Coffee Wars X: Call For Beans - Bring your best beans and put 'em up for judgment by an over-qualified, over-caffeinated, (and over-rated) Coffee Wars judges and contestant panel!
4b9a2de46ba551c39854022cd9a5029dccd12df01a8d834dabf984b76826db4aMandriva Linux Security Advisory 2009-143 - Multiple security vulnerabilities has been identified and fixed in netpbm. The updated packages have been patched to prevent this.
b81ea8edb865aa9d27f8415798b828cc20746cd83801b09dfc80cc4527f2804aMandriva Linux Security Advisory 2009-142 - Multiple security vulnerabilities have been identified and fixed in jasper. The updated packages have been patched to prevent this.
b920991474e725876f9cb28ec9f67c5880d98861c674fd23c25eec1f1ac63adcPHP Address Book version 4.0.x suffers from multiple remote SQL injection vulnerabilities.
fed6f8d567a568ddda69e8d3a90bcc6a319adf4a36aa02549d0b5afd301e1c6fiDefense Security Advisory 06.26.09 - Remote exploitation of a stack based buffer overflow vulnerability in Hewlett-Packard Development Co. LP (HP)'s Network Node Manager could allow an attacker to execute arbitrary code with the privileges of the affected service. The vulnerability exists within the 'rping' application, which is distributed with the Linux version of NNM. It is possible for a remote attacker to launch the 'rping' application and trigger a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in Network Node Manager version 7.53 for Linux. Previous versions may also be affected. The Windows version is not affected.
7675a1f6766cff4edda973a4f9158e1010e7d7b646122849c2e2c355ac3642bfHarvest Manager suffers from a cross site scripting vulnerability.
7780cfe5b22a91ad34b50b4b21607b5465a49bf84f12cb4b1af77fdc602118cbMega File Manager version 1.0 suffers from a local file inclusion vulnerability in index.php.
53fecea1baff2992bff2b56a3f5800d86614fb8629f743d120f04db87c17ac41ForumPal version 1.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c775ba7cfbb748e03bcca44fe5f8239a8eacdb481df7f344c613c0e1da19eec4Mandriva Linux Security Advisory 2009-141 - A number of security vulnerabilities have been discovered for Mozilla Thunderbird version 2.0.0.21. This update provides the latest Thunderbird to correct these issues.
5a7c5e992f20a8403dc5d445cc3a02e58db61488c89841fcedd3ba1b98f1673aAn array overrun vulnerability has been discovered in libc/gdtoa printf(3). Systems affected include OpenBSD version 4.5, NetBSD version 5.0, and FreeBSD versions 7.2 and 6.4.
6fc751f14f61d5dec5fcbcc881b492b6baf8d6e0fa133f6837603632c8dae90fTrillian does not check SSL certificate before sending MSN user credentials. An attacker is able to obtain MSN username and password with a spoofed certificate and no alert is generated to the user. This vulnerability was found in Trillian Basic 3.1. Other versions and/or protocols may also be affected.
80d0f4c5d39bf9cdc1609026d7171a8aae4c7e7e4e63be77e04ab20607f422c4Gizmo does not check SSL certificate before sending user credentials. An attacker is able to obtain username and password with a spoofed certificate and no alert is generated to the user. This vulnerability was found in Gizmo for Linux 3.1.0.79. Other versions may also be affected.
0963411148dff3a957067bbccd8efaaa161c21fd0b97df9edee8c399b471c0bbaMSN does not check SSL certificate before sending MSN user credentials. An attacker is able to obtain MSN username and password with a spoofed certificate and no alert is generated to the user. This vulnerability was found in aMSN 0.97.2. Other versions may also be affected.
6962e53c0cb275dfaea9d2d636b399df88d809156cea4cd085ce397d8df3d471MAPDAV, or the More Accurate Password Dictionary Attack Vector, is designed to use what is known about a user or users (ex, username, first name, middle name, last name, etc) on a unix/linux system from a /etc/passwd file and tries to come up with probable combinations that could be the user's password. An administrator could run the output through a cracker and see if their user's passwords are anything easy to guess.
4c539a231681899f26f1275b056ed0eecd96ac227aed64e16f61b780e72584e1Virtue Online Test Generator suffers from cross site scripting, authentication bypass, and remote SQL injection vulnerabilities.
a29470c962e84f125dd0cb589cb6d63f0ff9318a79eb9f98f338ee32ae530e91Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
7180c56c11e13d1ca860e3773ddfb2c9f951900670224a0850766795ac94b62eTrafscrambler is an anti-sniffer/IDS NKE (Network Kernel Extension) for Mac OS X. This initial release implements SYN-decoy, Pre/Post connections SYN, TCP reset, and zero window attacks. Author tested this on x86 OS X versions 10.5.6 and 10.5.7. It should work on PPC and older releases as well.
aab723f080dfb7656d1c9a5a1e0be87e610747f7fbbad4ff67a4c809ec5c6cf22BGal version 3.1.2 appears to suffer from phpinfo() disclosure vulnerabilities.
95f7ff25ea1b56cf3f39e41a3aabf8bd7a6dc046f0e068fa74bc645290bac44fDebian Security Advisory 1824-1 - Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web.
c0543d372c815f7c798ee667d335e91cd6644265af5e237a867f283f8dcbb999Aardvark Topsites PHP suffers from cross site scripting / html injection and information disclosure vulnerabilities.
b5e3d3a0c3bcff1926ee75f02cb44cfcfb5488814b5329d97ffc834650a997fdSecunia Security Advisory - A vulnerability has been reported in the Drupal Links Package, which can be exploited by malicious users to conduct script insertion attacks.
7ed75c971bad04a9d5a75fa5f4a6772afe834d8b691559f1e62a62df041ace2dSecunia Security Advisory - Debian has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to potentially compromise a user's system.
6e900cc7fc13a2e127764c69dbf51d41498093a9b70804c78053fcbd206b3598Secunia Security Advisory - Debian has issued an update for phpmyadmin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a vulnerable system.
4b01504221bdc7389b6aba6bb5b6e2f337baa3e084cfbc99b102b7bc695d2b7bSecunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to gain escalated privileges.
71bdacf246f1264554a04194e430eaa6ef1a810c6510fee025fcae1714bb080aSecunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to disclose sensitive information.
880f478221551aa3dde3139d40b82a0adc155443cddcff00bb8049dfc8dc291b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed