Secunia Security Advisory - Multiple vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise an application using the library.
27c5d23c6be9a30824814a60aacf25021583d39f03e237fb26e4d5e3b490d3efSecunia Security Advisory - Debian has issued an update for krb5. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
235175ebb08fecd53ef1f1503dd967d9ced6d7b96fc4929f5b05e163637ce06fSecunia Security Advisory - A vulnerability has been reported in the Registration Codes module for Drupal, which can be exploited by malicious people to disclose sensitive information.
b46e74eb9b9ce670dd310a84d58a1ca0f206ba7dbdb53c3644485a2b6d3aead0Secunia Security Advisory - A vulnerability has been reported in UBB.threads, which can be exploited by malicious people to conduct cross-site scripting attacks.
e7b3e0ad4ad461ac8227bdc59cbc718ea2998ad3690a9f3e30ba0da04581bb60OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
faf1eab0ef85fd6c3beca271c356b31b5cc831e2c6b7f23cf672e7ab4680fde1Technical Cyber Security Alert 2012-6A - Wi-Fi Protected Setup (WPS) provides simplified mechanisms to configure secure wireless networks. The external registrar PIN exchange mechanism is susceptible to brute force attacks that could allow an attacker to gain access to an encrypted Wi-Fi network.
b37c21ad33cd8507ebeea5cd4b34829a2fda35d92dc3ebc05875fc4c7aa0c110Ubuntu Security Notice 1306-2 - USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 9. Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Various other issues were also addressed.
fb1b31af3076d871d28a266beb07383380a0af8d461b803c1151a07c03fc997cUbuntu Security Notice 1306-1 - Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the user that invoked Firefox. Aki Helin discovered a crash in the YARR regular expression library that could be triggered by javascript in web content. Various other issues were also addressed.
e2aa447b98554257f109cac90d0c5d53f206d2e9d086a68a789b01c68ee3ed64Novell Netware version 6.5 SP8 suffers from a XNFS.NLM NFS Rename remote code execution vulnerability.
00b22eb07f1cc14aa9a35dae7eb6cc09b9489454a5d12142e3febb92a409a2e8Novell Netware version 6.5 SP8 suffers from a XNFS.NLM STAT Notify remote code execution vulnerability.
5d3a4261c59dc1dd0fadd112e2583f47f27209f3d5a2e638e6575eccb0716806WordPress Pay With Tweet plugin versions 1.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
ee9730e6f56417b923772a21ff799336d514dbe588c151cd1d5fbe7f8863f5d5TinyWebGallery version 1.8.3 suffers from a remote command execution vulnerability.
159bf1d3ec69e72736a26f8bea8c478e4b3a9326f5becd2e136477e2d1e0573eLook411.com suffers from a cross site scripting vulnerability.
163f9f60f91928cf0ccc4915c472e3824eb9fa8436375980ea242d9514dcb6fdAtar2b CMS version 4.0.1 suffers from a remote SQL injection vulnerability.
601a89c4c9768908e2e87694aa87d3029081e8732cda3d09886186e5dbf3aa1eGoto System suffers from a remote SQL injection vulnerability.
620bec0e53e63e9f36373909ac6b5c9455621cf51bd5b781f88c0e4ebd0a745bDIGIT CMS version 1.0.7 suffers from cross site scripting and remote SQL injection vulnerabilities.
f35ad762f228af8f8a3487ef7a01c9305f2268b1bd8b4832da330c23b01fc3d0Debian Linux Security Advisory 2381-1 - It was discovered that the IPv6 support code in Squid does not properly handle certain DNS responses, resulting in deallocation of an invalid pointer and a daemon crash.
17e34658a97477a20eed60bd15f3b6425fcbe048094fb417f5bec8484204a56cVBDrupal suffers from a cross site scripting vulnerability.
72532f1c94060a4586aecb31b2ddccb024595e1ebee9913901d39335038c2cf6IRIS suffers from a remote SQL injection vulnerability.
028ef517cf5b64dad025673f6726b80958f3ac473a11f36896fd07c9056afcc3IpTools (Tiny TCP/IP server) version 0.1.4 suffers from a directory traversal vulnerability.
e7c4d4712ec9ceb7a44066fe92fa6f19a4cf1f4390164fa03d4a9a2519bcdd6fIpTools (Tiny TCP/IP server) version 0.1.4 suffers from denial of service and overflow vulnerabilities.
bdf1ea586fea677491e015279797adfa7ca3848e267daac8854bb6a545bbfac1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed