Debian Linux Security Advisory 2214-1 - Tango discovered that ikiwiki, a wiki compiler, is not validating if the htmlscrubber plugin is enabled or not on a page when adding alternative stylesheets to pages. This enables an attacker who is able to upload custom stylesheets to add malicious stylesheets as an alternate stylesheet, or replace the default stylesheet, and thus conduct cross-site scripting attacks.
82fe081a95fd7ccb1a856f7cb544034fb44f22c40ba3d87f72715403cb22a855Debian Linux Security Advisory 2213-1 - Sebastian Krahmer discovered that the xrdb utility of x11-xserver-utils, a X server resource database utility, is not properly filtering crafted hostnames. This allows a remote attacker to execute arbitrary code with root privileges given that either remote logins via xdmcp are allowed or the attacker is able to place a rogue DHCP server into the victims network.
fcc6619ce6b7f72bd77b82194eaaccac5949dc8930ed5b9ec96a2cfa03d9660dTurkish Videoopro version 2 suffers from a remote SQL injection vulnerability.
57086388987679bc7f8c1d5e097e9816edea3e459843742bfe3740d562d207ceWatchdek Social Networking suffers from a cross site request forgery vulnerability.
ba4930650360a6bc521322cbbfa743f7d854183ede158d886bc22906824adef1Mandriva Linux Security Advisory 2011-072 - It was discovered that gwenhywfar was using an old private copy of the ca-bundle.crt file containing the root CA certs, this has now been resolved so that it uses the system wide and up to date /etc/pki/tls/certs/ca-bundle.crt file last updated with the MDVSA-2011:068 advisory.
363dac4277a07cf0f6cdeee455bb79b6761da6dfa41cfb4776e3d87b4ddaf589Debian Linux Security Advisory 2212-1 - Daniel Danner discovered that tmux, a terminal multiplexer, is not properly dropping group privileges. Due to a patch introduced by Debian, when invoked with the -S option, tmux is not dropping permissions obtained through its setgid installation.
9acd53444cea1c6e42ba41468838744441a326f8a3bd0fceb3eaeaae87b2a81aThis Metasploit module exploits a vulnerability in Real Networks Arcade Game's ActiveX control. The "exec" function found in InstallerDlg.dll (v2.6.0.445) allows remote attackers to run arbitrary commands on the victim machine.
8e0b21948326bf7dcfead8b16e89ae5430d77ad38d73a587297aaf84585e210bSecunia Security Advisory - Debian has issued an update for tmux. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
380cb52164ae91871dbdaffb6e81c86f146b5497c5e078c9f60cccc759171d13Secunia Security Advisory - Multiple vulnerabilities have been reported in the WEC Discussion Forum extension for TYPO3, which can be exploited by malicious people to conduct SQL injection attacks.
8004eddf009aac7dfb30f801ba93fb5223ce9ba05d4d729bc7f602c560d17218Secunia Security Advisory - A security issue has been reported in Apache HttpComponents HttpClient, which can be exploited by malicious people to disclose potentially sensitive information.
888f5795d64b46a2e920e1258442f2267c7162469efe9630f79bc59ace44df01Secunia Security Advisory - Autosec Tools has discovered a vulnerability in e107, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b9709751ccc86dcf65cf0a4f0cecb882db9a6c34230293c065236fe573d8b0e0Secunia Security Advisory - A vulnerability has been reported in vBulletin Publishing Suite and vBulletin Forum Classic, which can be exploited by malicious people to conduct SQL injection attacks.
b940dc36414a66d01a8c6c9c41073452388658de791e8ca9ce71f33dca231734Secunia Security Advisory - John Leitch has discovered a vulnerability in eGroupware, which can be exploited by malicious people to conduct cross-site scripting attacks.
7973dcf0a22df827ef4493dc548e42997711632fc8b5ec43f53ac8884d1cfd40Secunia Security Advisory - A security issue has been reported in tinyproxy, which can be exploited by malicious people to bypass certain security restrictions.
276ff43d0011456dd6cd9799a0cb06d638f8fb80fbd1c984fcbef3412f12ae2cSecunia Security Advisory - Some vulnerabilities have been reported in Maia Mailguard, which can be exploited by malicious people to conduct cross-site scripting attacks.
5cffdb3f25c019ac7667d2e71fa51dfd265cb0f62923c187225f74ae5b61304aSecunia Security Advisory - A vulnerability has been reported in rsync, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
7ed706d5bafc99d8cdf56e433550a2329e1d218e7feb724552fbf237a3aff09bSecunia Security Advisory - A vulnerability has been reported in dhcpcd, which can be exploited by malicious people to compromise a vulnerable system.
319e90ec2745754e18eeb7b1d73b99b9dcf2e02f7a10c5682fecf2f9d378c1d1Secunia Security Advisory - John Leitch has discovered a vulnerability in eXtplorer, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b555d0da2f1a938da14e5d3c60872e9734732fc829f9344b485dcaa13282ec8dSecunia Security Advisory - A vulnerability has been reported in Cyber-Ark PIM Suite, which can be exploited by malicious people to conduct cross-site scripting attacks.
70b98840e4ca94efb39d913bb85bf88e7657802bea0199bf0bd56e88d419dcabSecunia Security Advisory - SUSE has issued an update for mailman. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks.
9886b66692780758490d58e24755714ce2ea381ebc478b76f1677872ce1abe25Secunia Security Advisory - SUSE has issued an update for xorg-x11. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
a71d519893f7711dd1b132a6c9d88f39d8fbb753d38dd8ced700f6669842e8d3Secunia Security Advisory - SUSE has issued an update for dhcp. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
cef5d9361e4d3c67e7516486d81dfde7a77b8a590baa3d32fe32532be03482c7Secunia Security Advisory - SUSE has issued an update for dhcpcd. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
53142e722c2005a712da6888c793e40d093ca71ee2aa1726bfd2ef0d07480388Secunia Security Advisory - High-Tech Bridge SA has discovered some vulnerabilities in phpCollab, which can be exploited by malicious users to conduct cross-site request forgery and script insertion attacks.
6d79e3605ee1d5f826c88a78763120450ce8a2864591c6efd817830be2bdd670Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, and potentially gain escalated privileges and by malicious, local users and malicious people to cause a DoS (Denial of Service).
d950170e95cc0a2d3b73f98c0f776b39f772841711edb189c91e84ecf919ec02
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed