AlgoPars Software Co suffers from a remote SQL injection vulnerability.
475575a1cbde8b9fecac457fdff03b3cPacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
04af255b24edba7a7424809b7ea496a8This is a proof of concept denial of service exploit for Adobe Reader / Acrobat 10.0.1.
4731cd285bed8022afbaec5b944bd27dRed Hat Security Advisory 2011-0882-01 - This package provides jabberd 2, an Extensible Messaging and Presence Protocol server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially-crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service.
7f7f4794af4914d7f2b571d321a586c4Red Hat Security Advisory 2011-0881-01 - This package provides jabberd 2, an Extensible Messaging and Presence Protocol server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially-crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service.
28f447bf87d489dae617b8eac79bdf11Debian Linux Security Advisory 2263-1 - It was discovered that Movable Type, a weblog publishing system, contains several security vulnerabilities.
509479b45453c4174d3b648fb3de9254Red Hat Security Advisory 2011-0880-01 - This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite 5.4.1. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. Various other issues were also addressed.
d0b91170427beda715e7b1294fa7faefRed Hat Security Advisory 2011-0879-01 - Red Hat Network Satellite provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows organizations to utilize the benefits of the Red Hat Network without having to provide public Internet access to their servers or other client systems. It was found that RHN Satellite did not protect against Cross-Site Request Forgery attacks. If an authenticated RHN Satellite user visited a specially-crafted web page, it could lead to unauthorized command execution with the privileges of that user, for example, creating a new user account, granting administrator privileges to user accounts, disabling the account of the current user, and so on. Various other issues were also addressed.
3221ae44e0007be477dd587d53c23423Rapid Full Download suffers from a cross site scripting vulnerability.
17696967a09018f8833c4e5cc9d17540Ubuntu Security Notice 1154-1 - It was discovered that a heap overflow in the AWT FileDialog.show() method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. It was discovered that integer overflows in the JPEGImageReader readImage() function and the SunLayoutEngine nativeLayout() function could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. Various other issues were also addressed.
d97d9e0893f12d52f77a7461ff0f9a3dThe vBExperience add-on as shipped with vBulletin versions 3.x.x and 4.x.x suffers from a cross site scripting vulnerability.
7c999ec06c2c294e5619f17615f91b74WeBid version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
b78700054cab55e678699522d227349fEssential PIM version 4.22 is shipping with multiple outdated and vulnerable libraries.
16fa2cb920837ee592d42e429988497cThis Metasploit module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid object tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed <object> and attempts to call a function on it, leading to the use-after-free.
47f386cf79681bcaa22587cf53ebd6f6Braa is a mass snmp scanner. The intended usage of such a tool is of course making SNMP queries - but unlike snmpget or snmpwalk from net-snmp, it is able to query dozens or hundreds of hosts simultaneously, and in a single process. Thus, it consumes very few system resources and does the scanning VERY fast.
e28f8b0591672de9aaa7dcf54332f6ceSecunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
dbcc686ce79f768b216808441c2fe683Secunia Security Advisory - A vulnerability has been reported in GNU Troff, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
7fffca7316b0965c7097c59b829fad31Secunia Security Advisory - Red Hat has issued an update for jabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
172d54dd5a612aa84cbf1a9740cc962bSecunia Security Advisory - Red Hat has acknowledged a vulnerability in Red Hat Network Satellite Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.
5ed8627d0166da504e999aed53cc41d8Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Business Service Manager, which can be exploited by malicious people to bypass certain security restrictions.
1e13ef44a7e956ca7043b69e39e1055fSecunia Security Advisory - Ubuntu has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system.
76dde79503c4630821471503530bffd2Secunia Security Advisory - A security issue has been reported in Digicom IP CAMERA 100W, which can be exploited by malicious people to bypass certain security restrictions.
9dc5bc6bcd74d5abbed6c7f630a9abd2Secunia Security Advisory - Context has reported a weakness in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information.
5cef35a3fcdb6ce4c34be200befb572aSecunia Security Advisory - Multiple vulnerabilities have been reported in Group-Office, which can be exploited by malicious users to conduct SQL injection attacks.
e2b5ba312619cd3c5e5f8d6b7f631560Secunia Security Advisory - A weakness has been reported in FreeBSD, which can be exploited by malicious, local users to disclose certain system information.
7a28ceb444c3d6c5c154f6915c7431fc
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed