HP Security Bulletin - A potential security vulnerability has been identified in HP-UX using libc. This vulnerability could be exploited remotely to create a Denial of Service (DoS).
52d11011d495cbe5e04c486dbcd25132c2f7fbe3f2834ec3b34174a98ae7797aHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning.
1e18e380946647399739bc1f609d341509a2386f8bc8d397d6eeb4e945f25e94Secunia Security Advisory - A vulnerability has been reported in Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
9d718098547192a895ab79bc4bb883703780cd66fa6d637443a1051eceaf7ceeUbuntu Security Notice 635-1 - Many xine-lib arbitrary code execution vulnerabilities have been addressed in Ubuntu.
99d390c6edf6c39134bcdba1921abab340fd7b8da4de5350fcc4a3b2f854f9bfKshop version 2.22 suffers from a cross site scripting vulnerability.
d18326f7dff13ecc8c8be95ec06105c7d5df2d825794f0f15661bd8d85346848Rapid7 Security Advisory - mod_proxy_ftp as included with Apache versions 2.2.9 and below and 2.0.63 and below suffers from a cross site scripting vulnerability.
d723a57690d72923966acad66797f24628da48767d63926e982dee54557fc43fThe Webex Meeting Manager utilizes several ActiveX controls, one of which is vulnerable to a stack based buffer overflow. The atucfobj Module contains a single method called NewObject() who's only parameter is vulnerable to this issue.
59ed4c8c159f8391f384540b98af79d0c0a34c51e5561014af355d1b1ad355adCA products that embed Ingres contain multiple vulnerabilities that can allow a remote attacker to execute arbitrary code, gain privileges, or cause a denial of service condition.
6040ab449470478bb5b86d5556ee4b54361f55be9e1dd935da2bec7284d81f1fSecunia Security Advisory - rPath has issued an update for gaim. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
182ceaed78e73d77a7c6fd468824b9bfada9cd94c4f0ca02ff96e7b5acabaf7cGentoo Linux Security Advisory GLSA 200808-06 - Chris Evans (Google Security) reported that the libexslt library that is part of libxslt is affected by a heap-based buffer overflow in the RC4 encryption/decryption functions. Versions less than 1.1.24-r1 are affected.
ef6c4548eeaf2c38dd381d020b7846dcabda70f114e2b51587199cf82d3654bfGentoo Linux Security Advisory GLSA 200808-05 - A buffer overflow error was found in ISC DHCP server, that can only be exploited under unusual server configurations where the DHCP server is configured to provide clients with a large set of DHCP options. Versions less than 3.1.1 are affected.
e6fbac90b29acaf7baa85862790c3404964ccf250495b2b22a1db762b34a4648Gentoo Linux Security Advisory GLSA 200808-04 - Multiple vulnerabilities related to memory management were discovered in the GSM SMS dissector (CVE-2008-3137), the PANA and KISMET dissectors (CVE-2008-3138), the RTMPT dissector (CVE-2008-3139), the syslog dissector (CVE-2008-3140) and the RMI dissector (CVE-2008-3141) and when reassembling fragmented packets (CVE-2008-3145). Versions less than 1.0.2 are affected.
77d8db7f4f59c3bdb6cf87f13cdeef8ec59dc3b22687419b2237108ced7db7a9Gentoo Linux Security Advisory GLSA 200808-03 - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code. Versions less than 2.0.0.16 are affected.
f7ccc3b43cd5bbe95a3c5751dd9add265fff6b82e81dacde4ef97e2cc742415fGentoo Linux Security Advisory GLSA 200808-02 - Wes Hardaker reported that the SNMPv3 HMAC verification relies on the client to specify the HMAC length (CVE-2008-0960). John Kortink reported a buffer overflow in the Perl bindings of Net-SNMP when processing the OCTETSTRING in an attribute value pair (AVP) received by an SNMP agent (CVE-2008-2292). Versions less than 5.4.1.1 are affected.
e6d84d1323e43ba022aac84c3b0081e045f00b8ba2c02b9bb6b8aecdf785ce53Gentoo Linux Security Advisory GLSA 200808-01 - xine-lib is vulnerable to multiple buffer overflows when processing media streams. Versions less than 1.1.13 are affected.
96a2505b5b01051d10174f599b4cedd3078d0417ff72f8307ce3bfe2546cac59LiteNews versions 1.2 and below suffer from a remote SQL injection vulnerability in index.php.
41c6f7263f74118ebc78ac85f7f903ca99804aacdff112e8e84253c7766ae849Free Hosting manager versions 1.2 and 2.0 suffer from an insecure cookie handling vulnerability that allows for administrative access.
69883472e5b57986a4759b0fc909b2d684d7436957116f08739eecd1c6a7e38aRequest It version 1.0 suffers from a remote file inclusion vulnerability in index.php.
2ab07560d18bc1055ad51822e1e544ce4cb25d2ceafdad614e3b84a5c184de7eGoogle Notebook and Google Bookmarks suffered from cross site scripting vulnerabilities.
803a7e20aa107144a9b077382f8dae382cfd69d579efecb66d51fb8182804290Quate CMS version 0.3.4 suffers from local file inclusion and cross site scripting vulnerabilities.
b6faa218f0c3076b92c7d6c13da1064dcbbe07c94678535624c8d4f4f4eac5cfMyClan version 1.5.2 suffers from a SQL injection vulnerability.
75262be5cf8aad27e54e3cc8da82de4dd4a83b5a5c4bf5dfb0f7d95569784473The Kleinanzeigen module in PHP-Nuke is vulnerable to SQL injection.
70a3da388b4e30d3fd54c771b56776311b48a9fdbecde1e1617e3069a1c78208Wsn Forum versions 4.1.43 and below, Wsn Knowledge Base versions 4.1.36 and below, Wsn Links versions 4.1.44 and below, Wsn Gallery versions 4.1.30 and below all suffer from a local file inclusion vulnerability that allows for code execution.
f0ddd8caaff5fe9b8825510b3121c777421606c61b0b34d45291b8f5a2bcb364LoveCMS version 1.6.2 Final remote code execution exploit.
61bdacdaa9f2d5550a724702ab378f22c8b6d2e53387898d3a8d4b2db347cb84LoveCMS version 1.6.2 Final Update Setting remote exploit that manipulates site settings.
d63a08a017585edabcfbef1997c9d25b584c5ca4992a4e456f3b5d4edf7cd547
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed