Secunia Security Advisory - Multiple vulnerabilities have been reported in Asterisk and Asterisk Business Edition, which can be exploited by malicious users to cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.
9a969e448a7aa14f5e60177f8c883f1af0dcce169e2b81efaa581f64427d5a99Secunia Security Advisory - Mavituna Security has discovered two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
99e4a80d2911f5d23e18a8a9ef3c053eb989085192b6b620ab1e5f44ad95aca8Secunia Security Advisory - Mavituna Security has discovered a vulnerability in Exponent CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
6b93b50373c08f0695b7705c828a1b2e88bd559a718e31dfdac19c79f82319e0Secunia Security Advisory - Ubuntu has issued an update for mysql. This fixes multiple vulnerabilities, where one has unknown impacts and the others can be exploited by malicious users to cause a DoS (Denial of Service).
9aa557fe7049cf468fa67a4ace50c87a56bb76ba8ee1472164aadb2bcc27455cSecunia Security Advisory - Some vulnerabilities have been reported in SPIP, which can be exploited by malicious people to conduct cross-site scripting attacks.
f2f91672351e9b1cd4fd2dd09edebbe4fd1730a950ec470fb7689a283c9466a7Secunia Security Advisory - A vulnerability with an unknown impact has been reported in vBulletin Suite, vBulletin Forum, and the MAPI plugin for vBulletin.
d501af79e3593f263d1945d58eefc63a0c1479de9fb76057186be1b13b2c6919Secunia Security Advisory - Jelmer Kuperus has discovered a vulnerability in Liferay Portal, which can be exploited by malicious people to bypass certain security restrictions.
41cc8f47ed19077bdbc4f4d32bc478a4af929eb954e60d3fce8d24c661811585Secunia Security Advisory - Red Hat has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.
6d55c2e0ae0d2446d100c9d6f90c06263c62dc606574295bbd54967cba3921d6Secunia Security Advisory - Red Hat has issued an update for java-1.5.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
c9329e4a440e810bba9f0f2a7c90d3dbed4fb5095b3c5f84ac6d7acc3e59decfSecunia Security Advisory - SUSE has issued an update for cobbler. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, by malicious users to compromise a vulnerable system, and by malicious people to conduct cross-site request forgery attacks.
0cdee108aa0d0563cc352478ace6570a3993063983f8d7ed2ff02596fc42de88Secunia Security Advisory - Egidio Romano has discovered a vulnerability in WebCalendar, which can be exploited by malicious users to disclose sensitive information.
6dfde2541056fccf908e131ed24da1846b5b0614cfa5566b53e7dd5792bd09b5Secunia Security Advisory - Ubuntu has issued an update for linux-ec2 and linux. This fixes some vulnerabilities, which can can be exploited by malicious, local users and malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
3779c788fb544c47ae17a86c97ab09a8c4aedde7273d221a958ef0b7de434fa1Asterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the SIP channel driver if a SIP UPDATE request is processed within a particular window of time.
2f5947f61b2053c1b2b1488965d4ff29d455c8f4c71b6f1e91940a3f62d70d5fAsterisk Project Security Advisory - In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.
135fdb3c4091f47c3bd1cc61841154a28cbda243b8fb16a579ebff1ce30c23efAsterisk Project Security Advisory - A user of the Asterisk Manager Interface can bypass a security check and execute shell commands when they lack permission to do so. Under normal conditions, a user should only be able to run shell commands if that user has System class authorization. Users could bypass this restriction by using the MixMonitor application with the originate action or by using either the GetVar or Status manager actions in combination with the SHELL and EVAL functions. The patch adds checks in each affected action to verify if a user has System class authorization. If the user does not have those authorizations, Asterisk rejects the action if it detects the use of any functions or applications that run system commands.
98ea67fda37608ee4b744ee6c51c819b2fd3cdd1838c33bc4c08c48b26462701Red Hat Security Advisory 2012-0509-01 - Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file.
a8e8a801da4b7a24fc2903f6f33c984e1248132f1730c633edd984d26d065336Red Hat Security Advisory 2012-0508-01 - The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.
86cdccdd75a2167c965a21dcf8b602ed42e2bf5e67e39de3e1dd59929dafce0ePSFTP version 1.8 build 921 suffers from a NULL pointer denial of service vulnerability.
6cedf29fc659f2cd0c64391437f038105fadb2a16b9f4d6f8e7ae6eccd68b0daFirefox 11 suffers from a denial of service condition when using exponential string growth and document.write().
e6169f26969ab9aa9399cca746e0d10bf95dfab65d2e74bb8d282c1637de31bdVSR identified a vulnerability in IQRD. The IQRD service listens locally on a TCP socket bound to port 2479. This socket is intended to allow the Carrier IQ service to request device-specific functionality from IQRD. Unfortunately, there is no restriction or validation on which applications may request services using this socket. As a result, any application with the android.permission.INTERNET permission may connect to this socket and send specially crafted messages in order to perform potentially malicious actions.
62460a143a7893941f8c2a7a320f48f1e15c0964c0c6ff6e99e6284cd21d8be2Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Directory Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
e047eb88a310e1cf567714bb81479e46c4efde8687148fb5a3477ca9b806e757Secunia Security Advisory - Multiple vulnerabilities have been reported in WordPress, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct script insertion and cross-site scripting attacks.
7e7575cdd09178a4272c26347558ec99d8cf9f515a06a098fe36b30653c2cc3bSecunia Security Advisory - A vulnerability has been discovered in the Sharebar plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
2f082705b44c63396a87afc0db177002dd6e4b8443ad3f75787977ee8b6f663aSecunia Security Advisory - Multiple vulnerabilities have been discovered in the WP Survey And Quiz Tool plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
55ea1943f9b7703ecb8c5ef1cf3bad81634fee02fa41805c8e5816bd99c4db48Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in NET-i ware, which can be exploited by malicious people to cause a DoS (Denial of Service).
6b596523d4428f404fa0a03d56c8ce7ec555365da3a0aa7c7db56652e87909e6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed