Secunia Security Advisory - A vulnerability has been reported in VMware vCenter Chargeback Manager, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
e3e90396296351832fff722df8ef0d5b621147b84355362eb80b887bd5ff0251Secunia Security Advisory - Multiple vulnerabilities have been discovered in SysAid, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
a7257109f58afbbd6f8b15ce6c73937e9efed591f7e1c6f7702cce5ef15c3ce5Secunia Security Advisory - A vulnerability has been reported in the Block Class module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
8d3350d2197f7c1f1138f051be460117ee51e5dce287c0b584cff4359d5fe68dSecunia Security Advisory - A vulnerability has been reported in the Node Recommendation module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
a58680143db606188d5c001e465097d6a830058a74b249a7f4e61337a51b1ee1phpMyVisites version 2.4 suffers from multiple cross site scripting vulnerabilities.
213a7f7ab93a2bdf6e34d96925e7f31fa9c25e08e70502e9c597b4a922f108baHoldem Manager version 1.11 suffers from multiple memory corruption vulnerabilities.
ba957bf5e9140e630cc73a1d40c9a3be12cd74237c09dfc7db9511a85adf3100This is an advance notification of security bulletins that Microsoft is intending to release on March 13, 2012.
d8ef92a4a96e391b3241f5ed906c6bd4f096e3a5fc36bd0edaf5489347475637Vanguard is a comprehensive web penetration testing tool written in Perl that identifies vulnerabilities in web applications. It provides crawling, uses LibWhisker2 for HTTP IDS evasion, and checks for issues like SQL injection, XSS, LDAP injection and more.
e9fe05e9f354052754da5bb770ef1650823b1d470f2edd853613952fa5e02ac1This whitepaper discusses using ICMP as a covert tunnel for traffic. An example of this technique is tunneling complete TCP traffic over ping requests and replies. More technically it works by injecting arbitrary data into an echo packet sent to a remote computer. The remote computer replies in the same manner, injecting an answer into another ICMP packet and sending it back.
b3f9abf0a20186c20b5029836a0257f08fc519a4a564f7ad5fd760ed03754755Pitrinec MacroToolworks version 7.5 suffers from a buffer overflow vulnerability.
d49a142622e868df3c34d8b8c8ab710381a4ee9cf3d94ae64b06cd5021209ddbRed Hat Security Advisory 2012-0376-01 - SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory. Additionally, a privileged user could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled.
e422ced8c0db13d83d39754c32ac7ba21d17c4d96665817fad593c0d7a570d7dDebian Linux Security Advisory 2428-1 - Mateusz Jurczyk from the Google Security Team discovered several vulnerabilities in Freetype's parsing of BDF, Type1 and TrueType fonts, which could result in the execution of arbitrary code if a malformed font file is processed.
886293d86accc3d80d600c63a61781984074e5b2beda499132f372e4ed2dba17Ubuntu Security Notice 1395-1 - Markus Vervier discovered that PyPAM incorrectly handled passwords containing NULL bytes. An attacker could exploit this to cause applications using PyPAM to crash, or possibly execute arbitrary code.
b1a8fc445877f4268bbbc0f2331533ede115fc8cdd1e6992f189e0cbec286da4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed