Zero Day Initiative Advisory 11-246 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase Adaptive Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Sybase Backup and Monitor servers handles certain data in the login packets. Malformed packets can cause the service in question to write a NULL byte on the stack which can be leveraged by a remote attacker to execute code under the context of the running service.
525d12ef9dcc8cc2e5dc96c1991ef7b8a03b2480d4d6e79b8ffdb56c08950daeCisco Security Advisory - Cisco TelePresence Recording Server Software Release 1.7.2.0 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. A workaround exists to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.
33bcf3e51909c455b5c3fae308d9e8e2032825d079b6cad6b6ce0e251294ab9fZero Day Initiative Advisory 11-245 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase Adaptive Server Enterprise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Sybase Backup and Monitor servers handle certain data in the login packets. Malformed packets can cause the service in question to lookup a function pointer outside a predefined function pointer array. It is possible to set this function pointer to an address where user controlled data exists and this will result in code execution under the rights of the user running the Monitor Server.
a33a5097372aa85175aa3ce715085578d3c1258260b45dacbedcb9fe9a6fb67aWATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
a78a5a6c40926c354bfc17aab3946366ddedf5ab4bbb887ce855dc666d9bbc86cFTP versions 0.1 r80 and below suffer from a shell upload vulnerability.
14de6b079c3f2f8eb5fca135eed93128745b81db4e2395aef033773807a3b325Link Station Pro suffers from cross site scripting and remote SQL injection vulnerabilities. The SQL injection vulnerability allows for authentication bypass.
af6a8e253f03e46cdce73f0204bfe883d6c68700b467b7d4fa19ab3006bd297bSitecore CMS versions 6.4 and below suffer from an open redirect vulnerability.
9962970fa866dd226abf661c2548f403325c7a3abdbd02722672dba1179291afWebsites by cgCraft LLC suffer from multiple remote SQL injection vulnerabilities in info.php and news_item.php.
4178b3d22155a363499855382b60348d43fcb513e01b7967a54a438dacc460e4Secunia Security Advisory - A vulnerability has been reported in Lucion FileCenter, which can be exploited by malicious people to compromise a user's system.
106b95ee151eb4dc79130d7c996ff8a4bacfe5c7afbea8d9ab538ebb2ed0a1e1Secunia Security Advisory - Multiple vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to conduct cross-site scripting attacks and potentially compromise a vulnerable system and by malicious people to disclose potentially sensitive information and potentially compromise a vulnerable system.
b05799b2069cc6f9ba2eadf12b290fa959240ca5ceb2517f49d2d8c361d86539Secunia Security Advisory - A vulnerability has been reported in Godly Forums, which can be exploited by malicious people to conduct SQL injection attacks.
22b1794d2a12680703d15a77be50ad8e72e1d0235dd6ad32c481052c7af37898Secunia Security Advisory - A vulnerability has been reported in CobraScripts Jobs & Recruitment Script, which can be exploited by malicious people to conduct SQL injection attacks.
46207b94a9d9d7fcb3aa4b6844680335682a49201d7146d918dd3f3555a95376Secunia Security Advisory - SUSE has issued an update for icedtea-web. This fixes two security issues, which can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions.
9ca0b02a782062b8db98170f7f6bb66423e8ff597f916096510c882368445b4aSecunia Security Advisory - A vulnerability has been reported in Icculus.org Quake 3 Engine, which can be exploited by malicious people to compromise a user's system.
0b0cc149ea827c08acf79af3e4aa5b77c98c712d1e25639bd38e73ff04a4c9eaSecunia Security Advisory - Two vulnerabilities have been reported in HP Network Automation, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
22df95bfb2a34a631abfc84feadc055e36015e852ad3dd9021eb9d32dab82472Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
cccd736bc64e955629f03ac6d4567c13a38cc1cc1ecc5c90caefa8b921b6b82cSecunia Security Advisory - VMware has acknowledged some vulnerabilities in Console OS (COS), which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to compromise a vulnerable system.
4217b6eab3a29c5ebf57c46ceefa17aabe2e44d2f6c5659934f457cfd5eaab87Secunia Security Advisory - Multiple vulnerabilities have been discovered in Seo Panel, which can be exploited by malicious people to conduct cross-site scripting attacks.
47386b2d12c8b3b9e6ead10b0733005e85dac06c3fc2dbf401ecb5086424e69bSecunia Security Advisory - Red Hat has issued an update for libpng. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
b0c231be561cea6c277e3fb6f1476def6549769a07fcd5f12ca6e6f3db0c5895Secunia Security Advisory - Red Hat has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
82b988ae1a0569414d3315ec2ddd833487341fae883c46a471b12aed24c709fbSecunia Security Advisory - Debian has issued an update for libpng. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
eb77b42f60dc0c74a5563b13e732e62327a05bebbad96b48a3c4c14b6a715772Secunia Security Advisory - Debian has issued an update for libsndfile. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
43f363c1f34ae5cf55d66086b8d639f2aa4f54ffb0ec517df02d02b6c4a64b4cSecunia Security Advisory - Ubuntu has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
b235d8811f7ef493b03f54df19375e48cb8a4ac40313901d8a60aead018e953bSecunia Security Advisory - Red Hat has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
4da81facea1143c87ad943ca64ee267c18ad3378034826d3c3c34065d9bc6c99Secunia Security Advisory - A vulnerability has been discovered in cFTP, which can be exploited by malicious people to bypass certain security restrictions.
5ef9479830740558f8706cb68eb4fa42740c730b685c4ff3bfaca69972b862c3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed