Mandriva Linux Security Advisory 2010-062 - content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
58ab456ef3b6e21faeeec558af717d64962365c6f7c1fdceeb7c5f8b5e30482dCA's support is alerting customers to security risks with CA ARCserve Backup. The version of JRE shipped with ARCserve Backup is potentially susceptible to multiple vulnerabilities and has also reached end of life. Support is providing JRE 1.6 upgrades as remediation.
cfefe844cbf368208645fa446b73b5a519cb032ac24cc9cf1e2b6e84548e6812OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.
50048d9d637049a394c4147aa4cf840d50a543b24a2efc56489b9fa25405911aLibnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
314b4793e0902fbf1fdb7fb659af37a3c1306ed1aad5d1c84de6c931b351d359Skipfish is a fully automated, active web application security reconnaissance tool. It is high speed, has a low false positive rate, and is easy to use.
b8be1811b5922084c753cd6de2d0b9a6cc88bcfc43203dab14e4d92599a9f218Wazzum Dating Software suffers from a remote shell upload vulnerability.
3b978820ca8f5959457af5c2ae71cf3bb324a95b62525646eb7710859a3db411eDisplay Personal FTP server version 1.0.0 post-authentication proof of concept crash exploit.
701dd8c892504a536129ac4feddd0c6280a1aca1dc34af4620351abf91744c50eDisplay Personal FTP server version 1.0.0 pre-authentication proof of concept crash exploit.
d36e1a174c89924427ff26443a84e63d69ae47fe89cd997e1bbd0b59396db0e0IBM Lotus version 6.x suffers from a HTTP response splitting vulnerability.
eb17a890d0e369f28679e022d3d6d0ec5c394507a4192671f18179c81f926f67The Joomla JE Tooltip component suffers from a local file inclusion vulnerability.
6f626394716fd6a0d49e68c3c4699f1fa4c25efbe0f26f381b54fbb2c08d9181DirectAdmin version 1.34.4 suffers from a cross site request forgery vulnerability.
87655d73fb18d0994303d87193daac2aecfaa3b532555ea9ae34c0838a10f92dIslamic Voice suffers from an insecure cookie handling vulnerability.
89d7540b9380e9c156c9b0ff265cf085ea3885c0a17ca5ec39e190de9c959399Islamic Voice suffers from a remote SQL injection vulnerability.
6e58277b168829a4dd124606f424da8b8e6ee242a7d4a166b3c139f1fd3ce548Xilisoft Video Converter stack buffer overflow exploit that creates a malicious .yuv file.
c67bd24cad9a2761bf38f7588eb9918b0554ca773ab5c83ba5fb00d90a5e2b07PHPWind version 6.0 suffers from a cross site scripting vulnerability.
dd0712f7cde95591d8840a04ac1147d54a6969955d527cce1e39f89bab7b51ebThis Metasploit module exploits a stack-based buffer overflow in VariCAD 2010-2.05 EN. An attacker must send the file to victim and the victim must open the file.
606044200780a7d9d63b6fcf47963bd052e8a437c8822a35a6d9f1cb62286b98MediaCoder local buffer overflow exploit that creates a malicious .lst file.
58f46679c2efc25a83d00b6a0ae41d8f9dd29f03d72f7508c16895530afb0375phpscripte24 Preisschlacht Liveshop System suffers from a remote SQL injection vulnerability.
c43354e76bd88673377ca7a2c3bf5dd1fdc1b3df3b3f015f9312acc4d2506d81Quality Point version 1.0 NewsFeed suffers from cross site scripting and remote SQL injection vulnerabilities.
2a8c2d42c3386c04e0a111f3b5a9487f8747a10bb69d529333bb8456bb6148d5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed