Debian Linux Security Advisory 2244-1 - It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable.
1d5d9062a169179cd4ddf94fe0a3ecabc58a694c5253fb7da52827e2d41efd17Debian Linux Security Advisory 2243-1 - It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query.
e9b7b8f531d7f0bf62453a71f0ee84e29f0c50968fee5a72a1b77af5437f7843This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.
c237c137715ec6c6b22b18847817cae159ad2b52af7a8aac8da06ea03c3945fdApache Archiva versions 1.3.0 through 1.3.4 suffer from a cross site scripting vulnerability.
5efbf8901967ec7d67fef99169880a4eb9b5f7f796e2016b76d3c042d56f0674Lil' HTTP Server version 2.2 suffers from a cross site scripting vulnerability in a default CGI script.
1cd00218bbd303ceb7a7c683ad4f9e471fe94b3e8bd6679f9bf4aab7ee9035d7Proof of concept cross site request forgery code that adds a user for cPanel versions prior to 11.25.
a024c484981bd080759beb56b4616306d09fd3038a7cbfbd27ace111d7c4bed6This is a brief whitepaper discussing tools and methodologies used by black hat hackers.
99cb5168fe73f25bc8cebea491434ac4136ad39ade7060bd9bca61721ecbea5cApache Archiva versions 1.3.0 through 1.3.4 suffer from a cross site request forgery vulnerability.
eb08092f53d1420b2409813356b48e5d1e17042b1c5cf9f2453f2175c720699dDNS BIND Security Advisory - A BIND 9 DNS server set up to be a caching resolver is vulnerable to a user querying a domain with very large resource record sets (RRSets) when trying to negatively cache a response. This can cause the BIND 9 DNS server (named process) to crash. Versions affected include 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, 9.8.0 and later.
fa50a97638e2f7e6a97d4f93201d255bcf855b0b42fd27b17eea562af70dec7fCall For Papers for the ICSEA 2011 conference that will be held in Barcelona, Spain from October 23rd through the 28th, 2011.
6c36348fa85097c824b4cfd1b14221c32c0498192a58deb9ab907368fecab4d4This Metasploit module exploits a source code disclosure/download vulnerability in versions 2.2c and prior of LilHTTP.
c2b75ab624e45f5f7aa4903e98c06bac4c9031186419bdf1c964c9adc0dc1287Trustwave WebDefend suffers from a static database password vulnerability. It was discovered in various DLLs and EXEs and affects WebDefend Enterprise Manager Appliance / Console software versions 5.0 and 4.0.
af8e8db72fb21529ddd405451250cf64c1245de881c6b67c33191743d4d5a7f7AIDeX Mini-Webserver version 1.4 integrated chat suffers from a persistent cross site scripting vulnerability.
63f08b95e3d992ec65cfd62a1c051d262be94d3bea6b68f906be082536cf1b6eiptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
c436df01657b30fe1ee7bb14324e5250adefaaaad8fde5760f95f3db55ae4618Magneto ICMP ActiveX version 4.0.0.20 ICMPSendEchoRequest remote code execution exploit.
876aff9acdbf575a2e84dd3ba6795effc4990578f83f52992f9b6a1f9bb42b99This shellcode downloads and executes a file via a reverse DNS channel.
137d4935c5dba1bc9303b67ee85506910151f930ad28d4a31438dd485aafed4bHB Ecommerce suffers from a remote SQL injection vulnerability.
8528a3101bc6b3f501b2554bb1afe92ddb94151a1cd38f6ca2dea1fc1480e803Ubuntu Security Notice 1138-2 - USN-1138-1 fixed a vulnerability in DBus-GLib. NetworkManager and ModemManager required rebuilding against the updated DBus-GLib to incorporate the changes. It was discovered that DBus-GLib did not properly verify the access flag of exported GObject properties under certain circumstances. A local attacker could exploit this to bypass intended access restrictions or possibly cause a denial of service.
3a419fab7b32032bd3eaa04ad96c2f47ef0907a28bc4afa4493a9cb97e3c90e9Ubuntu Security Notice 1138-1 - It was discovered that DBus-GLib did not properly verify the access flag of exported GObject properties under certain circumstances. A local attacker could exploit this to bypass intended access restrictions or possibly cause a denial of service.
c935c17e82d36e21de9f5a0ab05a59ede86e3264481de05296335a94ab380a54Ubuntu Security Notice 1137-1 - Juraj Somorovsky, Jorg Schwenk, Meiko Jensen and Xiaofeng Lou discovered that Eucalyptus did not properly validate SOAP requests. An unauthenticated remote attacker could exploit this to submit arbitrary commands to the Eucalyptus SOAP interface in the context of an authenticated user.
70f2755b4d3cbc4f775f55a6948dcb13931a0c487ececdf66ab508dac31f4c2aThe Joomla Restaurants component suffers from a remote SQL injection vulnerability.
b5a9d4afa1ded0712ad5764745b1657176507b0a3aba7019dc7b6a1124e39be6Secunia Security Advisory - Debian has issued an update for cyrus-imapd-2.2. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.
c4fedb1fe4adb7ba572d8cf87aa0fe3f2d26fb091d8de0d0370fbdfd68776663Secunia Security Advisory - A vulnerability has been reported in Wing FTP Server, which can be exploited by malicious people to bypass certain security restrictions.
a20f3cbf20ae557fc0eea78f121b795227506be919dbc2346c8d9ea4f3af97c2Secunia Security Advisory - A vulnerability has been reported in Cisco Content Delivery System, which can be exploited by malicious people to cause a DoS (Denial of Service).
df96d124ce4210454a22337408d34ac08e5b269895812c0c70bc5dbde4f56b20Secunia Security Advisory - Ubuntu has issued an update for exim4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
0078a1db4d4804da1ceecdc21c124cfd468c6a06632e0c5444bec3c77a85320c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed