CoDeSys SCADA version 2.3 remote buffer overflow exploit that spawns a shell on port 4444.
246e63e61f456255caf013a451fa1ec3a7bfd1fcb05a38899d181f2bf21a75d4Debian Linux Security Advisory 2356-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform.
d45bd7c14d706cee4ad1e82b99ea2c3935c386f0ba5bbc5a1a242882fc448205RoundCube version 0.6 suffers from cross site scripting, content spoofing, brute force and clickjacking inclusion vulnerabilities.
9dc10274c217ba92b21fcd905f28a73c27560f55021f768548de73a3ce642a34The InfoSec Southwest staff are now soliciting papers to be presented at their 2012 conference to be held March 30th through April 1st, 2012 in Austin, Texas.
d9a8b78ff7f095354470943cd115931c553c2ef7ae0abbceba8f8c08fcaa4dd2Red Hat Security Advisory 2011-1508-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially-crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature.
6b3205303af6886661268ac79f893acb0064e876132277e16c652b3953622d34Red Hat Security Advisory 2011-1507-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar and cpio. It can also read ISO 9660 CD-ROM images. Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
dab0d35c9eae33915787aa3a999f7c73ee701a7fc540df7300f27a9d8a19a434Red Hat Security Advisory 2011-1506-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 4 will end on February 29, 2012. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 4.
45bdfeb27da78186946bd4fa7c67f470498cc81a4c286e9cb59c1b3413ecb849Ariadne version 2.7.6 suffers from multiple cross site scripting vulnerabilities.
592cd200ed89526f95fb5fe6f5d0c549093c633e3a6cab62bfc85166f05e8bd0HP Security Bulletin HPSBPI02728 SSRT100692 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 1 of this advisory.
d48441fde8682890a6be06f1b7536c5c8c950288456b21ade23cb63724135da3Hero Framework version 3.69 suffers form a reflected cross site scripting vulnerability when malicious input is passed to the month variable.
af9f6f3dc40a1274defc99fbfb647c0251776cbace78669a4fe006b1e24a98bdCSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website. This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms). The methodology used to identify these forms is the 4-pass reverse diff analysis. Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.
fd58e11b450986c60c0cd969f891ab765b1a2c2b2206cb75dbea974ece7c66c8XssScanner is a tool designed to help penetration testers find cross site scripting vulnerabilities. It analyzes a webpage to determine which are the payloads that could be used according to the position of the parameter. Then, for each selected payload, XssScanner sends a request using the payload and checks the returned page to find the payload. The major feature of XssScanner is its ability to detect many encodings that do not change the behavior of the payload (eg: double quote encoded into ").
beced1c0c47a2a50b77bc4b4d0a52f446464a99e5678cece598afbfae7977461Digital Whisper Electronic Magazine issue 27. Written in Hebrew.
64db6448f9fe9b1b6580980f855d7a8d170b9121b7b516a9ecede7a03d13bc74Secunia Security Advisory - Multiple vulnerabilities have been reported in the Webform Validation module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
182f1890a2d54bcc73e4f6df5f1b24035ebb225d607d19d78c5e46f6db60c63fSecunia Security Advisory - Debian has issued an update for cups. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system.
e8321de2ee9e418e1c68213a94ff63b7bce68753fa013e8e5e84a24c668d2cc0Secunia Security Advisory - Dognaedis has discovered two vulnerabilities in AtMail Open, which can be exploited by malicious people to conduct cross-site scripting attacks.
514044d624253ab9e641a5b81230087a10df2fc27a5ce20836b27bcfbf2abf77Secunia Security Advisory - A vulnerability has been reported in Adobe Flex, which can be exploited by malicious people to conduct cross-site scripting attacks.
daea4b6ab7a0f6ca32fc0851155869ac4f74755f386cdbbac06e9141f61a9facSecunia Security Advisory - A vulnerability has been reported in Serv-U, which can be exploited by malicious people to bypass certain security restrictions.
d80a158a49a179a83ffc4ff4ea9ce030ef1e7f12005d9a8a496defc575714899Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a weakness and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service) and by malicious people to cause a DoS.
83cf1dae3ca1d42e4ecdce1af523f9631f56b0b144cfb1cfdd420ba459d9f341Secunia Security Advisory - A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service).
3fcbcd4af3e2fdf1cfd3ddcfb22f04172afb79f86f02a5e6d0183a7e0737eed4Secunia Security Advisory - A security issue has been discovered in the Proc::ProcessTable module for Perl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
8feeef65e17ae75af2f21b5a0368354a65090937c5722ad7e8ff75e502b4ae45Secunia Security Advisory - Multiple vulnerabilities have been reported in the Support Ticketing System module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
77e42c99cca90f5dc3f533349edddd1298457e26aeb1a20307c8487b09cd01a5Secunia Security Advisory - Multiple vulnerabilities have been reported in the Support Timer module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
0a01683bc89b4138e9ad82434ad90ea3f0614b61e7705c288af2951b5e402e18Secunia Security Advisory - Kingcope has discovered a vulnerability in Serv-U, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.
da44f28a198c750e6221c047fc42b7750bb8e98204fcfa28478e335d83ef3249Secunia Security Advisory - Luigi Auriemma has discovered multiple vulnerabilities in CoDeSys, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
8e16456dcaea01bba34e602c9b3b64afbcc5aff873e99d39d35df556aedb511d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed