Debian Linux Security Advisory 2280-1 - It was discovered that libvirt, a library for interfacing with different virtualization systems, is prone to an integer overflow. Additionally, the stable version is prone to a denial of service, because its error reporting is not thread-safe.
a8af1ed94336383085f411150c93a4f063faf203d3c4596b1b379a23bb1ba268This Metasploit module exploits a FreeFloat FTP Server Buffer Overflow found in the REST command.
1becbcbec22bd43a27c0136ee0e1a0f55e8b08d1d4b57706e2887c7487205786FreeFloat FTP server version 1.0 ACCL buffer overflow exploit that binds a shell to port 4444.
6448d4fb8911f8dbc75a77bd679a1a8e78644a0dd183b83470798d40731d0f8eLotus Domino version 8.5.3 suffers from a denial of service vulnerability when parsing malformed .ics files.
a9d858f49f59e317ae9234682048990a901ab4dbe1da596043743982fdf60d94Debian Linux Security Advisory 2279-1 - It was discovered that libapache2-mod-authnz-external, an apache authentication module, is prone to an SQL injection via the $user parameter.
ec45376c90269e2171f83907227c70bac429c3bfb224ee3eb33a2ff3eb47e6c1Red Hat Security Advisory 2011-0959-01 - Mutt is a text-mode mail user agent. A flaw was found in the way Mutt verified SSL certificates. When a server presented an SSL certificate chain, Mutt could ignore a server hostname check failure. A remote attacker able to get a certificate from a trusted Certificate Authority could use this flaw to trick Mutt into accepting a certificate issued for a different hostname, and perform man-in-the-middle attacks against Mutt's SSL connections. All Mutt users should upgrade to this updated package, which contains a backported patch to correct this issue. All running instances of Mutt must be restarted for this update to take effect.
b364384537a2893482d9009fc2a0d0151fdc4cda0f3e95bba3835ee9249a8a96Agent Image suffers from a remote SQL injection vulnerability in news_detail.php.
744e86bae88fc7524fdd4e07eadd0048c0646e072dbaefbc460c3b81ff8c042dSD Professionals LLC maintained sites appear to suffer from a remote SQL injection vulnerability.
f7879a02681d2e7a8fd3845d60f10dd1d2424361ed3ca86dd6960872b830a150Dow Group suffers from a remote SQL injection vulnerability in sub.php.
1e233b6398671b579f1d7c0290dfe743a2805133fed2330e3061417bdce68ffcCentralia suffers from a remote SQL injection vulnerability.
9af5d181d44942f6bb9e0ebcc59cca17622b3f257f142c7d4170f4593b59bd7dTechforge Script suffers from a remote SQL injection vulnerability.
5426de4ce7c18432b210d0288572c47462cc61f34ec7173687d4ced4679e32d4Neudimenxion CMS suffers from a remote SQL injection vulnerability.
b9ae07c55661f72e11c2cd95f191511f00737a86761bfd001df1952b0b5e9040WordPress Security Scanner can perform username enumeration, weak password cracking, version / vulnerability / plugin enumeration, and more.
d3fd1d47fbf3f104aeb62c53f9d31202ec9e2fdfd66aa921c9d4f8927122bf6fIconics GENESIS32 version 9.21.201.01 suffers from an integer overflow vulnerability. The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.
7bae29e02d02057cc61741efd202ae99da696fffbf3d953322faa7fcd5294a22Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.
c09c6ff148b85fb34a65bbcf03cb521e5a5c98dd3368e7056c611cea99909e84Red Hat Security Advisory 2011-0953-01 - system-config-firewall is a graphical user interface for basic firewall setup. It was found that system-config-firewall used the Python pickle module in an insecure way when sending data to the privileged back-end mechanism. A local user authorized to configure firewall rules using system-config-firewall could use this flaw to execute arbitrary code with root privileges, by sending a specially-crafted serialized object.
d43cab56990df504c8d18a2da4efe970de2893378a7b5c762ebdc293c1c325b1Mandriva Linux Security Advisory 2011-114 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Various other issues were also addressed.
2edb4f909d4679c9270182246df61ab65e6bfeb80e7547c02673cf6c81e96391Red Hat Security Advisory 2011-0952-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.
859f0577523b8b3ded74c3e81c0a1ae9489e7dbbc41a3eef251ace3db7ebe32aWhitepaper called What is a vulnerability assessment?
1db8f170789f22c1159c75852c1efe3e2bad976250e145cd254fe747f07c8ab2Mandriva Linux Security Advisory 2011-112 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Various other issues were also addressed.
33af89811dba747821658293c305562d6e03fcb744c6897be8d8a404005cba6bRed Hat Security Advisory 2011-0951-01 - The JBoss Seam 2 framework is an application framework for building web applications in Java. It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.
8df816f77deca6648e24dd7fedeb05397216c1dbef7b6485816b2c9587963bbaFreefloat FTP version 1.0 ABOR buffer overflow exploit.
ed6030ce0ac47529c658ba9a8d96fc59ceb9c74bd6e8956329ac0b799483e7a1112 bytes small Win32/PerfectXp-pc1/sp3 (Tr) add administrator shellcode.
ef768bdd250041675cea8b84b7ea05256a0f3acf5c4cb83ff2c17ed7cc99c639GDI+ CreateDashedPath suffers from an integer overflow vulnerability in gdiplus.dll.
e20fc836323223dccecb7e77feedfe083e650997e1791ba72b7c3bf909266badRed Hat Security Advisory 2011-0950-01 - The JBoss Seam 2 framework is an application framework for building web applications in Java. It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.
1e724852f2245d0ec270c3274436e11c3dec7e45bab69a5e5f3fb1aa217f933b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed