Secunia Security Advisory - Cedric Cochin has reported a vulnerability in PhotoPost PHP Pro, which can be exploited by malicious people to conduct script insertion attacks.
2c03637fa3cf006766b93badff9de2357171d725b0b7cd5b73886b2bdb8147bfSecunia Security Advisory - ReZEN and 0xception have discovered a vulnerability in Simple PHP Blog, which can be exploited by malicious users to compromise a vulnerable system.
3588e1bec822c8f45208bd8f3e14b3dc03a2fd5fe7e039528b84b78156d6f1f8Fileutils 4.1 programs crash when working with huge directory trees. Proof of concept included.
9b92da80932cccb05d1b78007d83a22161864bc8382d6afa2e21cdfded8047e5HP OpenView Network Node Manager 6.41 and 7.5 running on Solaris 8 and possibly other versions suffer from an input sanitization vulnerability leading to command execution.
3e81f46fdcedfadbe17c7ee06e37ef2087c97af56053ad55459cd886e0a9cd78The new iTAN security feature for online banking promoted by german banks does not protect against phishing attacks and trojans as claimed.
cb1adf92269713fa4bf2b3ab42a898b4be796883e01115470b2291968fd231e9Astaro Security Linux 6.0.0.1 suffers from several vulnerabilities.
23dc7633c5a9b447fdb1049d7a5414bb229327bbae59eb7b99df53cbe0999110Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
e296dc932558876aa03691cc4ba4a8ff742813c8186cbe20bf4bf2e7e1e662baInteger overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
67dac94f58834ac95814d61aff301273abab4bf7af28c2c919f89dbece0aae80A vulnerability in bluez-utils was discovered by Henryk Plotz. Due to missing input sanitizing, it was possible for an attacker to execute arbitrary commands supplied as a device name from the remote bluetooth device.
c78df857068d0651a0e2e8ea70b1df85952d226a1d91be949a7a2474ffc93450Javier Fernandez-Sanguino Pena discovered that the pwmconfig script in the lm_sensors package created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges because pwmconfig is typically executed by root.
1eb757480487e5bde151ffe0b5c8a09b452e11ae2137fe90de1c1c1398988c76It has been discovered that libpam-ldap, the Pluggable Authentication Module allowing LDAP interfaces, ignores the result of an attempt to authenticate against an LDAP server that does not set an optional data field.
a74992637e7caddaf288f4816c0a816ce56ad09221e09eaa931c5a8815a9e774A problem has been discovered in the Courier Mail Server. DNS failures were not handled properly when looking up Sender Policy Framework (SPF) records, which could allow attackers to cause memory corruption. The default configuration on Debian has SPF checking disabled, so most machines are not vulnerable. This is explained in the "courier" manpage, section SENDER POLICY FRAMEWORK KEYWORDS.
4791db65b070115c9319262602f28a2428e8d493c034f745fedfc4a9a49b79ffGentoo Linux Security Advisory GLSA 200508-17 - libpcre fails to check certain quantifier values in regular expressions for sane values. Versions less than 6.3 are affected.
224bda203275253f4274882215e35069c1a73ee408abb30f862e41a7cc47ac47Secunia Security Advisory - Two vulnerabilities have been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or bypass certain security restrictions.
51b1c5f0892cfab0d57a8221cd05d237a39bd44486061557538e74f451378444Secunia Security Advisory - Maksymilian Arciemowicz has discovered a vulnerability in PostNuke, which can be exploited by malicious administrative users to conduct SQL injection attacks.
133ece29c89761df1c92e41b04b9a93bdb747053223f15aa1c95b3621f9b2968Secunia Security Advisory - Gentoo has issued an update for tor. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose or modify certain sensitive information.
c673188a76d0dafc7c15679819b22ea46f7c6da5fa110372843de5dd81a15698Secunia Security Advisory - Donato Ferrante has discovered a vulnerability in Home FTP Server, which can be exploited by malicious users to access arbitrary files on a vulnerable system.
2b755b75be2fa4b2ebd14998b8a07242a92f17271db2939dc5d2441e908f90d9Secunia Security Advisory - Some vulnerabilities have been reported in phpGroupWare, which can be exploited by malicious administrative users to conduct script insertion attacks, or by malicious people to bypass certain security restrictions or compromise a vulnerable system.
2cee8ba228708e549f7d184c6322bb69c7c38a1ec6d4ae42c915e108b42f8ea5Secunia Security Advisory - Filip Sneppe has reported a vulnerability in Apache, which can be exploited by malicious people to cause a DoS (Denial of Service).
38f4737b6e6cdc8991b8227d81480f79f3ddfbc995425df1acd9c74c836cb2caSecunia Security Advisory - Debian has issued an update for courier. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
3ab35e9b33b2526bc9adc060562b45cb3c93804f496f0f1ca9bf6f2b8c6727b8Secunia Security Advisory - A vulnerability has been reported in Symantec AntiVirus Corporate Edition and Symantec Client Security, which can be exploited by malicious, local users to gain escalated privileges.
016f4e3fdce945fe527007a6abc43b34165ef37e67edb57db56c210c11464baaSecunia Security Advisory - A vulnerability has been reported in TikiWiki, which can be exploited by malicious people to compromise a vulnerable system.
e88722da91429c96de2e66260e8c69b13636c90a167ce555625ff455565414e9Secunia Security Advisory - ali202 has discovered a vulnerability in Foojan WMS, which can be exploited by malicious people to conduct script insertion attacks.
f4ad95ca366f7acfb0904460ce0ef4db16edef55a2b2428a53c0ea8e1131f353Secunia Security Advisory - deluxe89 has discovered a vulnerability in PaFileDB, which can be exploited by malicious people to conduct SQL injection attacks.
5c88197957db3f859bd5b9bac1580c43ba955383330d227b8a51cadbc47b8b46Secunia Security Advisory - Gentoo has issued an update for apache. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
5d95cfa5e03397f95f9fededf776b0399cbc48107d5f30680fd8654d0c01031e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed