PostNuke version 0.726, and possibly earlier releases, are open to SQL injection and cross site scripting attacks due to a lack of proper parameter sanitizing.
307fc789ac7baf754c526ec507e9ec95ce669371ebffc34964b0347615a87b33GoodTech Telnet Server 4.x for Microsoft Windows NT/2000/XP is susceptible to a denial of service attack when attempting to handle an overly long input string.
5c871cf563cc5cef0a8599c21076c25db7e87a2d6615675ca13014051d04ff28Multiple cross site scripting and SQL injection vulnerabilities lie in Phorum versions 3.4.5 and below.
ce4d046825486555efd93f2110f9b7992cef09964eb5fe0fa25ef24f3a1b770bLotus Notes version 6.0.2 on Linux installs with faulty permissions on its notes.ini file which would allow local attackers to compromise the system.
99641299508cfd2408eb78d99c4ead40d71cad304a5188181956419b494672ecZyXEL10 OF ZyWALL Series Router is susceptible to a cross site scripting attack.
ee9f4824af384a671547c486d07eb46e1a295e1ffe39decf1e30901262c30b3bEDIMAX AR-6004 Full Rate ADSL Router is susceptible to a cross site scripting attack.
e60dc46a7028812c72768187eebecb1750f580ea6cb9cc644981336ebebec558SnapStream PVS LITE is susceptible to a cross site scripting attack.
97b08742f17b79738d2135f6e42fb6c4e09cbea0c66cd9aa29021fe5c822f5baRealNetworks fails to address a Cross-Site Scripting vulnerability in RealOne Player.
e5d41b80670285aa34a485a8ca9bb79cf4d12c03325caa345bc3bd8b0fd6ad3cAQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.
1cc8f2eec00f14d310835e89c0e3a53b9d47467a9845df76a8e8d4c71dfffb75Secunia Security Advisory SA10533 - A vulnerability has been reported in the Linux 2.4.x kernel series, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. The vulnerability is caused due to an unspecified error in /dev/rtc real time clock routines, which may disclose parts of kernel memory to unprivileged users.
62bea4925406d236faf5da1e33e91c97328a34267747c2fc75408a4b47fa8eceWebcam Watchdog version 3.63 and below is vulnerable to a remotely exploitable stack based buffer overflow which can be triggered via an overly long HTTP GET request. Full detailed analysis of the vulnerability is given.
34ec3b6aeb6958e021532b1ec31ba27920f2b0f383ccc1a21f79f4b6fae76fadSwitch Off versions 2.3 and below suffer from a denial of service vulnerability and a stack-based buffer overflow in the message parameter of the application that may allow a remote attacker the ability to gain SYSTEM privileges.
59fe50b91ad162027a185b970c6995d4fd92e10ea3fac2df0d668fc177adbe9dThe mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access.
1f3565207e96102d6a63c660b43ba3e8e06061f744c34c3ff6a6df7a1d02e5ef
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed