BMC Dashboards version 7.6.01 suffers from cross site scripting and arbitrary file reading vulnerabilities.
94e598cb8a417f4029046945b2b6cbe27cca569b5151f8df4790880703c96972VMware Security Advisory 2011-0008 - VMware vCenter Server directory traversal and information disclosure vulnerabilities. vSphere Client Installer is delivered through an unsigned package.
4038bb7b3aa68b08892a1dfec02625cfdde6a5dc95d0d2574a78cedff75707e3BMC Remedy Knowledge Management version 7.5.00 suffers from authentication bypass and cross site scripting vulnerabilities.
d356dd4cf96a5d6f7f2a2ab438039bdf3b5378931ce917cdfbaf91429aab6d07Cisco Security Response - Cisco PSIRT is actively working with NCNIPC (China) to further understand the details of what is reported in the bugtraq postings. At this stage Cisco PSIRT cannot confirm the existence of any new vulnerabilities in Cisco IOS Software based on the information that is currently available.
ac868da7539c09459df98a634ab8f4c33c7b86d10462a10ba94406de92cecb96Ubuntu Security Notice 1111-1 - Multiple vulnerabilities have been addressed in the Linux 2.6 kernel. Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. Vegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. Nelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. Nelson Elhage discovered that Econet did not correctly handle AUN packets over UDP. Dan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. Dan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl. Jens Kuehnel discovered that the InfiniBand driver contained a race condition. Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values.
6cec849465bfd640c211a3880a5ba0add1b75c474ec483fdabb902841493d744BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.
f704615bf96f5dccb4dbb181640a7969d08b7c5d5f292c8e84b6fef2c5bcf1b6PHP Directory Listing version 3.1 suffers from a cross site scripting vulnerability.
7821c10d24492a17e2245fcd2c9099f083b07815ce078af47402271798381a4fPHPDug version 2.0.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
961062eb87352ddb3028b4befdc8d571a8207548502f58c26730059c1b2f26a6Ajax Calendar version 1.0 suffers from a cross site scripting vulnerability.
146c389a90348ec5c58e680a9b3d8148f76e816b7addbecea638d537d7cf4dfdWhitepaper called Introduction to Man-in-the-middle Attacks. Written in Persian.
e60e9bf0ce6d14c4bdc69596983c40b4c0d29d697c8baf3f539de433ec209dd1t2'11 Call For Papers - This conference will take place from October 27th through the 28th, 2011 in Helsinki, Finland.
8a3d2bde9bb45b683d504d0e54f240605ba755433d7bdbed477ff9731f51ab5fUbuntu Security Notice 1122-2 - USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick. This update provides the corresponding fixes for Natty. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Multiple other vulnerabilities were also addressed.
ed069d3b5e33561496691a93fcacfaa216af0053b89c9815c07159b843b01c7dUbuntu Security Notice 1122-1 - It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Ian Beer discovered a vulnerability in the memory handling of a certain types of documents. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Multiple other vulnerabilities were also addressed.
3003590628e9612fcefacccee2790941e0c013352e03bd3c1f72ab35dfbc7ca4Ubuntu Security Notice 1126-2 - USN 1126-1 fixed several vulnerabilities in PHP. The fix for CVE-2010-4697 introduced an incorrect reference counting regression in the Zend engine that caused the PHP interpreter to segfault. This regression affects Ubuntu 6.06 LTS and Ubuntu 8.04 LTS.
d3109ede1f1b610fb18480ae30cb346b0d85aac84aedfeadd43a5eb1ad6fe0a2IRL Digital Media suffers from a remote SQL injection vulnerability.
a4eb77758d710fd3c97032e067d6f8a1eb7eb1369e71dabae0573a354fcdd4a6Leading Edge Technology Solutions (L.E.T.S) suffers from a remote SQL injection vulnerability.
844cf4b2f24eba62eb93f0dd1a564b2515f48ebe4e200f935f2df5afa6379372SPlayer versions 3.7 build 2055 and below buffer overflow exploit that spawns calc.exe.
7199ee82c6de7166007e5758895e7672eab30f0276b859700b858711982a7e8cHP Security Bulletin HPSBMA02667 SSRT100464 3 - Potential security vulnerabilities have been identified with HP SiteScope. These vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) and HTML injection. Revision 3 of this advisory.
c0402765ed6614421d5c51cee53fdca6bbc22b02457c85459714c8761414cdb0Secunia Security Advisory - A vulnerability has been reported in the Menu Access module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
954271fd3ae3f3bf34475051d3d545102299ed034ff5d15d9b34c46f38e4d25cSecunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
65ccad3897b45d7296751a98913122758aec579c0b1e27a9fd7092ba9eeb3761Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in Directory Listing Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
b1ad2263c6b3d7bb65cd4f33c0d7611e1464fef616906dbb88c127f318274e35Secunia Security Advisory - Ubuntu has issued an update for perl. This fixes a vulnerability and some security issues, which can be exploited by malicious people to bypass certain security restrictions and conduct HTTP response splitting attacks.
7bda4d9eec2591cc5054db94aa9f87a7607f3498c0a5df9f5bd5eedca23c191eSecunia Security Advisory - A weakness has been discovered in Asterisk, which can be exploited by malicious people to determine valid usernames.
e7bccaaf25b54e94456231ecc13a736a10a16220d24bf942b0a2946d74f8968cSecunia Security Advisory - Multiple vulnerabilities have been reported in Proofpoint Enterprise Protection, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.
242a89bb5cce799b386bdd4250e85f390ee638e1fc568de81b72ca56d62e8815Secunia Security Advisory - MustLive has discovered a vulnerability in WordPress, which can be exploited by malicious users to compromise a vulnerable system.
508e56177bf2640eb1150d4bd62265327e71d6901b7b09a1718326c6a6586bec
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed