MySQL server versions 5.0.20 and below suffer from information leakage and arbitrary command execution flaws.
73926f323fd235433143abd52ed6b9430e45c62875f010bf2cd9188857a7813dExploit for MySQL server versions 5.0.20 and below which suffer from information leakage and arbitrary command execution flaws.
dff58328a3f1ca93623e9a8886b9d869d4f877a0b500615da4f050b4bbaf2ad2MySQL server versions 4.1.18 and below and 5.0.20 and below suffer from an information leakage issue.
eb1d10694aff57e15a622b021c3784bf24605040a4da6933d54eafaa3b59792cProof of concept exploit that demonstrates an information leakage vulnerability in MySQL server version 4.1.18 and below and 5.0.20 and below.
8660944cf077440334eb208ca4159d9608657b390786c7af9f2b5c70a2a33352Secunia Security Advisory - A vulnerability has been reported in Kerio WinRoute Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).
234d2cd50d442335cd1fb5870bf64689b71927d9e2c7cbb233137bd9e7cd0520aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
09c6959671e2e96315d161cf34084461c194e5ab0a3007631cddf8bc3efe7f2eNuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
3ab2fd5defa7f41dccfdc1c032d9287e4a6f2b70f812add551c581db366dc618ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
ff9085c9dedea34507ad1e092962d568d42bc1d28b62e18d418ba32d5c53ec09Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
76d42706137ffd2ecb37b25460ce517ddb9502569972f20e19e220a2c1210e2bSamhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
fe845acf956cdb59339c630a0d1ab3ed125e77572190ddf93b27a504ccc3d947sBlog version 0.7.2 suffers from SQL injection and cross site scripting vulnerabilities.
e443e280c31b2c8ecc23d16203b2e264207695f3878220ac35956d2b3b2e19e0Gentoo Linux Security Advisory GLSA 200605-04 - rgod has reported that the hub_dir parameter in index.php isn't properly verified. When magic_quotes_gpc is disabled, this can be exploited to include arbitrary files from local resources. Versions less than 0.10.2 are affected.
35b7294cf70a18b81a5a8bdc1ae632276192b167d8244f2d6fc594cf3a1d5d73Gentoo Linux Security Advisory GLSA 200605-03 - Ulf Harnhammar and an anonymous German researcher discovered that Freshclam fails to check the size of the header data returned by a webserver. Versions less than 0.88.2 are affected.
d6861ba5972c1f6951266afe52d3ff68eea14c4650ffe4faba6c47e46f53dd16Gentoo Linux Security Advisory GLSA 200605-02 - X.Org miscalculates the size of a buffer in the XRender extension. Versions less than 6.8.2-r7 are affected.
17e3b856ff633a9fa5b092ebd9928ed4ea54ec0dc03bf22c817700a2f7570dcfejabberd versions 1.1.1_1 and below suffer from a denial of service vulnerability due to a symlink attack flaw.
490da9eada0fca052bf565945036b9437a01502e0e69c6d6cc8d3d2c5d5495bfZenphoto versions 1.0.1 Beta and below suffer from path disclosure and cross site scripting vulnerabilities.
83d8df863b4ce9c8b39c1a8aa27340646670b7c05e88b7e7d904deb6432ebc8dDebian Security Advisory 1049-1 - Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser.
5b3d056b0e6dbbef4c5637ca89c18542b92ec6c8001db4b73381c6fb2230c44aExploit for X7 Chat version 2.0 and below that makes use of an arbitrary local file inclusion flaw that allows for code execution.
9da1962af51d0e1b0807be2ad319b0551dc9c6796c28f5155a3585428331e793Cisco Security Advisory - Cisco Unity Express (CUE) contains a vulnerability that might allow an authenticated user to change the password for another user by using the HTTP management interface, if the password for the user being modified is marked as expired. This can result in a privilege escalation attack and complete administrative control of a CUE module, if the password being changed belongs to an administrator.
37fca38ecd889b1719e457f3c41654c91b2ef522a7f379bbf307b794ad63464fJSBoard releases 2.0.10 and 2.0.11 suffer from a cross site scripting vulnerability.
ef4921c4eaae2c60489129528cea8016ef9baaaed728b17d6583b53923c60897VHCS is susceptible to cross site scripting attacks.
df40d326412700f818f56f6cacbd295a167462a7185002c9127d2c2d10cfb1f2Secunia Security Advisory - Aliaksandr Hartsuyeu has discovered a vulnerability in Newsadmin, which can be exploited by malicious people to conduct SQL injection attacks.
2c3b716d4c3ebe0cb441663c4b7c09d494fdb925b0383c343c3d537c0fa5a09bSecunia Security Advisory - Muhammad Ahmed Siddiqui has discovered a vulnerability in XM Easy Personal FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
ddfeb3882501238e22f645551acff9629f179965badb358bb84b2c1af7b1540aSecunia Security Advisory - Javor Ninov has discovered some vulnerabilities in Big Webmaster Guestbook Script, which can be exploited by malicious people to conduct script insertion attacks.
71b1ebd4b94b3a9088770867e6c922817d4728f1687a31888af3833ba19cc748Secunia Security Advisory - A vulnerability with an unknown impact has been reported in the Invision Community Blog module for Invision Power Board.
472a22b02f50d26db28560b31826380a014f2a8acb32c7b4bdcccda9bbf64bc8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed