Gentoo Linux Security Advisory GLSA 200802-07 - Marcus Meissner from SUSE reported that the pa_drop_root() function does not properly check the return value of the system calls setuid(), seteuid(), setresuid() and setreuid() when dropping its privileges. Versions less than 0.9.9 are affected.
553d94f93fd8dffc1d3689adebc35253dc0332b26a4eee04b99e180726d42b7aCisco Security Advisory - Cisco Unified IP Phone models contain multiple overflow and denial of service (DoS) vulnerabilities. There are workarounds for several of these vulnerabilities. Cisco has made free software available to address this issue for affected customers.
f4b478327b857501c25d146a9195cf898ef6dd16a790d302fad75ee4c467f124Cisco Security Advisory - Cisco Unified Communications Manager is vulnerable to a SQL Injection attack in the parameter key of the admin and user interface pages. A successful attack could allow an authenticated attacker to access information such as usernames and password hashes that are stored in the database.
639e0e695b0229e11a5efa91427e8b5cc1a3516a903bcf4c8c00482f37667d65HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Apache. The vulnerability could be exploited remotely to execute arbitrary code.
3a12a779aae311d77739e03767b4aa32e46cfa311cb9c6c01e788f5ddae26b89This is a kernel module for Linux 2.6 to replace vmsplice() function with another that does nothing. The purpose of the module is to evade the attacks to the system call logging to kernel messages the usage attempts of vmsplice() with the arguments.
1126405085dd9c722f1b66ad864cd6e43f1a2622480e44610d778cb191a047d7Affiliate Market version 0.1 BETA suffers from a local file inclusion vulnerability.
bf1df9e132e4f9ce617018d53a4c562511e24660a08cac7245e349377658f730Debian Security Advisory 1494-2 - The vmsplice system call did not properly verify address arguments passed by user space processes, which allowed local attackers to overwrite arbitrary kernel memory, gaining root privileges. In the vserver-enabled kernels, a missing access check on certain symlinks in /proc enabled local attackers to access resources in other vservers.
34b719d3875c967855d387fd2b1f6c6924524020e468be586fbfcf5abcaffc62Apple QuickTime versions 7.4.1 and below suffer from multiple stack overflow vulnerabilities in QTPlugin.ocx.
fdbca01a0f6c4f9f8ad56a88eac052948934a87303f80ed90829910e58ef955aMicrosoft Office 2003 WPS file reading stack overflow exploit that launches calc.exe.
204078ab39d2ecc5b246fa57f02d22aff5e783cfaed8c940cde5d6f71e396d3eSecunia Security Advisory - Mandriva has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
4156ec8e4d289f9be824d2a0cfb46afa3ecf14d14a71de941fe8eefc7e8567f7Secunia Security Advisory - Some vulnerabilities have been reported in NX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
83161c1e33de418cb9ef6c46c622ca2dce3adf7b41c5a77b1f7f105320152c27Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities and weaknesses.
f880874f080bcfcfb05d325d3fd91dae7c9c2c6a7b135cc343d6fa17aaa92d3aSecunia Security Advisory - A vulnerability has been reported in Novell Client, which can be exploited by malicious people to compromise a vulnerable system.
3ca5cadcade32719f1e68dd9884c2222042cf1a10ffd16d4e98495d64c2066d5Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges.
d725cf7b2cbe5a90f70b8e27ec1806463be9a8021c1988d81d10aa89849a14d8Secunia Security Advisory - Gentoo has issued an update for horde-imp. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
108f86d891a48c01d1370e44993b26804bdd4d710eaecfa6c5982c0f9e0befbbSecunia Security Advisory - Gentoo has issued an update for gallery. This fixes a weakness and some vulnerabilities, where some have unspecified impacts and others can be exploited by malicious users or malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.
a895ef1146ef2cfba35e04ed2093a74c31930e03463de282fe43b98510e5cf24Secunia Security Advisory - Fedora has issued an update for mailman. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.
88511fe6fd499593d4bba76066e4be470eb9127b2cc483e9d6ee5f300cccad14Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
8e2f743541f6805c05e82335a1353ec37031e3ab752170c89ae54e5468f4aa43Secunia Security Advisory - rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
00f239108873426e6969bef8cfbd8f9da0b93f71403ac390cd5f59c57f8cb0b3Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
1a8c9650bb3b0fd16cc543904ea9e4db6334ab7b998665f451e1c0710c65367bSecunia Security Advisory - DNX has discovered a vulnerability in AuraCMS, which can be exploited by malicious people to conduct SQL injection attacks.
084dec2e1cbb049408f823096f6005f32b8bbb4678d5217420319787119581d9A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Versions 6 and 7 are affected.
8cb8edb63c2fb5f85f11ceb1a52da4bf15efbde6280976b3fa61368ea4ecfc4fSecunia Security Advisory - Ivan Sanchez and Maximiliano Soler have reported a vulnerability in Beyond! Job Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
4b82b92f4299c93d0d0feb10d2281c7a4cf6e6793017ae141495197120cf4f48Open Realty version 2.4.3 suffers from a remote file inclusion vulnerability.
300f2fd3a913b84560142a7081538c3eeb890a27c67c9c1ae669d1185a2ef6a1Citrix Presentation Server Client WFICA.OCX ActiveX component heap buffer overflow exploit.
1d5f55c08aed2772a1687dc30b77a07987a65136e0be10cbf56ee59a69461f8d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed