Secunia Security Advisory - Debian has issued an update for ldapscripts. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information.
44ff5b971430ea42c7451ebe3ecae5f8ce670f38458d285b03dfdceb614f6570Debian Security Advisory 1485-2 - A regression has been fixed in icedove's frame handling code. Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.
a6d426ec079f7f75028eaf841b1e52475921b8783d245d90205ba780078153d0Debian Security Advisory 1522-1 - Tavis Ormandy discovered that unzip, when processing specially crafted ZIP archives, could pass invalid pointers to the C library's free routine, potentially leading to arbitrary code execution.
3c5604ace5a4b4adffc09cf7c4be1bbc96a5af52d3a0addfbcb4699152c5d081Home FTP server denial of service exploit.
5d793f2f0d04811f1fe2ea3f01688bd63b7ba1e64a38a6bb5d2d0fcb5ca0f7b6Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to conduct cross-site scripting attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.
10721d9d01764374b7d123ad11e6b21bc798cd4fd93fba77e587544a7796581aSecunia Security Advisory - S@BUN has discovered a vulnerability in the myannonces module for eXV2, which can be exploited by malicious people to conduct SQL injection attacks.
24ff6106c5b2a54b5bf3f2919d7f077d07ad0470527f5aa72a902ac94df87436Secunia Security Advisory - S@BUN has discovered a vulnerability in the Viso (Industry Book) module for eXV2, which can be exploited by malicious people to conduct SQL injection attacks.
ee8ae963ccc0edb57c275d98f4b972911d7baf8b52e2a5dc8ee7628168fa8470Secunia Security Advisory - Debian has issued an update for horde3. This fixes a vulnerability, which can be exploited by malicious users to disclose sensitive information and potentially compromise a vulnerable system.
026dcc473cfce77aa84df07694d55682fff649cc3c5c05e76728e95c55cb8f51Secunia Security Advisory - A vulnerability has been reported in Novell GroupWise, which can be exploited by malicious users to bypass certain security restrictions.
9db45ff52c6e6ee07796a2e42c586e2ffe26a4a38044b940364a32b6f19cd4a5Secunia Security Advisory - irk4z has reported a vulnerability in phpBP, which can be exploited by malicious people to conduct SQL injection attacks.
0461b99f9e183cd12e1ac72ba4b3b74011b2cc4541ba46bd1196442bb40c1b9cSecunia Security Advisory - Some vulnerabilities have been reported in VMware Server, which can be exploited by malicious, local users to gain escalated privileges or to cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions.
e59d69385f099bb258f50e017b289bfb8acef263148a0167785a08e077b3c3edSecunia Security Advisory - Some vulnerabilities have been reported in VMware Server, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to cause a DoS (Denial of Service).
477d4b4a9a464720fcb144ab65353514b9170dd6103ebef3bc3e8602c976131dSecunia Security Advisory - Luigi Auriemma has discovered some vulnerabilities in MG-SOFT Net Inspector, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
7b89d8291d45e145a6c12a6c93f9f4d9aeb957a45d891bbe3ff21fceaae1a3beBootManage TFTPD versions 1.99 and below suffer from a buffer overflow vulnerability. To use the related exploit, run tftpx -f SERVER 2000 none.
4440e7dd7df10701ae99ce21a53a10327b895cff4d2485732727d601682e5e58MG-Soft Net Inspector versions 6.5.0.828 and below suffer from format string, directory traversal, and denial of service vulnerabilities. Full details provided.
569933884f922aa4da88c94d045a864a94684cbeacbddf1feda28ac6a29f36fcThe old buffer-overflow in the subtitles handled by VLC has not been fully patched in version 0.8.6e, in fact buffer_text2 in ParseSSA is still unchecked.
0b5c3ec72dc5fc88add5d1a8946ee29b1ba0b1a3d103e5cdd2c339a142f09dceRSA WebID version 5.3 suffers from a cross site scripting vulnerability. Full details provided.
a1edb59a5bf214c71a57242fc57c42d33e01cde190f9b3693bb2d9a034dc05d1Secunia Security Advisory - irk4z has discovered a vulnerability in fuzzylime (cms), which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
8e5bcbb42de604f065ec9344894d4475cb03e4a61be370c313184411f94cc927FTP_AnoScan is a FTP scanner that can scan a range of IPs looking for servers that allow anonymous logins. Written for Linux.
770a6f10efe40f8336141be7d9de8569932428bbf02310b5e72fa553f17baba3SnewsCMS Rus version 2.3 suffers from a cross site scripting vulnerability.
b45d4a2d85b3c901aa91802abb1ffac2e776153efdcf56d50bed074fa76c3056RaidSonic version 2.6.0-n stores the encryption key in plain text on an unencrypted partition.
7236f5bb5c52ecb5f0e6dac6ef96f1543f48c62d8f7ac948c37e43a6bc110d9bDebian Security Advisory 1493-2 - An oversight led to the version number of the Debian 4.0 Etch update for advisory DSA 1493-1 being lower than the version in the main archive, making it uninstallable. This update corrects the version number. Several local/remote vulnerabilities have been discovered in the image loading library for the Simple DirectMedia Layer 1.2.
493f28ba29caa0d59ba9a9c9ce7822536278b1a8d064c49e08cf7401edc2eecdDebian Security Advisory 1521-1 - Julien Cayzac discovered that under certain circumstances lighttpd, a fast webserver with minimal memory footprint, might allow the reading of arbitrary files from the system. This problem could only occur with a non-standard configuration.
2840b96eb72ba9b88300f61440b5bb9afc752ee4c42cf701dbde09e00d348215Debian Security Advisory 1520-1 - It was discovered that the regex module in Smarty, a PHP templating engine, allows attackers to call arbitrary PHP functions via templates using the regex_replace plugin by a specially crafted search string.
3b96c9c75d168cb1dab3f2e26096921aa454050b3ea5aaa6a645a8a2e6a1d152wtmpClean is a tool for Unix which clears a given user from the wtmp database.
1bb194e0462be258e681e6bb23043395da5c68ad8b589edd87ec58c79122c450
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed