Exploit the possiblities
Showing 1 - 25 of 740 RSS Feed

Files

Mandriva Linux Security Advisory 2011-057
Posted Mar 31, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-057 - The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.

tags | advisory, remote, web, root
systems | linux, mandriva
advisories | CVE-2011-1176
MD5 | 31575dfd2690776449de387b510ce9d1
Ubuntu Security Notice USN-1100-1
Posted Mar 31, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1100-1 - It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. It was discovered that OpenLDAP did not properly perform authentication checks to the rootdn when using the back-ndb backend. An attacker could exploit this to access the directory by sending an arbitrary password. Ubuntu does not ship OpenLDAP with back-ndb support by default. This issue did not affect Ubuntu 8.04 LTS. It was discovered that OpenLDAP did not properly validate modrdn requests. An unauthenticated remote user could use this to cause a denial of service via application crash.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1024, CVE-2011-1025, CVE-2011-1081
MD5 | 105acb722cf292813b82a0d12174cf64
MaxSite Anti Spam Image Anti-Automation
Posted Mar 31, 2011
Authored by MustLive

The MaxSite Anti Spam Image plugin version 0.6 for WordPress suffers from an anti-automation vulnerability.

tags | advisory
MD5 | 4c8ed9d700c1f149be1e5cfdb316fb6b
Debian Security Advisory 2208-2
Posted Mar 31, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2208-2 - The BIND, a DNS server, contains a defect related to the processing of new DNSSEC DS records by the caching resolver, which may lead to name resolution failures in the delegated zone. If DNSSEC validation is enabled, this issue can make domains ending in .COM unavailable when the DS record for .COM is added to the DNS root zone on March 31st, 2011. An unpatched server which is affected by this issue can be restarted, thus re-enabling resolution of .COM domains.

tags | advisory, root
systems | linux, debian
MD5 | 75b516f00fa3615cf38b24acd384bcfd
Ubuntu Security Notice USN-1099-1
Posted Mar 31, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1099-1 - Sebastian Krahmer discovered that GDM (GNOME Display Manager) did not properly drop privileges when handling the cache directories used to store users' dmrc and face icon files. This could allow a local attacker to change the ownership of arbitrary files, thereby gaining root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2011-0727
MD5 | 9c6fb2fe0799cd3a6d93939fd62ae0ac
Secunia Security Advisory 43924
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Secure Access Control System, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | cisco
MD5 | 319e4abb18a363cc83354774d563ff0f
Secunia Security Advisory 43950
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Translation Management module for Drupal, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, sql injection, csrf
MD5 | 913a53299fa4fb1da1768af3286a7167
Secunia Security Advisory 43949
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in PHPBoost, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 455fe2b0439faf1639fe974214720f23
Secunia Security Advisory 43936
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, suse
MD5 | 510ba6b7f1e3a49662b51d8d6591efc2
Secunia Security Advisory 43885
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in VMware Workstation, which can be exploited by malicious, local users to gain potentially escalated privileges.

tags | advisory, local
MD5 | 248b20bf82d41c649aaaad179f7f3873
Secunia Security Advisory 43878
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mahara. This fixes two vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
systems | linux, debian
MD5 | c5cc342b6f787ded1cbeb1ed8faa981f
Secunia Security Advisory 43935
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged two vulnerabilities in Solaris, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | solaris
MD5 | 78d66c37aa457c6ce016dcfbbb27ef11
Secunia Security Advisory 43941
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for wordpress. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
MD5 | 229885c527e3a14786a1252410f078c7
Secunia Security Advisory 43943
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in VMware VIX API, which can be exploited by malicious, local users to gain potentially escalated privileges.

tags | advisory, local
MD5 | 3ad4c0b9979fb7d5ff5b996ca05db4da
Secunia Security Advisory 43919
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in Spitfire, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | e60eb59a346076872a10c11f6292afe3
Secunia Security Advisory 43542
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in RunCMS, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 9402fdd5095edc2ad2ae9a12f325f96d
Secunia Security Advisory 43888
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for tomcat6. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability, xss
systems | linux, ubuntu
MD5 | 1871396d393f28b4d275aecdf4c72e8f
Secunia Security Advisory 43863
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for tomcat5.5. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious users to disclose sensitive information and manipulate certain data and by malicious people to disclose sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, debian
MD5 | 37dca43bb6c775ceac9661e438cf53f2
Secunia Security Advisory 43767
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
MD5 | 533e437af87ada5739b9b4aacf14696a
Secunia Security Advisory 43909
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mesut Timur has discovered a vulnerability in Tracks, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | ad0d9c65b86cc20eef9e050234b006a1
Cisco Security Advisory 20110330-acs
Posted Mar 30, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account to any value without providing the account's previous password. Successful exploitation requires the user account to be defined on the internal identity store. This vulnerability does not allow an attacker to perform any other changes to the ACS database. That is, an attacker cannot change access policies, device properties, or any account attributes except the user password. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.

tags | advisory, remote
systems | cisco
advisories | CVE-2011-0951
MD5 | 25ea801f2bf5e839abd7519bd4099987
Debian Security Advisory 2208-1
Posted Mar 30, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2208-1 - It was discovered that BIND, a DNS server, contains a race condition when processing zones updates in an authoritative server, either through dynamic DNS updates or incremental zone transfer (IXFR). Such an update while processing a query could result in deadlock and denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-0414
MD5 | 0d7b8fad9cfe5f882faa5640facec194
Cisco Security Advisory 20110330-nac
Posted Mar 30, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Access Control (NAC) Guest Server system software contains a vulnerability in the RADIUS authentication software that may allow an unauthenticated user to access the protected network. Cisco has released free software updates that address this vulnerability.

tags | advisory
systems | cisco
advisories | CVE-2011-0963
MD5 | 82f852f8537b251715887a935685082c
EMC NetWorker Module Arbitrary Code Execution
Posted Mar 30, 2011
Site emc.com

A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.

tags | advisory, arbitrary, code execution
advisories | CVE-2011-0647
MD5 | dc245cc7888a0e5d3b03833c6d30192c
Mandriva Linux Security Advisory 2011-056
Posted Mar 30, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-056 - chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name, which allows remote attackers to bypass intended access restrictions via an arbitrary password. modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service via a relative Distinguished Name that contains an empty value for the OldDN field. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, mandriva
advisories | CVE-2011-1024, CVE-2011-1025, CVE-2011-1081
MD5 | 163855e28dd547d30ccf2fe21546492e
Page 1 of 30
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close