Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP440) and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability.
fff41f08fd976df15727676fbdf3534859a2336101b9fdcdc8160a445d8bf795Drupal Filedepot third party module version 6.x suffers from an access bypass vulnerability.
458f98b4ad4003bf3aa663adf77ce9a113cc04ada72fbb4d272a2a8121becec3.NET versions 1.0 through 4 suffer from a remote code execution vulnerability.
307f395b028ac122304fef534240c7e23084013f6280c7430f0e184b83090603Drupal Counter third party module version 6.x suffers from a remote SQL injection vulnerability.
87c480a1491ea81dba9377c160920492eb2eca928e4903a8de1d14e8a56cd325Drupal Mobile Tools third party module version 6.x suffers from a cross site scripting vulnerability.
29a8a30a54355574dd0be519532088f56b732fbe03e7d368021180b61cbba007Drupal Comment Moderation third party module version 6.x suffers from a cross site request forgery vulnerability.
a93bed327c36c2c72feb9c128ba34d34608d374372b3c7494944ed36b1243bb4Drupal Amadou third party theme version 6.x suffers from a cross site scripting vulnerability.
8084ca37c2ceb14940a10c7c10441c8a7cc2f03c072729984567644bf2a6234eFreeBSD Security Advisory - There is a programming error in the DES implementation used in crypt() when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with only the most significant bit set (0x80), that character and all characters after it will be ignored.
c93d455eb30d8a248bc3a8f2e54b0feb1b59e15469c93c07b2e5518cbee945c4Mapserver for Windows versions 3.0.4 and below down to 2.0 suffer from a remote code execution vulnerability.
a619e0e339cf860572100a5b22d92d4940aed51cbdde19d45ddeb8ceb0be400eRed Hat Security Advisory 2012-0702-01 - The IBM Java SE version 1.4.2 release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.
a10bc709ea878fb36061edb74eaeba6647a0404b29509f3e049cba4592299ffaMandriva Linux Security Advisory 2012-085 - Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858. The updated packages have been patched to correct this issue.
0a5b185b8377e3d89ecf4eb5c1da3f094b87f8234235cc6ae5d3e4464a8ded72Ubuntu Security Notice 1455-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
4e7432dce8d4f2ad8388c5b054076886347d78c776785629fe7f4b62a2fe83b8Secunia Security Advisory - A vulnerability with an unknown impact has been reported in Restlet Framework.
dea899ebdd6a471ea44490f24522cca9019e9049d3b1b43cd29b6fc5ea947d83Secunia Security Advisory - Horde have acknowledged multiple vulnerabilities in Horde Groupware, which can be exploited by malicious people to conduct cross-site scripting attacks.
ff475b841e2d672a51449d5de9467bb242a43200b65d1fc548ab6815b508063dSecunia Security Advisory - Horde have acknowledged multiple vulnerabilities in Horde Groupware Webmail Edition, which can be exploited by malicious people to conduct cross-site scripting attacks.
35a2b4e1a3c8019f30cdc54af7d97afc842a1d7e9bcf7f70b9b5100bde1de913Secunia Security Advisory - Two vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service).
55a31adfbf4607ca3c0793a47ce785e19497c42ca7ca2f22d9353e5916ae38caSecunia Security Advisory - SUSE has issued an update for mailman. This fixes a security issue, which can be exploited by malicious, local users to disclose certain sensitive information.
3e48f5b78a3611bc9a97ad6b7be76061111b69be3470f19950ae93eb292a5ac3Secunia Security Advisory - SUSE has issued an update for chromium and v8. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
8b8ceb33c395ef6dafce689123f8aa25a768d9323c39683ee0699c18d01a6606Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
f1f0409c25196e53de5b1983a85e791cabc3c06f80787ed616fca18fc3f7bbd0Secunia Security Advisory - Some vulnerabilities have been reported in the ALO EasyMail Newsletter plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
585f07780502df5e2a18563e24a8f7791542e987b3eaf25700dd8f9532f14175Secunia Security Advisory - Some security issues and a vulnerability have been reported in AutoFORM PDM Archive, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site request forgery attacks.
0d7535af25fd4935365727e2a4fba54de761fb661e97daa2569a32076123608fSecunia Security Advisory - Red Hat has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) of the application using the library.
5f2edd91901faf346e96be4c50d38ea72cd64c1a3d15abdfba22b286c665af47Secunia Security Advisory - A vulnerability has been reported in the BrowserID module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.
52a6b0d6ce080bd2215891424f87d1f6806eb2299465c4998164f804736b5075Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Java, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
b71957c68cddbb138c208fbe3817f6ac6c0d806f007198301705385b4c9d6fc5Asterisk Project Security Advisory - A Null-pointer dereference has been identified in the SCCP (Skinny) channel driver of Asterisk. When an SCCP client closes its connection to the server, a pointer in a structure is set to Null. If the client was not in the on-hook state at the time the connection was closed, this pointer is later dereferenced. A remote attacker with a valid SCCP ID can can use this vulnerability by closing a connection to the Asterisk server in certain call states (e.g. "Off hook") to crash the server. Successful exploitation of this vulnerability would result in termination of the server, causing denial of service to legitimate users.
0ffad12f4ee7638c64029cbf2387da33862ed3926680288d1303b12b6023069e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed