Cisco routers running IOS version 15.0 suffer from a SNMP related denial of service vulnerability.
17e45d3b463c814c1f9c18bf5ae368a469fe9a2ce8b5098243d3ea2c979cf166Cisco routers running IOS version 15.0 suffer from a UDP related denial of service vulnerability.
be3f1d34085d4559d36ca0e6b71def96c993a77facaa44e46f0852f5c6860f48PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
8defad4d02f660546967baa7b7b63f3f8397e4455648ecf74cdc60a36d52467fZyXEL ZyWALL USG appliances perform parts of the authorization for their management web interface on the client side using JavaScript. By setting the JavaScript variable "isAdmin" to "true", a user with limited access gets full access to the web interface.
3c3b7741d67dfb8732fd6d0430e8b65afec081b0c019357960986f8df29478ddZyXEL ZyWALL USG appliances suffer from an arbitrary file read/write vulnerability that allows for system compromise.
a79275261085696d0102bdf6c611df7de8b6388dbd1c16f1dcfe29f1632051fcICONICS Genesis32 is a suite of OPC, SNMP, BACnet and Web-enabled HMI and SCADA applications. A stack overflow was found in an ActiveX control required by the WebHMI interface. This condition can be used to gain command execution. The affected control is 'GenVersion.dll' and has the ClassID of {CEFF5F48-BD2E-4D10-BAE5-AF729975E223}. This control is marked safe for scripting.
e2cc945e05990c73d34e1f078184b4608dc08dbcc60fbcdef0908d92ab249b3fTempest Security Intelligence Advisory 01/2011 - SIPDroid Agent versions 1.6.1 beta, 2.0.1 beta, and 2.2 beta suffer from a remote user enumeration vulnerability. Proof of concept code is included.
2a9a14332bbabe64cde8fa7d58e894abdd8adde6ffef50edeb7bb7748ae94b4073 bytes small Win32/XP SP3 force kill explorer.exe process shellcode.
00fb87a0bc2ea17d8178eaae6412a78770e35ef5025b8b4c6385bcfb9b6aa7efDeepSec 2011 Call For Papers - For the fifth time the DeepSec In-Depth Security Conference invites security researchers and professionals to submit suggestions for talks and workshops for their conference which will take place in November, 2011 in Vienna.
31e98e850f6d0f83bb57a720a50d6dbe290b341f3592a6af613dfb5cdee27847Ubuntu Security Notice 1129-1 - It was discovered that the Safe.pm Perl module incorrectly handled Safe::reval and Safe::rdo access restrictions. It was discovered that the CGI.pm Perl module incorrectly handled certain MIME boundary strings. It was discovered that the CGI.pm Perl module incorrectly handled newline characters. It was discovered that the lc, lcfirst, uc, and ucfirst functions did not properly apply the taint attribute when processing tainted input.
d9b1c961a1a1802599f059cb53ed30cf4056e452151be196e148d2b3c967d09fYaPiG version 0.95 suffers from multiple cross site scripting vulnerabilities.
dab6da7a8cce27676005cb38e64380f1a52ddd39055890b911f8dc8f6c2a8c60SelectaPix Image Gallery version 1.4.1 suffers from a cross site request forgery vulnerability.
249e8d5ff3bf5ec9d078adc3e8f0f17303a2725de76bc7137d3a991ee1ae79edSelectaPix Image Gallery version 1.4.1 suffers from a cross site scripting vulnerability.
c1d106970998c23a36b3a256de0e6f7b5e890edfe1f6da89ed1e050036d04bf2(e)2 Interactive Photo Gallery version 0.9 suffers from a cross site scripting vulnerability.
8dddc629f37fd3f04c9667722be5ddcb9f66eb820259ed50abe1e334f1a2dce7The 44Con 2011 call for papers has been announced. 44Con is the UK's largest combined security conference and training event, with the conference taking place on the 1st and 2nd of September, 2011 at a five star hotel near Tower Bridge and the Tower of London.
57d9eb3d2e5cdff0169d1e98f96488a579aa689a3b71ba638b49b5cd1f3d5944HP Security Bulletin HPSBMA02661 SSRT100408 2 - Potential security vulnerabilities have been identified with HP Proliant Support Pack running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), URL redirection, and information disclosure. Revision 2 of this advisory.
1ae9f771720bc04820d09d7394e0f6486771daa686bc302f58d764e929a6088744 bytes small Linux/x86 remote download and execute file shellcode.
c2ab73aea3bb05ad4186f5859cef4882d7fded0c371c68009d408c9df6e0ef6cProofpoint Protection Server version 5.5.5 suffers from a cross site scripting vulnerability.
412f53f289503ca09e6bb76b8fe8c5f67ba8e41e4c5e459c8514b9e1b2603ba2This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
e5a1c821dd8dc33a94c445290956d52e03b3c450f9cd448b96d92317fd4cce42OpenSSH Security Advisory - Portable OpenSSH prior to version 5.8p2 only on platforms that are configured to use ssh-rand-helper for entropy collection. ssh-rand-helper is enabled at configure time when it is detected that OpenSSL does not have a built-in source of randomness, and only used at runtime if this condition remains. Platforms that support /dev/random or otherwise configure OpenSSL with a random number provider are not vulnerable. Version 5.8p2 fixes this issue.
486207ec2f9fb1f7152210c018051c0a98ac5a4908b2ab16da056d78f48c5319Magazeen theme version 1.0 for WordPress and Dotclear suffers from a cross site scripting vulnerability.
9e1279300ac5f76d0b6725e54d3abd554b6b664d9dd441e1e078f9adebdb376fStunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
3483fc2011e8a9d2614a93a9dbf7eabf405044df3566f29144fe2d1dd37a35f5Sothink DHTML Menu suffers from a remote SQL injection vulnerability.
2c1863d838a006d219912eb313b00d701537f93ada051fa8cbf4ad8185462bceHorizon Web Builder suffers from a remote SQL injection vulnerability.
9fed6e080a4670065cd80ad7ff55aec248a57f586bbc66ac56c5df390f274dd0DynPG versions 4.2.1 and below suffer from local file inclusion, remote file inclusion, shell upload, and remote SQL injection vulnerabilities. Some of these issues were priorly discovered in earlier versions and never fixed.
b1c13883931cf20f8d4bdb7ce2c5349036e23667a171ae1a724b68aeda422126
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed