Debian Security Advisory 1647-1 - Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language.
d57938a8a47ecf74986a57ba2f38c2d4dc25580f6279759e14a3df92396c92fcDebian Security Advisory 1646-1 - A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a denial of service condition against squid.
08b62230ab38873cf91fbda4034f7ddc8d7c795e7f82a778ff3bf5270a2f1fc7Secunia Security Advisory - Debian has issued an update for lighttpd. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).
d664e18531c2d2ea478849fa2fee0318c3e2ac73efcd1448cc06b33e7e74c1d3Secunia Security Advisory - Debian has issued an update for php5. This fixes some vulnerabilities, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
2897d981b5955e9d45a2e35d054693add10f12b37581280835da24a1c580f690HostAdmin versions 3.1.1 and below suffer from a remote file inclusion vulnerability.
58649d4745d3b69d523a7d24a4e1700f357e9bd132e020bbc050331cd3c7b1eeSkype extension for Firefox BETA version 2.2.0.95 Clipboard writing vulnerability proof of concept exploit.
ee237e2cea9bdff0960bd5afa285e1bb07fb40ab0f22feaaa628dee620ccc801The Joomla com_hotspots component suffers from a remote SQL injection vulnerability.
4cf17ca6d8f414fbc5728efae12ae401893b471cfab1a87b3c7322292e86a4d0Yerba SACphp versions 6.3 and below suffer from login bypass, database download, and other vulnerabilities.
22b9cedbc0a3d16684c620d6804bf07ddf7b45d9a5537a37b1ebc101c2feb39aYerba SACphp versions 6.3 and below local file inclusion exploit.
4745b3a283d0b443865258cd70a11ec201cb51ac63c7c92b7c1bb046fa063ba4Apple's Mail.app does not store S/MIME encrypted emails securely in the Drafts directory on server. Version 3.5 is affected.
519ee8995a57810d4d34a592908631e462657862ca17580ba3d87c5e184f9befCMME versions 1.19 and below suffer from multiple information disclosure vulnerabilities.
b62d4abd45cab06138e257c5395692616e08476daadcb599bd04499146b61b06Exploit Creation - The Random Approach. A paper about using Encore Next Generation techniques to create exploits.
f3cb8d8b88ca60c6aa32ef8d30eccb4d594744d759477f4b2a3fa7bcc60405d3Debian Security Advisory 1645-1 - Several local/remote vulnerabilities have been discovered in lighttpd, a fast webserver with minimal memory footprint.
d0c44489a34af9b58eb7dc8570c7e5f75d79284db679498a977dfd72057de130Debian Security Advisory 1644-1 - Felipe Andres Manzano discovered that mplayer, a multimedia player, is vulnerable to several integer overflows in the Real video stream demuxing code. These flaws could allow an attacker to cause a denial of service (a crash) or potentially the execution of arbitrary code by supplying a maliciously crafted video file.
0b14a7c5b18a785119de3447fb6fe29091f332d5abf5c2cba8a5d7322d7cd885Debian Security Advisory 1643-1 - Dmitry E. Oboukhov discovered that the "to-upgrade" plugin of Feta, a simpler interface to APT, dpkg, and other Debian package tools creates temporary files insecurely, which may lead to local denial of service through symlink attacks.
6c3b9b2848574f394f7607e8de2fa8ad427ccbe0710ccd1a000c68ec8be7c450The triscoop_race_system module form PHP-Fusion is susceptible to a remote SQL injection vulnerability.
8f523f99b311c69f9e966dc0ef71d07fc6b47c71bf022ac6bbb598c70078cfdaThe recept module form PHP-Fusion is susceptible to a remote SQL injection vulnerability.
97bbc84a1cf5dba9b37320d7930ef5ea52ab7f6b67e4505a37eff15ddcaf18dfThe raidtracker_panel module form PHP-Fusion is susceptible to a remote SQL injection vulnerability.
011dbda72211944d87f6ecd0345b1167d038f75c1c8e573a7d5a33251095c4a0The manuals module form PHP-Fusion is susceptible to a remote SQL injection vulnerability.
851cf76e5ae634292ac9b28e07ad33fabf482a3952f76397006d79684c739208It seems like some PHP code provided by Leicester Internet Services Antenna Web Services suffers from remote SQL injection vulnerabilities.
5fb4c74acce7095592165eba599b9597eb73d15d54f8821e1e2ea55197dd6484The Motorola/Netopia Timbuktu Remote Control Software suffers from a flaw in the Internet Locator service that allows anyone to find someone by just knowing their email address.
114a66170a5e748dfbb99d85390cdb2c0feb15996f239af0526f474884e718b9geccBBlite version 2.0 remote SQL injection exploit that uses leggi.php.
bca96300c0c4a72ec1b8d9be284afbcc4ae258a39d9673a05bdcd976723305eaFastpublish CMS version 1.9999 suffers from local file inclusion and SQL injection vulnerabilities.
31d454955b6b42031ee8df16d697c848d6027651e03d15b8c28137c7e2ad7f65phpAbook versions 0.8.8b suffers from a local file inclusion vulnerability by leveraging the cookie.
8b2c3dd183f15538369e40591e404d681af545b5f56c986e45af2847c6b9fa87asiCMS alpha version 0.208 suffers from multiple remote file inclusion vulnerabilities.
3950f4a33b4cc5c136cdda79e150415b4fcfbd936cb2a57e68c54fb2d292dcc5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed