Debian Security Advisory DSA 869-1 - The developers of eric, a full featured Python IDE, have fixed a bug in the processing of project files that could lead to the execution of arbitrary code.
3dd09913c1aa97d29bf853f01d6b3848cf7d26711d747e5df738ebfb29270246Debian Security Advisory DSA 868-1 - Several security-related problems have been discovered in Mozilla and derived programs. Some of the following problems don't exactly apply to Mozilla Thunderbird, even though the code is present. In order to keep the codebase in sync with upstream it has been altered nevertheless.
a27ce35d6aff87fa238c97afe173eb8ec84701827f563a520d7c429815e9ec98Debian Security Advisory DSA 867-1 - Eduard Bloch discovered that a rule file in module-assistant, a tool to ease the creation of module packages, creates a temporary file in an insecure fashion. It is usually executed from other packages as well.
ba6a331b5a7ddc5f2ac3b42d2c5f3e666528ade8e9b7ff6fcb88b236002cfb96Debian Security Advisory DSA 866-1 - Several security-related problems have been discovered in Mozilla and derived programs.
2701ccface00fab6d0fc16bc4aaa3111bf0eddb9408cdc76a4b8aa9b292a205cTechnical Cyber Security Alert TA05-292A - Various Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include unauthenticated, remote code execution, information disclosure, and denial of service.
e3ae77e94e5b32c8445b6da003c75a75c159f26accaf4b79f4ac9e46d4dd848aA potential security vulnerability has been identified with the HP OpenView Operations and OpenView VantagePoint Java Runtime Environment (JRE). This vulnerability may allow an untrusted remote applet to elevate its privileges.
d08de51617872edab4d25934b5f10a0f498db17d5faf29d316085784ecf41532Story of a dumb patch - This paper describes a mistake made by Microsoft in patch MS05-018 where Microsoft failed to properly fix a vulnerability having to release a new patch MS05-049. Hopefully this paper will open the eyes of software vendors to not repeat these kind of mistakes.
a79eb3b5aa2f5d80efad97626f1bd81b439fa096671c52ff737b3558b91a75e0This is a port of z0mbie's Length-Disassembler-Engine (LDE) into VC7++ assembler syntax. The whole engine(Code+Data) fits now in one naked function. You will also find in the .c file the mentioned naked function as an shellcode like byte array. This is useful for hooking and code injection techiques, because the code is reallocateable.
a9014ee23609a933d12a93b167eeae5f39e2a3179f26582e3ad4cd8638f9c724The Cisco VPN Client uses weak encryption to store user and group passwords in the local profile file.
15c0f5e7200c8bf9f393f89a43fec4a4e221e1db9ebcaaaaf1ecd0fb66b3d678The Cisco Password Revealer - The Cisco VPN Client uses weak encryption to store user and group passwords in your local profile file. This tool will reveal the saved passwords from a given profile file.
c4ff59418cd930f1acca106838a55edcabaf247be8c0aad743f2a6a996e54ab2Secunia Security Advisory - Keigo Yamazaki has reported some vulnerabilities in Xoops, which can be exploited by malicious people to conduct script insertion attacks.
8f1f14ca8d511581651800960352538b8aa806419c42c46e18bd868b56a7c76bSecunia Security Advisory - A security issue has been reported in Symantec Discovery, which potentially can be exploited by malicious people to gain access to, or to manipulate certain information.
5b5cf0dd2aec51f92b2e32456ea8fc615ed2d9938fa2f3c8e08ef6c5166aede2Secunia Security Advisory - papipsycho has reported some vulnerabilities in Nuked-Klan, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
d35f4b2f5d4d8f812938464a25de25f2ef5acb44ca698f8426077d2cf54de577Secunia Security Advisory - Some vulnerabilities have been reported in Skype, which can be exploited by malicious people to cause a DoS or to compromise a user's system.
83975a2d31d480b7646da21bee9831be2bc57a8c17471618440e041c40824d01Secunia Security Advisory - _MoHaJaLi_ has reported two vulnerabilities in ar-blog, which can be exploited by malicious people to conduct script insertion attacks and bypass certain security restrictions.
deee1388535d3cd87969138e720e0ca26576130082bdb914532c7b3c1ce9a2daSecunia Security Advisory - aLMaSTeR has reported a vulnerability in SaphpLesson, which can be exploited by malicious people to conduct SQL injection attacks.
e8785bbb54f6a3feb9afde75a19e187e1e27d403bfdbc53db178a054c139dbcfSecunia Security Advisory - Gentoo has issued an update for zope. This fixes a vulnerability with an unknown impact.
686a57cc9116d692d47d4ae0fa7faf69dea2e7d55202d5940fa334ff8ed9793dSecunia Security Advisory - Christoph Chb Burchert has discovered a security issue in archilles Newsworld, which can be exploited by malicious people to disclose sensitive information.
47369581c527a9e7d6c31d1b2875a368d17bbd9a4758b5fb660f41e182654deaSecunia Security Advisory - peanut has discovered a vulnerability in PHP-Fusion, which can be exploited by malicious people to conduct script insertion attacks.
bdf9bb1e446c6f0fc2f53629da921696cdc92a07b3b75fd5a83d24eb73bb9c8bSecunia Security Advisory - HP has acknowledged some vulnerabilities in HP OfO (Oracle for Openview), which can be exploited with unknown impact, to conduct PL/SQL injection attacks, cross-site scripting attacks, or potentially to compromise a vulnerable system.
dc7003e1cb52e0ebbfc18e2bb39281090719181db54a9d4a8c2d9d854b4fe185Secunia Security Advisory - Remco Verhoef has discovered a vulnerability in Basic Analysis and Security Engine (BASE), which can be exploited by malicious users to conduct SQL injection attacks.
c28879d998666d90142dc01a58c1eec984a16436937332447ec851573bc2b893Secunia Security Advisory - rgod has discovered some vulnerabilities in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
1572298f66c2a5f62f08ded7d8df05a8d681f706c8debd75af339c39dae4d393Secunia Security Advisory - SUSE has issued updates for curl and wget. These fix a vulnerability, which can be exploited by malicious people to compromise a user's system.
ccf1cc07b0c5f4801fb643d4a1e04e756d387da929080862a062dde49b508cd6Secunia Security Advisory - Abducter has discovered a vulnerability in TClanPortal, which can be exploited by malicious people to conduct SQL injection attacks.
8f9eb931290b0210ee8652c4e20e431e04cf9e5df3197091bbf6c370bb588816Cisco Security Advisory: Cisco CSS 11500 Series Content Services Switches (CSS) configured with Secure Socket Layer (SSL) termination services are vulnerable to a Denial of Service (DoS) attack when processing malformed client certificates. Cisco has made free software available to address this vulnerability. There are workarounds available to mitigate the effects of the vulnerability.
959c70d2d1875636e70f8b4a784183c2a5cc0af2e8213486d75574784fe725fa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed