Microsoft ASP.NET Forms suffers from a null byte termination authentication bypass vulnerability that exists in the CopyStringToUnAlingnedBuffer() function of the webengine4.dll library used by the .NET framework. The unicode string length is determined using the lstrlenW function. The lstrlenW function returns the length of the string, in characters not including the terminating null character. If the unicode string containing a null byte is passed, its length is incorrectly calculated, so only characters before the null byte are copied into the buffer.
63981257663cd145e7371de1db9fbfbeMandriva Linux Security Advisory 2011-197 - Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service by sending many crafted parameters. The updated packages have been patched to correct this issue.
5179d8a626ca4088fe479cf3b48be141Debian Linux Security Advisory 2263-2 - Advisory DSA 2363-1 did not include a package for the Debian 5.0 'Lenny' suite at that time. This update adds that package.
a0bbab53f114dafaae68a795a8a7fcddDebian Linux Security Advisory 2376-1 - It was discovered that OpenIPMI, the Intelligent Platform Management Interface library and tools, used too wide permissions PID file, which allows local users to kill arbitrary processes by writing to this file.
eea94fc0a18aacd063e5aa41244a2d8dReaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases. Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations. On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.
e073021df56b2e6499f8c894564805ebDede CMS suffers from a remote SQL injection vulnerability.
c7b3ab5e0fe1700f1fba6f1cd1f482abRapidleech suffers from a cross site scripting vulnerability.
67f3c0ecf7c4805ff2c7cd3d5ba90e9eThe WordPress Facebook-Page-Promoter-Lightbox plugin suffers from a cross site scripting vulnerability.
d343f4ea4071b5f7ea5611cab1fbed77Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Blog module for DiY-CMS, which can be exploited by malicious people to conduct SQL injection attacks.
39f1d3fc31217898dae3c365cf011d83Secunia Security Advisory - A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks.
faa220a2bb8e07ab81d18067338167baSecunia Security Advisory - A vulnerability has been reported in Plone, which can be exploited by malicious people to cause a DoS (Denial of Service).
5e36d4ef4885d6c60ea99777521ff235Secunia Security Advisory - A vulnerability with unknown impact has been reported in the Connections plugin for WordPress.
1c7a4492884e9816e78c4be088f72b6fSecunia Security Advisory - Two vulnerabilities have been reported in op5 Monitor, where one has an unknown impact and the other can be exploited by malicious users to disclose certain sensitive information.
66563c083e6550a4ecba92f45cc702c2Secunia Security Advisory - A weakness and two vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
623350a25eac56ca059c088f7e784c86Secunia Security Advisory - Two vulnerabilities have been reported in op5 Appliance, which can be exploited by malicious people to compromise a vulnerable system.
b14940ab7e3299125550c4045c415783Secunia Security Advisory - Oracle has acknowledged a weakness in Oracle iPlanet Web Server, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user's session.
2981548a9f1f11849a992480cdf4de86Secunia Security Advisory - A vulnerability has been reported in Neturf eCommerce Shopping Cart, which can be exploited by malicious people to conduct cross-site scripting attacks.
6e5b21804fea99aedcc113ff4f216a3fSecunia Security Advisory - Alexander Fuchs has reported a vulnerability in Akiva WebBoard, which can be exploited by malicious people to conduct SQL injection attacks.
f4da28a78d39e8c6e5ac5b7c58d5f708Secunia Security Advisory - A vulnerability has been discovered in Winn Guestbook, which can be exploited by malicious people to conduct script insertion attacks.
851e981fdcdd3434832188510b2e71c7Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Blog module for DiY-CMS, which can be exploited by malicious people to conduct SQL injection attacks.
39f1d3fc31217898dae3c365cf011d83Secunia Security Advisory - A vulnerability has been reported in Bugzilla, which can be exploited by malicious people to conduct cross-site request forgery attacks.
faa220a2bb8e07ab81d18067338167baA variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms.
22dd5e111e5c4f6aa908cc54c3e0e83aHP Security Bulletin HPSBMU02731 SSRT100518 - Potential security vulnerabilities have been identified with HP Database Archiving Software. These vulnerabilities could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.
5ff8db5eab8775d565444c5b2863a725Register Plus Redux versions 3.7.3.1 and below suffer from cross site scripting, remote SQL injection and code execution vulnerabilities.
5854f76518ef7422568805884e91a5f4This bulletin summary lists a Microsoft security bulletin released for December, 2011.
2d722e7fb08ffd50618692aa92fc2add
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed