Verisign has various open HTTP redirect servers that may assist phishing.
cd49eb736abc0756d54da4034f1314b8MzK Blog suffers from a SQL injection vulnerability in katgoster.asp.
60d39a1e91a5664b25eb18efd37f2fdeWhitepaper discussing how to chroot SSHd on Linux.
b8ac8bec7c6f34e51f6e3e029d5c3b43Ubuntu Security Notice 483-1 - Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. Steffen Ullrich discovered that the Net::DNS Perl module did not correctly detect recursive compressed responses. A remote attacker could send a specially crafted packet, causing applications using Net::DNS to crash or monopolize CPU resources, leading to a denial of service.
1ee28020e77f1222473434a7acd3442aBy using a specially crafted "flv" video it is possible to trigger an integer overflow inside Adobe Flash interpreter which could lead to client/browser-plugin crash, arbitrary code execution or system denial of service.
b746354064d05658a8ac2541f856ee2feSyndiCat is susceptible to multiple SQL injection vulnerabilities.
5d0af3c6127d3418e099b6a1355d200eTeamIntell has discovered a local buffer overflow vulnerability in Poslovni Informator Republike Slovenije 2007 aka PIRS2007, a data collection of companies and active business subjects in Slovenia.
919831362bf3d6210792106c6233a5a2Secunia Security Advisory - SUSE has issued an update for php4 and php5. This fixes some vulnerabilities, where one has an unknown impact and others can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges, and by malicious people to to cause a DoS (Denial of Service), bypass certain security restrictions, and potentially compromise a vulnerable system.
c627f109497c8821ea6e54df8ef74e0aAUSCERT ALERT - A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang. The first vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier. The second vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier.
a41671b4f430da1c16c147c82f9ed593Secunia Security Advisory - Mandriva has issued an update for perl-Net-DNS. This fixes some vulnerabilities, which can be exploited to poison the DNS cache or cause a DoS (Denial of Service).
8e09d95da712e2c2a5135aa0373426c7Secunia Security Advisory - Rapha
8544c0f247174e8b37ae9b684bb779c5Secunia Security Advisory - Some vulnerabilities have been reported in libarchive, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
1572b6997243e2bde17b5ad259a14090Secunia Security Advisory - Aaron Portnoy has reported a vulnerability in Progress, which can be exploited by malicious people to compromise a vulnerable system.
a079f9adf311e6e77bb75ebf646d1bc7Secunia Security Advisory - FreeBSD has issued an update for libarchive. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
70419ede6ffd5fd306296e4e57f840e1Secunia Security Advisory - RSA has acknowledged a vulnerability in some products, which can be exploited by malicious people to compromise a vulnerable system.
4ea57dc5c28c2509395bb95efbc193a3YouTube.com suffers from an age verification bypass vulnerability via using googlevideo.com to watch the recording.
a96d914899443a84a2250afdb974729bActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a permissions settings security issue.
d8c620ba7a554e369327d362c0cbe1b1ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a design flaw where it performs client side content filtering to restrict javascript insertion.
0ddb4bcd94e3a0f8bea6da9f484240bcActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a cross site scripting vulnerability.
760603a23574ffb0492983918120073aActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a SQL injection vulnerability.
b8e37e33817af05e6d80a52f41b5fae0Various popular web sites like thepiratebay.org and internic.net suffer from cross site scripting vulnerabilities.
fd672e1ddf398dff373ca2f488ea6d09A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. User interaction is not required to exploit this vulnerability. The specific flaw exists during the process of scanning multiple maliciously formatted CAB archives. The parsing routine implicitly trusts certain user-supplied values that can result in an exploitable heap corruption.
be8e5cb1bb99fd0fd8db4aeca12bec60A vulnerability allows attackers to create a denial of service condition on software with vulnerable installations of the Symantec's AntiVirus engine. Authentication is not required to exploit this vulnerability. The specific flaw resides in a forged PACK_SIZE field of a RAR file header. By setting this field to a specific value an infinite loop denial of service condition will occur when the scanner processes the file.
ef3052215879695af8421987750c8dd3A vulnerability allows attackers to execute arbitrary code on vulnerable installations of RSA Authentication Manager and other products that include the Progress server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Progress Server listening by default on TCP ports 5520 and 5530. The _mprosrv.exe process trusts a user-supplied DWORD size and attempts to receive that amount of data into a statically allocated heap buffer
5e0ed789c25b8e4dd5a76e87be3f6576Mandriva Linux Security Advisory - A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data. A denial of service vulnerability was found in how Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding.
858a1ffee7d19abb06a54ea28e358ddb
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed