Secunia Security Advisory - Tatercrispies has reported a vulnerability in vBulletin, which can be exploited by malicious people to conduct script insertion attacks.
8a8927ca964b77d9e5b6e35dbd863e157dbc53ed43cd89da3d44518ce7bee014Secunia Security Advisory - Linux_Drox has discovered a vulnerability in phpWebThings, which can be exploited by malicious people to conduct SQL injection attacks.
1faa0fc8bff53ac20c8a275365e035ca8ae0ac1edda0cc9765d004badfe314d3Secunia Security Advisory - David Maciejak has discovered a vulnerability in Apache Tomcat, which can be exploited by malicious people to cause a DoS (Denial of Service).
81e5392a6cc6f2758974caec5b95b47fe031e6ee122034c619122f260ee487ccSecunia Security Advisory - Luigi Auriemma has reported two vulnerabilities in Asus VideoSecurity Online, where one has an unknown impact, and the other can be exploited by malicious people to disclose sensitive information.
661ee6953af4f547016de6ed72f0ea3d36ebd9ef77a84897c2ff8a40985f0c0dSecunia Security Advisory - Luigi Auriemma has discovered a vulnerability in NeroNET, which can be exploited by malicious people to disclose sensitive information.
2654327bb79663e62d0bde12b09b5143ae3ffb3aac7fcf813d4fd22169b46404Secunia Security Advisory - A vulnerability has been discovered in Ipswitch WhatsUp Small Business 2004, which can be exploited by malicious people to gain knowledge of sensitive information.
c2a26cfa5ba16d1bdf122a821bbd83da24621a708db283f7fdde01d363833ba7Secunia Security Advisory - A vulnerability has been reported in Cisco WLAN (Wireless LAN) Controllers, which can be exploited by malicious people to bypass certain security restrictions.
fed6ce92358ab8ca53d5c4e7f150e5236bb8c9616dea2676100c75acce128029Secunia Security Advisory - SCO has issued an update for Squid. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
f9bd25742ba7ead63e0ece4dbd423c8d5a189c9bc9b8f345e914cdaaf82fb24fSecunia Security Advisory - BiPi_HaCk has reported some vulnerabilities in PHP Handicapper, which can be exploited by malicious people to conduct cross-site scripting, HTTP response splitting, and SQL injection attacks.
7e24f33c0a43a3f67f3cd8420c790f6d196d581b5a33db7d174eb1a9e4386997Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which potentially can be exploited by malicious people to bypass certain security restrictions.
1549596b8e564eefb07e273329a8e439aea5105ab15beef5f7244c25d97baa20Secunia Security Advisory - SCO has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
fe6d0298e465d1caae737f5361e88e0628501fa96978cee341d82d908ce708e5Secunia Security Advisory - SCO has issued an update for docview (htdig). This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
c840d5880980c80e308d30a9cee125944d6446db9bb8c11bc259a3eda3b829c8Secunia Security Advisory - Gentoo has issued an update for libgda. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
1c1ffbae53a5fb936ca0cc1e3dd1abc43ea0432fb1ea1b9d7ef5d38e3b008eb8Secunia Security Advisory - Gentoo has issued updates for qdbm / imagemagick / gdal. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
96f921a49a95b8e028ee4d795937b058bc9b5dfc6cab140bf17865e350427d1dNuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
b762d3e1eb9e1df47b32e4434d984fed8084bbf40cbb34f641cd3b21dfdf683bEngine_pkcs11 is an implementation of an engine for OpenSSL. It can be loaded using code, config file, or command line and will pass any function call by openssl to a PKCS#11 module. Engine_pkcs11 is meant to be used with smart cards and software for using smart cards in PKCS#11 format, such as OpenSC. Originally this engine was a part of OpenSC, until OpenSC was split into several small projects for improved flexibility.
ec4eed031d38cb6e050f12908353ec149c0d98f260de965c4216f93a4342ffb6Pam_p11 is a pluggable authentication module (PAM) package for using cryptographic tokens such as smart cards and USB crypto tokens for authentication. Pam_p11 is very simple, as it has no config file, no options other than the PKCS#11 module file, and does not know about certificate chains, certificate authorities, revocation lists, or OCSP. There is one module that uses the $HOME/.eid/authorized_certificates file (like the old pam_opensc did) and one module that uses the $HOME/.ssh/authorized_keys file (like ssh does).
8e884842865f7f3b54f2aa2f187d781210863c8596b9fca94065bfbd4dc1a8a2Libp11 is a library that implements a small layer on top of the PKCS#11 API to make using PKCS#11 implementations easier.
4ea580f104ea8fa921dcf3363d0245871a511e6199288a3497cadf64dd8a1696PHP HANDICAPPER is susceptible to cross site scripting, SQL injection, and other flaws. Details provided.
2b6f990448729227c0ef62fc5049f14e49cdcabb515a207f26749fe31b402dc7Whatsup Small Business 2004 is susceptible to a directory traversal attack. Exploitation details provided.
c98f702c5a3e9db935de9b30864367cd84f73883b72753bdf77073dc45b31e2fSCO Security Advisory - Cross-site scripting vulnerability in docview (htdig) under OpenServer 5.0.7 and OpenServer 6.0.0 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
bfe8f1276bbd4439e396e05e3a38cc25023e5409c4ed8582ebe4fe5972e05840SCO Security Advisory - Cross-site scripting vulnerability in docview (htdig) under UnixWare 7.1.3 and UnixWare 7.1.4 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
8948f1f7a616d3f968054e459f46c68794386b15c994b4b12f89f92fd3ea5f4aProof of concept exploit for a denial of service flaw in Battle Carry versions .005 and below.
1e666d38c52624ec93a7527705397b601e2503b8728c4a034998faa99fa7a1f7A denial of service flaw exists in Battle Carry versions .005 and below. A packet bigger than 8192 bytes causes a socket error in the Python code used to handle the server which immediately terminates the socket and interrupts the listening on the UDP port where has been received the packet.
dd19b491411de098999e9bd19c17cd529e108a99d9ab332c8aca828a21660070Proof of concept exploit for FlatFrag versions 0.3 and below which suffer from a null pointer crash and buffer overflow bugs.
ecbae1fe96c75090a5bdbe7c4eb4eef3c6cf2031603d24c5edd8165b8dce16aa
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed