Zero Day Initiative Advisory 11-094 - This vulnerability allows remote attackers to compromise the archive records on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HsmCfgSvc.exe service responsible for managing archive stores. The archive manager is susceptible to tampering due to a failure to enforce authentication from remote users. An attacker could exploit this flaw to compromise the server managing the archives and arbitrarily modify the archive data store under the context of the File Migration Agent software.
d0d60346d9845a44d20ccf13f6af2138b11858ae3433292e6668ea1052d56f28
Debian Linux Security Advisory 2175-1 - Volker Lendecke discovered that missing range checks in Samba's file descriptor handling could lead to memory corruption, resulting in denial of service.
719f49ec7904b2f94d98af45ddb4672b74fddd92a052524c3e0a664d2a7776f1
Ubuntu Security Notice 1077-1 - It was discovered that FUSE would incorrectly follow symlinks when checking mountpoints under certain conditions. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.
7abc581d95fd6fa91f14b15d1919d17c1f65a3f627fcc6b20f76aa12c42d3cce
Ubuntu Security Notice 1074-2 - USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.
4e15776b2f435c92a453d8aac2203f207e854e4b3f906900fe4b4f17ed2e2a0c
Ubuntu Security Notice 1076-1 - It was discovered that the Microsoft Office processing code in libclamav improperly handled certain Visual Basic for Applications (VBA) data. This could allow a remote attacker to craft a document that could crash clamav or possibly execute arbitrary code. In the default installation, attackers would be isolated by the ClamAV AppArmor profile.
2d04da8d1f11b96f184c08db804c5a8cde452d0361185ff49b7a4fc63f4fbf41
Ubuntu Security Notice 1075-1 - Volker Lendecke discovered that Samba incorrectly handled certain file descriptors. A remote attacker could send a specially crafted request to the server and cause Samba to crash or hang, resulting in a denial of service.
5a881149a3fef01c87d99b5117790feb8d52e1b67d16915f6f447bf992dbd6fc
Mandriva Linux Security Advisory 2011-038 - All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.
a54128d96ef5760cc084f1f2a4d2324cb00c5687807a07069714410c3ea9f0a2
FreeBSD's crontab implementation suffers from various race condition and symlink vulnerabilities that allow for minor information leakage.
0c48aa105ac5559bbac3c34bec72fc1a917b4bb2c39f51d11be3e0a1932aa408
BackWPup WordPress plugin versions 1.4.0 and below suffer from a file content disclosure vulnerability.
11874aac3134e7b1c28564b2b1dd391fc7b31fa8ecf72478b47ba3ade60462d1
DO-CMS suffers from multiple remote SQL injection vulnerabilities.
707992f3f8c0825e2df5b513fb1b85d07585d5949b07a7fca7e5fda0b1861541
WeeChat suffers from an invalid certificate verification vulnerability.
b244384a98f92322c920ae9a0922ecf9ded2df274ee6fe2b1625224736dcb748
Quick N Easy FTP Server version 3.2 denial of service exploit.
3ac6cb6d87d57934d1c7fa0e8b73b2bcc95def2c7e22d34c1e41acc738bb270d
Magic Music Editor denial of service exploit that creates a malicious .cda file.
9462a00e75b4e64a1c729ad22229dbc8b510a9a62d9f05baf99b16032b1e7361
PHP versions 5.3.5 and below are susceptible to a denial of service condition in the Exif extension exif_read_data() function.
9a3edc419d1451c112c85dbd5ab1bc18c7921def1d1e3dc9ec1409796a52654d
Imageview version 6.0 suffers from a directory traversal vulnerability.
262d1ece9a7414af4ee075eddfb0dbefc8b9f3c934e1df735fa2c92d50584cd5
WSN Guest version 1.24 suffers from a remote SQL injection vulnerability in the time parameter.
da86b8f248d2ef51d36d48a90c668cf8b250e1b9e735d0af54bb77d4e2ddbeff
Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
50c17be7feb4f17c9b55e331490c6fc1b4a79d0c13287fc82c168b7bccf58523
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
c5363b224df0efbd78d7dc4d8a518e5518b2e7affc2e5f1fcecd4efa3ab815af
HP Security Bulletin HPSBPI02635 SSRT100391 - A potential security vulnerability has been identified with HP Web Jetadmin running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to resources managed by Web Jetadmin. Revision 1 of this advisory.
ca21811109cbf5040a354178f86ad2d2ce44ab035696b794e445212335b8cf7e
phpMyAdmin versions 3.3.9 and below suffers from brute force and path disclosure vulnerabilities.
57dff876815eb07a5a14b2a29cab989fa9f079aa94371b1d74b85134fb0f35f5