Verisign has various open HTTP redirect servers that may assist phishing.
e8af84c34d993d2f3a426aa98367353af8697e3b1bdcdae5dba286af1f725cbaMzK Blog suffers from a SQL injection vulnerability in katgoster.asp.
a9bababfe56c0450554ad72b016fdf4c8f2590a20b6fa92e64f3fa6c0e7da067Whitepaper discussing how to chroot SSHd on Linux.
af958cdea0fa1867d95fdc17f44bc811a2067dcfa26bacaf4799298815175996Ubuntu Security Notice 483-1 - Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. Steffen Ullrich discovered that the Net::DNS Perl module did not correctly detect recursive compressed responses. A remote attacker could send a specially crafted packet, causing applications using Net::DNS to crash or monopolize CPU resources, leading to a denial of service.
23402e1eb87ebdef781c7ff730c5104d8411dfcb246b85b8f53f40de76c8bfb0By using a specially crafted "flv" video it is possible to trigger an integer overflow inside Adobe Flash interpreter which could lead to client/browser-plugin crash, arbitrary code execution or system denial of service.
b5745d95565e102a3b47c37bae0f9bb5d2ad4eb82226f8857c7805702ddd2ae8eSyndiCat is susceptible to multiple SQL injection vulnerabilities.
d843ff604f3f46517a45dcfa7e1a21495f839b8c3d86df197fe21ef4c395df0aTeamIntell has discovered a local buffer overflow vulnerability in Poslovni Informator Republike Slovenije 2007 aka PIRS2007, a data collection of companies and active business subjects in Slovenia.
2648391a8541792b5d75d4ceba84f3e915c4492ff0cd020e5260da2a814aa48fSecunia Security Advisory - SUSE has issued an update for php4 and php5. This fixes some vulnerabilities, where one has an unknown impact and others can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges, and by malicious people to to cause a DoS (Denial of Service), bypass certain security restrictions, and potentially compromise a vulnerable system.
0f67186da20a3379be13fcebe435eca3657f18a83a0aa375e172d6072dc3c485AUSCERT ALERT - A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang. The first vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier. The second vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier.
b4e7bf595970ae7065a98357807cb501af2b46b0055a9e2bde3fd8e57b04a001Secunia Security Advisory - Mandriva has issued an update for perl-Net-DNS. This fixes some vulnerabilities, which can be exploited to poison the DNS cache or cause a DoS (Denial of Service).
a6b3766b3b424b2b35bc6a1fc376df73d7595b570b43cdac3ccd9857eb9b9db8Secunia Security Advisory - Rapha
47f30727bd43c6bbb946220f1bd949706792badec4b356ccd654dc25ae9db9fbSecunia Security Advisory - Some vulnerabilities have been reported in libarchive, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
0fd2a6e135594bd54fd5fe51a0a82ac15e5a87633a3036a5ecd59a7f0c0d5983Secunia Security Advisory - Aaron Portnoy has reported a vulnerability in Progress, which can be exploited by malicious people to compromise a vulnerable system.
681c3629db20c982e1edf66c4ed392cc7a8d7d007df4026d24f4316f9c736c7fSecunia Security Advisory - FreeBSD has issued an update for libarchive. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
cda153679a245ad640110520fc76e3d9d5311f011c1b4b29b175822854ac6af4Secunia Security Advisory - RSA has acknowledged a vulnerability in some products, which can be exploited by malicious people to compromise a vulnerable system.
eab15f6b60ec6afcea9ddf4bb1c7b60ada493c054995047ae2b5a1edda1b2278YouTube.com suffers from an age verification bypass vulnerability via using googlevideo.com to watch the recording.
9b88a68a46eb84499571819fe3e5aacc70b9ca5805f95dc5397af1ced025c8b8ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a permissions settings security issue.
98b2278fe74c4b5c02e290563a3cd28e03d7495811f241b8175aa3fab52c0309ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a design flaw where it performs client side content filtering to restrict javascript insertion.
bc4832766be82e02a34378142e0ee9f05d44f38e630b629a245d37622575bcc9ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a cross site scripting vulnerability.
2d0949b924612b1f96f9c3711606b75f41254df1e65e4e224e463a9870d7fee0ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a SQL injection vulnerability.
b420640763e53d8c157e14cb6ba6cf0a71f7e2aefcb1a74b7229bdee5a89e327Various popular web sites like thepiratebay.org and internic.net suffer from cross site scripting vulnerabilities.
82b5aa1c83e2d6e46d937cbaf519462a11668f67a3ded0cbef27b092f54ee084A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. User interaction is not required to exploit this vulnerability. The specific flaw exists during the process of scanning multiple maliciously formatted CAB archives. The parsing routine implicitly trusts certain user-supplied values that can result in an exploitable heap corruption.
ff68def6414c5a17260597ea6f9302bbc0974165cea1f57150ee5963846fb729A vulnerability allows attackers to create a denial of service condition on software with vulnerable installations of the Symantec's AntiVirus engine. Authentication is not required to exploit this vulnerability. The specific flaw resides in a forged PACK_SIZE field of a RAR file header. By setting this field to a specific value an infinite loop denial of service condition will occur when the scanner processes the file.
8c3b03361c415d4af702f337b7b7a1c3bac489c20da60f6b941d19b2bbde57f6A vulnerability allows attackers to execute arbitrary code on vulnerable installations of RSA Authentication Manager and other products that include the Progress server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Progress Server listening by default on TCP ports 5520 and 5530. The _mprosrv.exe process trusts a user-supplied DWORD size and attempts to receive that amount of data into a statically allocated heap buffer
5991d00193b63121f2781ae42162b01e3c2ec0fe6645783a2f56dd01c2fc2de0Mandriva Linux Security Advisory - A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data. A denial of service vulnerability was found in how Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding.
c2a2cee9cc049306a5cd40b0e59a19a5592f58175929efba008c2a59967d82af
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed