Secunia Security Advisory - Ubuntu has issued an update for unzip. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
71fe9d63b6449271320a94b8f09282c8938f874d3b9eda9d32f9421f45679d67Secunia Security Advisory - Debian has issued an update for asterisk. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions.
ced2485e3154a00d31e3cb04d6cc3f72f78ae0a97792dc209d120d65cda1f470Secunia Security Advisory - CERT/CC has reported a security issue in Windows Vista, which can be exploited by malicious people to bypass certain security settings.
897e8b43199cc7b54d88fc6f1bc703a07e2f367b9e6587d09d038a54b7217341GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
a0e77b76bd413d07c5bab23e98d63c98222a52197686abcf36b9eec50fef115bipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.
3289fff009448b23ae5a1a23ef532cf71037575a42ae74e17ce860cba118e657GrokEVT is a collection of scripts for reading Windows event log files on Unix. The scripts work together on one or more mounted Windows partitions to extract all information needed (registry entries, message templates, and log files) to convert the logs to a human-readable format.
01a6114fa008aabd4c84b5eb4af2b43ecb2816c9a7e5408de54d5507d0bf83abASUS Remote Control versions 2.0.0.24 and below suffer from a remote buffer overflow vulnerability.
dc80f62023f695e8c06c7fdf434d7deaba7e5deafa606f669de15eb02669e9fcSecunia Security Advisory - A vulnerability has been reported in AirPort Extreme Base Station, which can be exploited by malicious people to cause a DoS (Denial of Service).
b30b94441a115e9eb394cc62c54edfa3b6009a6a4f6e1f9ebbb5626d6b090f89Webutil.pl versions 2.3 and 2.7 suffer from remote code execution vulnerabilities.
c5480ecb2c2e6b5afd5d7d4f2cbe0723dc2c54eefd92ed74626ef8b7ef0be42ePHP versions 5.2.5 and below suffer from a *printf() functions integer overflow vulnerability.
cc39a63d74c0c0a7f0114003041d88c52816eba258f5f59908c21105896c2750DotNetNuke versions 4.8.1 and below suffer from a default machine key exposure vulnerability.
bb0ab19943bdf9c2c626b421e41ce0aa88702b0bb3613f15c6569eed9522f41cInternet Explorer 7 allows the overwrite of headers such as Content-Length, Host and Referer, exposing the browser to HTTP request splitting attacks.
eaea3131591bfb6ccae35e2fe3c39290b35d6c49dc952d056d4a2a8909089880Internet Explorer 7 allows the setting of header "Transfer Encoding: chunked" in setRequestHeader exposing the browser to HTTP request splitting/smuggling attacks.
27996f8ad05851a84e1ef28e49b50bfdf6fdaa29d8a9736f6f788a883dbc9cffSecunia Security Advisory - A vulnerability has been reported in the Speedport W500 router, which can be exploited by malicious people to disclose potentially sensitive information.
2395dcdaf6267f88cc1136bf922e2ec12d974d30a555d2408b3edd1faf31559aWowRoster versions 1.7.3 and below suffer from a SQL injection vulnerability that appears non-critical.
195c7a4928b45523b68b0cd22370be734eae569074e75fef3c47007a3d241429A remote vanilla stack overflow vulnerability exists in the Surgemail IMAP server. The vulnerability is caused due to a boundary error in the IMAP server, when processing overly long arguments of the 'LSUB' command. The vulnerability results in a simple stack overflow condition that can be trivially exploited.
6caf1134a18b78d821475643125ddbaac4ab936cf127a25b6b9b7c01c6c4eaf2CanSecWest 2008 announces the PWN2OWN contest where vanilla installs of Ubuntu, Vista, and OSX will be hacked. The winners get to keep the machines!
9ac602d437769611a6cd453abcad60353eecba8464cff4589fc8295a27ca9ff0Microsoft Office Excel code execution exploit that makes use of the vulnerability noted in MS08-014.
a2605022d047e1bf3cbeaee33d181ccc7599126b5df19c8aa6f5553c70893259D.E. Classifieds suffers from a remote SQL injection vulnerability.
d16175c189609eae26ea7057a4c88d3b4bf482e9f2b6e68d4363dbcff06f080fThe RunCMS Photo module version 3.02 suffers from a remote SQL injection vulnerability.
58ca9d0fe6bad67cdef9117db51d932abf8729f978089930b7130be7afa5ca88phpAddressBook version 2.11 suffers from multiple local file inclusion vulnerabilities.
fe5a76983d7eba3c136a4cc15a5bc464e4a03c9137dd06ef33fbcf49c8dbde43Secunia Security Advisory - meathive has reported a vulnerability in Linksys WRT54G, which can be exploited by malicious people to bypass certain security restrictions.
4e29b706a8adae48473977e82fa7bc437c475df8d77d3118fafa7fbea4535641Secunia Security Advisory - A vulnerability has been reported in Namazu, which can be exploited by malicious people to conduct cross-site scripting attacks.
ba73c1faa82a980fb4b8918ddf7fb6d70332ee9fc713e0fca12954914d89dbcfSecunia Security Advisory - Some vulnerabilities have been discovered in Piczo Image Uploader ActiveX control, which can be exploited by malicious people to compromise a user's system.
66cc3d4db98bdfd537a38884fc069ec8cf59224e0e2ebc8507b67d254e477cd2Secunia Security Advisory - cocoruder has reported some vulnerabilities in Adobe Flash, which can be exploited by malicious people to compromise a user's system.
4345a4ae36997216bd66c566588114c2209e2b58122a211b203c9452162472be
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed