dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
2851229d6d96c3f46c369880a065f21a90bc2f811297c7114f9152e9648c7f1dThe PHP-Fusion module Forum Rank System version 6 suffers from a local file inclusion vulnerability.
04f76e5ed4a0b2c4528a2f8ed6e2df819f5da6eed04dde13409bfe77d7270540Ubuntu Security Notice 610-1 - Christian Herzog discovered that it was possible to connect to any LTSP client's X session over the network. A remote attacker could eavesdrop on X events, read window contents, and record keystrokes, possibly gaining access to private information.
cb3abaade449396b06a92dfa2c942915a1d0de11c5182e0be4bee6bc0db93776Ubuntu Security Notice 609-1 - It was discovered that arbitrary Java methods were not filtered out when opening databases in OpenOffice.org. If a user were tricked into running a specially crafted query, a remote attacker could execute arbitrary Java with user privileges. Multiple memory overflow flaws were discovered in OpenOffice.org's handling of Quattro Pro, EMF, and OLE files. If a user were tricked into opening a specially crafted document, a remote attacker might be able to execute arbitrary code with user privileges.
c38f3f985ebc83c65928bb7d71bee2febda5aa6a848aa40aaf78da2c6ea8c16aA design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user's permission. Affected software versions include Adobe Reader 8.1.1 and below and Adobe Acrobat Professional 8.1.1 and below. This is an updated advisory.
2cbd1fa58213bb05a1302dcd79477d4bf94dbb3a84581019cd11a86426875dffTwo critical vulnerabilities exist in the javascript API of Adobe Acrobat Professional 7. A remote attacker who successfully exploits these vulnerabilities can execute restricted functions and arbitrary codes on the affected system. Adobe Acrobat Professional version 7.0.9 is affected.
2439aa2322600b477cca7a6d1e36624932b620e1d197bf4f3031537110a4ef00Mandriva Linux Security Advisory - A vulnerability in OpenSSH 4.4 through 4.8 allowed local attackers to bypass intended security restrictions enabling them to execute commands other than those specified by the ForceCommand directive, provided they are able to modify to ~/.ssh/rc.
84e9dfc8aed7759a50f77add5c93f3cf1bd57556eacec2e7409d16bc4092ac4bMandriva Linux Security Advisory - A vulnerability was found in start_kdeinit in KDE 3.5.5 through 3.5.9 where, if it was installed setuid root, it could allow local users to cause a denial of service or possibly execute arbitrary code. By default, start_kdeinit is not installed setuid root on Mandriva Linux, however updated packages have been patched to correct this issue.
90328bccffe3f3110bfdc3dc25d2e176105bd89c61a4d863d2c8ea4513d4ec86
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed