Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and retrieve a user's files.
18201c9353e20482da58606556f40385Product Cart 2.6 is susceptible to a SQL injection attack.
cef1d8f6a210a35f96070664dacd3f5e@Mail 4.03 WebMail for Windows and 4.11 for Unix variants suffers from multiple cross site scripting flaws. Detailed exploitation provided.
3cd06324574d1aef55b883431ef25f49NGSSoftware Insight Security Research Advisory - HP OpenView Radia Management Portal versions 2.x and 1.x running the Radia Management Agent suffer from a remote command execution flaw via a directory traversal. By connecting to the TCP port and sending a crafted packet, it is possible to traverse out of C:\Program Files\Novadigm and run any executable that is located on the same logical disk partition.
746992e1a974b65a8b4f2abc6eab9a03HAURI live update suffers from remote file download and execution vulnerabilities.
b0c582692ccecdb7dab8e7a8d192f5e0Gentoo Linux Security Advisory GLSA 200507-27 - Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.12 are affected.
4612039aea857070ea4f64d4d373a37dSecunia Security Advisory - Leandro Meiners has reported a security issue in Lotus Domino, which can be exploited by malicious users to disclose certain sensitive information.
6bcc12b07594ab31120d2733cac55130Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files.
eb878ed27d85a7780314f8af7a80a80aSecunia Security Advisory - Yun Jonglim has reported a vulnerability in UnixWare, which can be exploited by malicious people to cause a DoS (Denial of Service).
b1d39f3d34e342361e918e7428561f70Secunia Security Advisory - A vulnerability has been reported in FileZilla Server, which can be exploited by malicious people to conduct a DoS (Denial of Service) or potentially compromise a vulnerable system.
4a34211c6ee59aa5a140ef7363d8647dSecunia Security Advisory - Joxean Koret has reported some vulnerabilities in GForge, which can be exploited by malicious people to conduct cross-site scripting attacks.
11fc5b445bb61be80800c6d072cfa423Secunia Security Advisory - A vulnerability has been reported in MySQL Eventum, which can be exploited by malicious people to compromise a vulnerable system.
e910853acfc99974cbbc1ff41e9eb81fDevolution Security is a video surveillance system for Linux based systems. It supports up to 16 cameras and features unicast and multicast broadcasting, a Web interface, an X11 interface, themes, motion detection, record on motion, eight different camera layouts, camera cycling, fullscreen mode, and more. Devolution Security uses its own toolkit (dtk).
0205b0eb774c3ee1dc87da04d34c26cbSinister is a reverse engineering utility that allows you to manipulate executables' memory images.
829cfa3670082c550b3420d2f5f3e9b7NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
66d6f48b631224c0f5e52e03097c630cClam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
870de14ba123d6e9cba9850498c49f5dKismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
2dc9331fd09ad190ff5be5012653bdefGNU Mailutils imap4d version 0.6 remote format string exploit. Tested on Slackware Linux versions 9.0, 10.0, and 10.1.
da0de44e2242607117540ff5e260dca5Debian Security Advisory DSA 768-1 - A cross-site scripting vulnerability has been detected in phpBB2 that allows remote attackers to inject arbitrary web script or HTML via nested tags.
9f8c2f665ccbdca367d2e2e217193569Debian Security Advisory DSA 767-1 - Marcin Slusarz discovered two integer overflow vulnerabilities in libgadu, a library provided and used by ekg, a console Gadu Gadu client, an instant messaging program, that could lead to the execution of arbitrary code.
a96d8c31cfa976bbe9634572bbd95d7fClever Copy contains a flaw that allows for unauthorized reading and deletion of private message from other users. Versions 2.0 and 2.0a are affected.
4f2de0514d7c6b838f32ce512c04fc50FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec - IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator.
4ca733f4e87612fb2d1658c89d2edf18FreeBSD Security Advisory FreeBSD-SA-05:18.zlib - A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.
f04e1c0ffa62c58fbff1758dd2a9e393Clever Copy suffers from multiple cross site scripting and path disclosure flaws. Versions 2.0 and 2.0a are affected.
7e31b64773a60d4db45f35bab4fa8e73BMForum Datium! 3.0 RC1-4, Plus! 3.0 RC1-4, Plus! 2.6.1, and PlusMX 3.0.0.5 all suffer from multiple cross site scripting flaws.
ea70bf5ccd6f398a6c4cdb84fdca4c28
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed