Mandriva Linux Security Advisory - A flaw was discovered in the scp local-to-local copy implementation where filenames that contain shell metacharacters or spaces are expanded twice, which could lead to the execution of arbitrary commands if a local user could be tricked into a scp'ing a specially crafted filename.
96011bae86790cfa2752ec1caf5db44de0b3edd4aea2adfecb051792351c9522Debian Security Advisory DSA 965-1 - The Internet Key Exchange version 1 (IKEv1) implementation in racoon from ipsec-tools, IPsec tools for Linux, try to dereference a NULL pointer under certain conditions which allows a remote attacker to cause a denial of service.
ae2a5dfc67aea3ad69618f9be9beb5bacf852e4032dba80f2a57f846c28033f5DarkStarlings products are vulnerable to arbitrary script code inclusion sue to improperly sanitized user inputs.
2b2dc87d1d615417df24d30dee6a64b9e36e096e3485ceba6f9d49bea13e12ecDue to poor design the gen_rand_string() can only generate up to 1 million hashes or random strings. This allow an attacker to reset any account through the lost password request form by "predicting" the validation id and the new password for the account. Vulnerabilities verified on phpBB 2.0.19 and IPB 2.1.4.
6574f04550bbeed9e3a48a4c5340e354815991e4d83cdd4c615f8b186c799e66The mime/handle.html of cPanel 10 is vulnerable to an XSS vulnerability.
74edd21ca1ebb82655207a0f2dde502b67eaf0fc33fa2d2fd0c7a4d6b13f120dPeopleSoft People Tools 8.4x uses PSCipher() for encryption/hashing purposes which suffers from several problems that can allow the encryption to become compromised.
05e6dd877cdac306979ee201dd6b45892e529a6ff465f66eea91c5d2ea80beadGentoo Linux Security Advisory GLSA 200602-03 - Apache's mod_imap fails to properly sanitize the Referer directive of imagemaps in some cases, leaving the HTTP Referer header unescaped. A flaw in mod_ssl can lead to a NULL pointer dereference if the site uses a custom Error 400 document. These vulnerabilities were reported by Marc Cox and Hartmut Keil, respectively. Versions less than 2.0.55-r1 are affected.
9d7ba6500ea8f5b41bd71774a5f548ec21497c8fbb6ce1759111e76f8ff9416dGentoo Linux Security Advisory GLSA 200602-02 - Andy Staudacher discovered that ADOdb does not properly sanitize all parameters. Versions less than 4.71 are affected.
2cb709a18275c8aaf1fd623376f96195c999f51a9ee4e030787647a7ff771147POC exploit that crashes hcidump by sending bad L2CAP packet.
9d33916b0bdd1b57ea4ef82a32a1d63ce4497276dba5d2411eab000e78284bbcBSS (Bluetooth Stack Smasher) is a L2CAP layer fuzzer designed to assess the security of Bluetooth enabled devices by sending malicious packets.
aaba600425bcd01257183c65b4aa46278664ad27a4f671b325327a8cabb77e48Secunia Security Advisory - Maksymilian Arciemowicz has discovered a vulnerability in phpBB, which can be exploited by malicious people to disclose sensitive information.
512d5ff9f05c5317ef00302486f73065fd88012e3d6d3fff3247d303784db684Secunia Security Advisory - Some vulnerabilities have been reported in cPanel, which can be exploited by malicious people to conduct cross-site scripting attacks.
439bebadf0ef66bea3324f00163dc3e416909a28a6a01275aa20b006bff559aaSecunia Security Advisory - Evgeny Legerov has reported a vulnerability in CommuniGate Pro Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
b3ca03de250d4dfd26dcc083e811750c77c39ca8569577ad1321b62207365552Secunia Security Advisory - A vulnerability has been reported in MailEnable Enterprise Edition, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
6d1e2be39d059bea250b1cdfc2eb37f90b391c627757447b27403c5da19ddbc2Secunia Security Advisory - AFI Security Research has discovered two vulnerabilities in mplayer, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
ed270441a4a91d10ff0f249bfabc4a91b93d75472984d0db1e1641e14a512341Secunia Security Advisory - Secunia Research has discovered a vulnerability in AgileBill, which can be exploited by malicious people to execute arbitrary SQL code and potentially compromise a vulnerable system.
13e48c2728bc3e98eb0f10b0df395b1b4f09826d31103dcba4093fd02022b7ebSecunia Security Advisory - rgod has discovered a vulnerability in Loudblog, which can be exploited by malicious people to compromise a vulnerable system.
5fda43f099edced57cfc041490f654b68f89e74793252a800741eff0b45cc22aSecunia Security Advisory - Timothy D. Morgan has reported a vulnerability in IBM Tivoli Access Manager for e-business, which can be exploited by malicious users to disclose potentially sensitive information.
566429307845345050cc5340d3cc605a842d8c6e5fe5de9579e52b1bdfc89524Secunia Security Advisory - Hamid Ebadi has discovered a vulnerability in PluggedOut Blog, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
90c27a97695b487364522c5ad9f53daa918998183c2eafda548ad1b555e78039Secunia Security Advisory - B3g0k has reported two vulnerabilities in CyberShop Ultimate Mc, which can be exploited by malicious people to conduct cross-site scripting attacks.
4bce594716f6f4802b581a879d751cdcd65580a25f53b5bfdfedc927e4188d7dSecunia Security Advisory - Soroush Dalili has discovered two vulnerabilities in Hosting Controller, which can be exploited by malicious users to conduct SQL injection attacks.
46665ac27ed6a586600413ddbb10c02c58741a4c12c55b18fa58c2173e12881aSecunia Security Advisory - Mario Oyorzabal Salgado has reported some security issues and vulnerabilities in PHP Link Directory (phpLD2), which can be exploited by malicious people to disclose system information, execute arbitrary SQL code, conduct SQL injection attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
16cd6c7ec3994a6b3b64714fd4aeaafdfada7bb7701506bf703ff2d86f739a8dSecunia Security Advisory - A vulnerability has been reported in Heimdal, which can be exploited by malicious, local users to gain escalated privileges.
2e74f892cc4cbbfb127117be8778adf27d1c365b11546f100b08d1f0cf7d3381Secunia Security Advisory - A vulnerability has been reported in Gallery, which potentially can be exploited by malicious users to compromise a vulnerable system.
9eb63cb0b8e480033ae117093135e40e092367f2cc41bda1969ff7631043ffeeSecunia Security Advisory - Mandriva has issued an update for openssh. This fixes a weakness, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
5913d200819c0b23247ecca43fec863fa8be2bf0c36278c3e87c4dc2c846e0ca
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed