, which can be exploited by malicious people to conduct SQL injection attacks.
bfef619e6dc07b134f68bd861fa83b9ab9fb9928d0c559f236ba866e52e9ddaf
Secunia Security Advisory - A vulnerability has been reported in SafeNet SoftRemote, which can be exploited by malicious people to compromise a vulnerable system.
57d627f37af6ccb7cff54e8d46b1337546761f0b587dd1373c34946a237726b9
Secunia Security Advisory - Nico Leidecker has reported some vulnerabilities in OCS Inventory NG, which can be exploited by malicious people to conduct SQL injection attacks.
346f6c7ab60b854aa149c33deb229209a9f48cbf53b67750287688b3537cb63e
Secunia Security Advisory - Some vulnerabilities have been discovered in Unclassified NewsBoard, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and conduct SQL injection attacks.
4f732a07fe741249b207f44406fbc1cd90b602c05fe9d11e5bfc11443bd1eee8
Secunia Security Advisory - A security issue and a vulnerability have been reported in IBM DB2, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
7942ee06ef70a25f0679ef3814af79a80ca034fb36e8febb4b5a9860f5914dde
Secunia Security Advisory - A vulnerability has been discovered in GStreamer Good Plug-ins, which can be exploited by malicious people to potentially compromise an application using the library.
0b46aebde33216a37bd5fda2089cff65cb616ccbd493a5a65fe811f233a7e4d3
Secunia Security Advisory - A vulnerability has been reported in Omniformat, which can be exploited by malicious people to potentially compromise a user's system.
dc1c94bfb074e43bf14db14e360b291f488cd40f6511e3bb9d838d2ad16fab4b
Secunia Security Advisory - A vulnerability has been reported in Ston3D, which can be exploited by malicious people to compromise a user's system.
a1f2a444dda66290339891579608df08fad0fb2c82d7eb3e1e290daa539f1f62