ClubHACK Magazine Issue 23 - Topics covered include GSM, Echo Mirage, OWASP Mobile Security Project, Mobile Warfare, and more.
0d6054c12f2728d9945e82774ebe209031538a77d6d465abebda9a381d13ec9fMandriva Linux Security Advisory 2011-187 - The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the tmp_dir, and pear-build-download directories, a different vulnerability than CVE-2007-2519. This advisory provides PEAR 1.9.4 which is not vulnerable to this issue. Additionally for Mandriva Enterprise Server 5 many new or updated PEAR packages is being provided with the latest versions of respective packages as well as mitigating various dependency issues.
cb1ec81377338e4d042683fd5e314efe8b576da3950d28b5b1cd9f721948c5c9Journal PHP suffers from a remote SQL injection vulnerability.
309813d3a1f632d0ec8aa59fef3a80b31f50bb8ca45d23f25322a987487f4d34Ubuntu Security Notice 1309-1 - It was discovered that the DHCP server incorrectly handled certain malformed packets when configured to evaluate regular expressions. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service.
7968def0ed382a1bb76e3e718e0b2b511eb526d98740627c735433e840ccf462Owl Intranet Engine version 1.00 suffers from multiple authentication bypass vulnerabilities.
5304b380a361124cff3e565a933670de23c3fbfcbacba16332fe80f88e1c2995Various Websense products suffer from a stored cross site scripting vulnerability.
bbf08900d088b14d88e0a2bf6321e7fe7ce0f120eeab7eab72fd4e100ce42413Various Websense products suffer from unauthenticated remote command execution vulnerability.
e549a2fbd318fe2dbdfb412e12109360d21400f9c2d218e825b732d8f8e02e51Various Websense products suffer from a reflective cross site scripting vulnerability.
ece90c79ca2a7739685ff63342d4b3f531e7efa8593f4912807b6aca78ab5854Various Websense products suffer from an authentication bypass vulnerability.
2dc97d1c90a801c209072e2d488749516a0b6c66f1c93d5a035c0c47c908670fStanford.edu suffers from a cross site scripting vulnerability.
b7e5512d3dc133f9f3667eca2c025bef489e28decffbb1cd03004d3226e1239cSec-1 Labs performed a product security analysis of Splunk and discovered remote command execution as a privileged user, a directory traversal vulnerability, failure to protect itself from brute force attacks and information disclosure issues. Versions 4.2.2, 4.2.3 and 4.2.4 were tested. This archive contains an advisory and an exploit.
9cc7b90d467527ef440024994f447af75a7361359080cde790f375729dc79e38Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
04d375b627dd256d6257f2cbe5a770e4552e3f35d5e2100b97f75426b600d8cbSecunia Security Advisory - A vulnerability has been discovered in the QContacts component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
651650862acfe8e09260db75606beb9309c97d7f0320564d6cf87cb3c0f60f0eSecunia Security Advisory - Two vulnerabilities have been reported in Adobe ColdFusion, which can be exploited by malicious people to conduct cross-site scripting attacks.
08d063e7a613b265be263725663d390b85d570170f85c4c8d864e0ad7817ba54Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to conduct spoofing attacks, disclose potentially sensitive information, and compromise a user's system.
dd913d83d213fb0cd8cb0de880a446014ae9b1b1a20487513bfba9bc1704296bSecunia Security Advisory - Ruben Santamarta has reported some security issues in multiple Schneider Electric modules, which can be exploited by malicious people to bypass certain security restrictions.
bd1f5e470b2e7727fd8241b0cd7377321dd12b10a02f1218d0d2e7ab5663234eSecunia Security Advisory - Troy Rose has reported a weakness in Squiz Matrix, which can be exploited by malicious people to disclose sensitive information.
7798c82edde0fa17faba0641d7d3260518d4e665fc44a1582125bd0a2c81a45dSecunia Security Advisory - SignalSEC Labs has reported a vulnerability in HTC Touch2, which can be exploited by malicious people to compromise a user's device.
5a22ebb8018a11d653480ce72a1b2a5fdf9a42b9295a4cb206cb1178adf89456Secunia Security Advisory - A security issue has been discovered in Bokken, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
3e688d2f645e0086a9b8cf441b9d427bb9462ad3ec07c4ef2bf95e75d79a307bSecunia Security Advisory - Red Hat has issued an update for icu. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
73411b68e03fe1d86c39ce3e798fcdfebf4d96e6ca84c22175c2802023bf7e48Secunia Security Advisory - mghack has discovered two vulnerabilities in Simple PHP Blog, which can be exploited by malicious people to conduct cross-site scripting attacks.
e86ed32731f61f3f3a617047af8628440303b1c15b1d3bc288b49bace22f3a00Secunia Security Advisory - Red Hat has issued an update for ipmitool. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6634b7ac34eb4dcace23e0acb41127d39c9e7cc1dd2040f9000e228454eb8e90Secunia Security Advisory - Ubuntu has issued an update for php5. This fixes a vulnerability, which potentially can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
0d118aa994e2bc52c4350531b55410cdd69fe954c42a0de9eaf6942b4f441f27Secunia Security Advisory - SUSE has issued an update for susestudio and kiwi4. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct script insertion attacks and compromise a vulnerable system.
b3231a2fe6397bb09c1d0cdd4837b8afe530a2cccb815e4748edd86d36659b96Secunia Security Advisory - Red Hat has issued an update for pidgin. This fixes some weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service).
879ae28045c5760c717df9a185cbe665015c86d0a39bcb785ce82cd3289973eb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed