Hardened-PHP Project Security Advisory - The PHP 5 branch of the PHP source code lacks the protection against possible integer overflows inside ecalloc() that is present in the PHP 4 branch and also for several years part of our Hardening-Patch and our new Suhosin-Patch. It was discovered that such an integer overflow can be triggered when user input is passed to the unserialize() function. Earlier vulnerabilities in PHP's unserialize() that were also discovered by one of our audits in December 2004 are unrelated to the newly discovered flaw, but they have shown, that the unserialize() function is exposed to user-input in many popular PHP applications. Examples for applications that use the content of COOKIE variables with unserialize() are phpBB and Serendipity. The successful exploitation of this integer overflow will result in arbitrary code execution. PHP versions below 4.3.0 and versions below or equal to 5.1.6 are affected.
ec8e254e359278ada7c7209a0ce800bd53ecd06b1fe162e057e7ae221c714a4cdocmint versions 2.0 and below suffer from a remote file inclusion vulnerability.
a0c7b84939f13db21ad594de02c24209c65e34d4ba1de8d997b2bbfde13a2418OpenDock Easy Doc versions 1.4 and below suffer from a remote file inclusion vulnerability.
badb04c3ce6be21c211098e491c9b4f420efb0eefd601f13e3faadaacd048f83WebYep versions 1.1.19 and below suffer from a remote file inclusion vulnerability.
c78bdefbc1dae9f14eea3fbf7cd950b7b90aff3e40d73d36081bdbe8b060aa8bMoodle version 1.6.2 is susceptible to SQL injection attacks.
ab83aafcb1a80e45b5f61199d8f08c9b0aa433084e7397aedf4e972481cdb971Advanced Poll version 2.02 suffers from a remote file inclusion flaw.
775a3ba0a89139b7abf57dad5ba04d1e093acf472f02a8e0f22ce3dd6f7d5b8eFastFind, a popular search engine script, suffers from a cross site scripting vulnerability.
f1db1bc006fd8a0164324d632851f81f09960b16cc54488567cc7c2197fb8625FreeForum version 0.9.7 suffers from a remote file inclusion vulnerability in fpath.
6728ddba53df85522a8943962fe323622c6cf89499c5af8386692b70caf6d156Cahier de textes version 2.0 suffers from a SQL injection vulnerability.
24529c7424e1e0a700eb92385e2ac0b26c567cccebca25e9f3f36f7bdc122982TribunaLibre version 3.12 Beta, registroTL, compteur_v2, eboli, Jasmine-Web, and Foafgen version 0.3, and Album Photo Sans Nom version 1.6 all suffer from file inclusion and/or source disclosure flaws.
fb44f6368003084800507368239e17992af982ee426f8b3a2c2c562f28e1b07eLSsec has discovered a vulnerability in Computer Associates BrightStor ARCserve Backup, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system. The flaw specifically exists within the Message Engine (msgeng.exe) due to incorrect handling of RPC requests on TCP port 6503. The interface is identified by dc246bf0-7a7a-11ce-9f88-00805fe43838. Opnum 45 specifies the vulnerable operation within this interface.
786dcb0aab2a7b5332e94432d40f3d7b873a2f0020678462fb2d59c95f65a2d7LSsec has discovered a vulnerability in Computer Associates BrightStor ARCserve Backup, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system. The flaw specifically exists within the Message Engine (msgeng.exe) due to incorrect handling of RPC requests on TCP port 6503. The interface is identified by c246bf0-7a7a-11ce-9f88-00805fe43838. Opnum 43 specifies the vulnerable operation within this interface.
bac777a2b617f5455ff0ea89400e1c5c70d728edb4255664ef723b36c1150731LSsec has discovered a vulnerability in Computer Associates BrightStor ARCserve Backup, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system. The flaw specifically exists within the Discovery Service (casdscsvc.exe) due to incorrect handling of requests on TCP port 41523.
5180f52c40007d64da06cf7ac9ed35d52281f0f71feab512634cc924c1abacd5Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
f32cda1434a71fa5fe89197ff34fc4c29186ecdd92336b490e259a7627f96711Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.
819087444baea69dfe5d8042c090ab5b25b7bdafef0f03186555dd1cd6777800phpBB User Viewed Posts Tracker versions 1.0 and below suffer from a remote file inclusion vulnerability in phpbb_root_path.
e294e3d8c5caf08520e102a3d211760e76814e801c71c4af08bb01cedf79ced7Emek Portal version 2.1 suffers from a SQL injection vulnerability.
05c46e0e7e15c544a35427c4ca20931c22cf4b0ed0d821fdf7f7b5ee8dc71576Lotus Notes versions below 6.5.4 and 6.0.5 suffer from multiple vulnerabilities having to do with Java Applets.
188ae90a30e7d9541579af061add5af04f503a733924b2d8a5170fb390ddfcc7WikyBlog versions 1.2.3 and below suffer from a remote file inclusion vulnerability in includeDir.
e1884448d1059fbc5125f6a2404adbbf0d3f475aa9c3a37a5bc8d8a3b65549afGentoo Linux Security Advisory GLSA 200610-03 - Tavis Ormandy of the Google Security Team discovered a static buffer underflow in ncompress. Versions less than 4.2.4.1 are affected.
892e624aa587f103aa1f96a11e4fae8e999fe564ce78b22671210abbc2126caeUbuntu Security Notice 359-1 - Benjamin C. Wiley Sittler discovered that Python's repr() function did not properly handle UTF-32/UCS-4 strings. If an application uses repr() on arbitrary untrusted data, this could be exploited to execute arbitrary code with the privileges of the python application.
2eb7fa2cb5920c9d4ed29a10526a2cfe2e716856cddd8055969438f9b68b41eaTorrentflux version 2.1 suffers from a cross site scripting condition using the User-Agent as an attack vector.
0f07a88c880c17dce4534f254853cd0093f594d4d3c8c9cae9c901af8406bba9Exploit for remote command execution due to a flaw in the Free WPS file upload functionality.
30207acd5983a119381e8419717106ca190465fc88f070c726f71a65b800d921Local proof of concept exploit for the Symantec Antivirus Engine that requires no special privileges (6 of 6).
68509c842fb90e2a10f16e9ed973d86f9ca2f8ef067098f0f12a95168742de80Local proof of concept exploit for the Symantec Antivirus Engine that requires no special privileges (5 of 6).
7718ea0485483a8c51e5532e6a7026b9a70bee7575e9d782a7f39f146bb990f2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed