Secunia Security Advisory - Matteo Ignaccolo has reported a security issue in Linksys WAP610N, which can be exploited by malicious people to compromise a vulnerable system.
88b060999e5c1386a52de314ae88c49d449096b12f3565f1884fc5dc72037a84Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in the WP Forum Server plugin for WordPress, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
e1ee3e97cfbaf31a770946a56e2487b503c877044b9cd1e758184cdb3d7f51b2Secunia Security Advisory - Multiple vulnerabilities have been reported in DiY-Page, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
b07a6099288b535bf7531ae96f653b550d06b31d8a8eaa1bab27bd144778dce5Secunia Security Advisory - A vulnerability with an unknown impact has been reported in IBM Lotus Connections.
5201adba9f66784c94a8853ca69b471322c2b25dbdfbc0f10b956944181ce5bdSecunia Security Advisory - Fedora has issued an update for abcm2ps. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
2ae8263c6408c5bf6bbdf7f044aaca06998dc47f23a22da0ae7917d3a9488d9aSecunia Security Advisory - Two vulnerabilities have been reported in OpenLDAP, which can be exploited by malicious people to bypass certain security restrictions.
2dafb0fe9fa63313971368238022f23259ae568b2e05d81a546df1405856ecb7Secunia Security Advisory - Gjoko Krstic has discovered some vulnerabilities in TaskFreak, which can be exploited by malicious people to conduct cross-site scripting attacks.
44d340a65a0b576eaf91d824cf377e52bb1e3d32b4a67537189e407efd32935eSecunia Security Advisory - NoNameMT has discovered a vulnerability in Escort Agency CMS, which can be exploited by malicious people to conduct SQL injection attacks.
3d5aba01d1cc91f312a0e993992bcff874a6cae79940f64aebeac14c26aefb76Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4a1cdc8c6d992a4edd13c93b1eddae707d0fa925e4db8e5ab2fca47b5de4f466Secunia Security Advisory - Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
be86c9118726a83d9b4243b0a39c4462230ae9916c946a6239f53c1008527812Secunia Security Advisory - A vulnerability has been discovered in ProjectForge, which can be exploited by malicious people to conduct cross-site scripting attacks.
2b3c8d759d7e7f787967200096ec9c66dc5817531c2226afeeae4674f8830cd9Secunia Security Advisory - Ubuntu has issued an update for qemu-kvm. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
24e813b5c36b33d15df36d09784ff7e031924c674858a739becfc2126f3e37a4Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in Seo Panel, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
4a21c12dd6dfa7b67036b60cc6b208a68b486d7ee0916e7b4c38cda2153a213aSecunia Security Advisory - Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
a74b542a683a1fb565a472128f4fe9b7ef872d97c87512ec093e2e7068f0528eZero Day Initiative Advisory 11-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Security Agent Management Console. Authentication is not required to exploit this vulnerability. The flaw exists within the webagent.exe component which is handed requests by an Apache instance that listens by default on TCP port 443. When handling an st_upload request the process does not properly validate POST parameters used for a file creation. The contents of this newly created file are controllable via another POST variable. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
afbe55b3e564da923681dad32e0726e55ac683aee2d12b50ef9cf2d3abb1b9a3Zero Day Initiative Advisory 11-087 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the '/opt/novell/iprint/bin/ipsmd' component this component communicates with 'ilprsrvd' which listens on TCP port 515. When handling multiple LPR opcodes the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the iprint user.
d7e0117a956cd472bee18fe8352467a732e437b089cf3146bcd59c8a6c723556Debian Linux Security Advisory 2168-1 - Two vulnerabilities were discovered the distributed filesystem AFS. Andrew Deason discovered that a double free in the Rx server process could lead to denial of service or the execution of arbitrary code. It was discovered that insufficient error handling in the kernel module could lead to denial of service.
2851ebec291b8b1441546e98bdb9fc1d229c895084c4ab1c0adf2820fc3432cbDebian Linux Security Advisory 2167-1 - It was discovered that phpMyAdmin, a tool to administer MySQL over the web, suffers from an arbitrary query execution vulnerability.
34e352b971430e15f0cf88ee127f8fa67f1806585d70f91210a7f2fb7bd221b2Cisco Security Advisory - The Management Center for Cisco Security Agent is affected by a vulnerability that may allow an unauthenticated attacker to perform remote code execution on the affected device. Cisco has released free software updates that address this vulnerability. A workaround is available to mitigate this vulnerability.
8a30271766ef9217b8676a1167d5ca59656931fa55e196a9c9e122a70d3f9355Debian Linux Security Advisory 2166-1 - Several vulnerabilities were discovered in the Chromium browser.
a6a76d3c535b5fb417f4e7106d5ad0ee7686155e667ca967a7c17a31f118f588A request that included a specially crafted request parameter could be used to inject arbitrary HTML or Javascript into the Apache Archiva user management page. Versions 1.3.3 and earlier are affected.
ef5405a5cdb908fbdea9c2ca94e9485904f66d387638df61bed5396d7b39036aDebian Linux Security Advisory 2165-1 - Several vulnerabilities have been discovered in FFmpeg coders, which are used by by MPlayer and other applications.
b86d844f77a36230e7ea5dd52db346756dc5589423153d62a071288e7d8462edDebian Linux Security Advisory 2164-1 - Kees Cook discovered that the chfn and chsh utilities do not properly sanitize user input that includes newlines. An attacker could use this to to corrupt passwd entries and may create users or groups in NIS environments.
3c7165f169abaa8fe7fc4e48f066e16009452afff08998bc155b3bce7e40bb3bDrupal versions 6.20 and below suffer from broken anti-automation and path disclosure vulnerabilities.
998d6854d0553d84a23f01ebfab42858ac12d515cef3a3c74af722f5b84febcaUbuntu Security Notice 1065-1 - Kees Cook discovered that some shadow utilities did not correctly validate user input. A local attacker could exploit this flaw to inject newlines into the /etc/passwd file. If the system was configured to use NIS, this could lead to existing NIS groups or users gaining or losing access to the system, resulting in a denial of service or unauthorized access.
92adb8f4be3a172b9daf23a25bcfb40f576aef58e5527fc907ecb89a7df62a69
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed