Cisco Security Advisory - Cisco IOS XR Software Releases 3.9.0, 3.9.1, 3.9.2, 4.0.0, 4.0.1, 4.0.2, and 4.1.0 are affected by a vulnerability that an unauthenticated, remote user could use to trigger a reload of the Shared Port Adapters (SPA) Interface Processor by sending specific IP version 4 (IPv4) packets to an affected device. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
9539674a9114ed61cd79a7256bba7ce6d3d1aff1f5341bc6c64b426f3af70e38iDefense Security Advisory 05.24.11 - Remote exploitation of a stack buffer overflow vulnerability in IBM Corp.'s Lotus Notes could allow an attacker to execute arbitrary code in the context of the current user. The vulnerability occurs during the processing of hyperlink information contained within a Rich Text Format (RTF) document. The hyperlink may be crafted in a manner which can cause a strcpy function call to overflow the bounds of a stack buffer. This condition may lead to arbitrary code execution. Lotus Notes versions 6.0, 6.5, 7.0, 8.0, 8.5 are vulnerable.
91558b82ec933f7adde1fcb12364cda4ebd05a89100271d7b360fcdea95e4c7dCisco Security Advisory - Cisco IOS XR Software Releases 3.8.3, 3.8.4, and 3.9.1 are affected by a vulnerability that an unauthenticated, remote user can trigger by sending specific IP version 4 (IPv4) packets to or through an affected device. Successful exploitation could cause the NetIO process to restart. Under a sustained attack, the Cisco CRS Modular Services Card (MSC) on a Cisco Carrier Routing System (CRS) or a Line Card on a Cisco 12000 Series Router or Cisco ASR 9000 Series Aggregation Services Router will reload. Cisco has released free Software Maintenance Units (SMU) that address this vulnerability. There are no workarounds for this vulnerability.
104b800be8c77a505b91bf3100798e33c89caffc08b201eb0f299c45534c3b87Cisco Security Advisory - Cisco RVS4000 4-port Gigabit Security Routers and Cisco WRVS4400N Wireless-N Gigabit Security Routers have several web interface vulnerabilities that can be exploited by a remote, unauthenticated user. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
6b4b4001597fa9f57b57ab89c6a63a8d46be1b90e97b71fe1bd90c4cf53e75c6Cisco Security Advisory - The Cisco Internet Streamer application, part of the Cisco Content Delivery System (Cisco CDS), contains a vulnerability in its web server component that could cause the web server engine to crash when processing specially crafted URLs. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
6cb9ce2c097b9a758a4ae01c01194219e532506c121678b7559349ee9c251344Debian Linux Security Advisory 2242-1 - It was discovered that the STARTTLS implementation of the Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is in place.
f37324dcc067286882e574ec8915f95149ac06b8464188d28a9c6684f2be52e4Ubuntu Security Notice 1136-1 - It was discovered that rdesktop incorrectly handled specially crafted paths when using disk redirection. If a user were tricked into connecting to a malicious server, an attacker could access arbitrary files on the user's filesystem.
ebce6c817bd2bcfae813dc2229b4d0307bf51191961d75e66134340473967ee4Ubuntu Security Notice 1135-1 - It was discovered that the Exim daemon did not correctly handle certain DKIM identities. A remote attacker could send specially crafted email to run arbitrary code as the Exim user.
53826affe70ab5b8f32b22d9e0b121325db32ab7b83f1513cc66b90200261ecdDebian Linux Security Advisory 2240-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
e80a5985f8ab30d0e1b27069f1a8ac244b9edc0a3bb35aa75124e26c94b75e19Secunia Security Advisory - A vulnerability has been reported in Dovecot, which can be exploited by malicious people to cause a DoS (Denial of Service).
fa22346a655a7c732c704bed8ec712950d8e1e333a0cea4995a2a1081504da85Ubuntu Security Notice 1134-1 - Maksymilian Arciemowicz reported that a flaw in the fnmatch() implementation in the Apache Portable Runtime (APR) library could allow an attacker to cause a denial of service. This can be demonstrated in a remote denial of service attack against mod_autoindex in the Apache web server. Is was discovered that the fix for CVE-2011-0419 introduced a different flaw in the fnmatch() implementation that could also result in a denial of service.
33d0bcbf01e80fbf4f6e0b746d2ea03df29467c9bd9d72f3c02f2b79dfede4f4Debian Linux Security Advisory 2239-1 - Several vulnerabilities have been discovered Mojolicious, a Perl Web Application Framework. The link_to helper was affected by cross-site scripting and implementation errors in the MD5 HMAC and CGI environment handling have been corrected.
32a0b722e699971999dfac760e81d5ed750b47e2f3773d75c1d7af752653e626Secunia Security Advisory - A vulnerability has been reported in Vordel Gateway, which can be exploited by malicious people to disclose sensitive information.
bbf9b946747ff2c4e74f8a13893f385cf6eb0fb986191a2e6465daa120d21b7bSecunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
3c5fde1929cc78f8310fb171a37fcc12487b03321c43fb7e87ce6832e46a725bSecunia Security Advisory - Fedora has issued an update for libmodplug. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
677187a5445b106b2b63f434fc97365e36f004623734924802e9cd15e17cfc36Secunia Security Advisory - SUSE has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
be76f702ecd7cf0a6e8467e79b6646856fd8a202cadbfdac466fc8d10e5e2eb4Secunia Security Advisory - Ubuntu has issued an update for apr. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
34f14a6b411912a4db5433626bb325d85924a0628c1f0c64b8e24ec2995ebef6Secunia Security Advisory - Debian has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.
fbd93a9507a162808eda982ef8c09f455d8e8c7a4e0408322fd4d2c0383ffffdSecunia Security Advisory - AutoSec Tools has discovered a vulnerability in ClipBucket, which can be exploited by malicious people to conduct SQL injection attacks.
5e92b9fa6e47819229133797b6e5351199f42b88f3899465797de607ded572edSecunia Security Advisory - Fedora has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges.
4b2ec4a4513c0405aa71d087deaad0ee479fa8fb637f1807ab4ad4c34e52d8c2Secunia Security Advisory - SUSE has issued an update for exim. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
9c18c6efe8e945a492ca7f103d0b4e1732bbd22559aed235450c00944eb4113dSecunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and potentially gain escalated privileges.
d41fa13e62d59f43e27f9d798952191ee7648b6dec19267e444994d687ba93b4Secunia Security Advisory - A vulnerability has been reported in the JE Story submit component for Joomla!, which can be exploited by malicious people to disclose sensitive information.
4f30bb7d38e361c2464c7b8eaf012ac3efbd4d274cb34b01ea8c3741a4157336Secunia Security Advisory - A vulnerability and a security issue have been discovered in MidiCMS Website Builder, which can be exploited by malicious people to conduct cross-site request forgery and bypass certain security restrictions.
b32a0008a2ae0c35c8769d5a153fc7fe2e319d38c1b9a35c294a6c68a68063deSecunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system.
24d75a35bd99792c5bb5f6c42f555c400b7c615f4dcd4e062acc0239c006a87d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed