Red Hat Security Advisory 2012-0451-01 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code.
d797f3fc256507eacc48716717d15d5fd6983e28a36101b9b64789629fbc8c65Secunia Security Advisory - Multiple vulnerabilities have been reported in Wonderware Information Server and Invensys Wonderware Historian Client, which can be exploited by malicious people to conduct cross-site scripting attacks, conduct SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
e3becaa970343f126481b68f4dfa5161155de42fdba59815e730767e09805745Secunia Security Advisory - Christian Landstr
5b20ed8d389ddbbdd1e0bb86f4a702a863b4e6202095113e410c2aca24491a17Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise BRMS Platform. This fixes a security issue and two vulnerabilities, which can be exploited by malicious people to manipulate certain data and disclose potentially sensitive information.
da4bcb6c460a25426b6d5d21995e88befc2cf933ac435842fddcea46f354548bSecunia Security Advisory - Vulnerability Lab has discovered multiple vulnerabilities in FlatnuX NEXT CMS, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.
87cc798d65764b5564940b6ae614e27e4476a7e373908d4f964473cdefe7456fSecunia Security Advisory - HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
bd572ddd626bcc6d6bcc870e99e2dc9271064a927911ff220264d226ac7546f1Secunia Security Advisory - A security issue and a vulnerability have been reported in Joomla!, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
5bd98bb61e670133723cb51e10de75d0e702a2accdd2c550e42107c812b53b2aSecunia Security Advisory - Vulnerability Lab has discovered a vulnerability in FlatnuX CMS, which can be exploited by malicious users to conduct script insertion attacks.
773c12dce2c6312ec79178583bee2c89f442b67238ac876964cace69db54c2fcSecunia Security Advisory - A vulnerability with an unknown impact has been reported in the Another WordPress Classifieds Plugin for WordPress.
901f7df867612a338578aa8ab8fdcf9752af1926bddae882230f97dcb83932e7Secunia Security Advisory - Andrei Costin has discovered a vulnerability in Ghostscript, which can be exploited by malicious people to compromise a vulnerable system.
761ca64946822212e4999b61826da1dff17dcecf299031b8f04b34cc26a483c1Secunia Security Advisory - Ubuntu has issued an update for aptdaemon. This fixes a security issue, which can be exploited by malicious people to bypass certain security features.
98c1cc2c8d3b2e4ddbba9c5a207adb876929a954554571eb70e664d4e64518caSecunia Security Advisory - A weakness and multiple vulnerabilities have been reported in HP Onboard Administrator, where one has unknown impacts and the others can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, manipulate certain data, and potentially compromise a vulnerable system.
f82ae7014c94cdae97c2e67e8040987ee6c66fc2955e79cf475b4ad77fb4cad8Secunia Security Advisory - HP has acknowledged a security issue and multiple vulnerabilities in HP Business Availability Center, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).
1623f4dcd5bfb2e44da5be390cf3e10519bab9360cc45fc06bf5a1c4b84153a5Secunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service).
99f0da7198755b469bf1a5a15d4faa983bd16c7af9a9fe4b1f03539319afd1dfSecunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
30c191262e3e6c287db711bcc99f11fd804a4b1f6e350d8427569eb074a183f3This archive contains all of the 348 exploits added to Packet Storm in March, 2012.
b1213a6b087ecdbaceb24826682a5147445c4943594d2f3766ed5f03eb786a28GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
c3a07f641d78a4d4e5a6984c4e8f07390944c68c8d982826bd3f672383b4d8faOATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
addfc14da459bb052d5849090b5e7a9f232f9f6348265046203946544ea001e6Mandriva Linux Security Advisory 2012-049 - Cross-site scripting vulnerability in statusmap.c in statusmap.cgi in Nagios 3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the layer parameter. The updated packages have been patched to correct this issue.
f89dda035b10b7cb0cea37643164ca192f767b587a8cd37c87951f667973bff8Mandriva Linux Security Advisory 2012-048 - Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766. The updated packages have been patched to correct this issue.
f39d53e6a1bd858ad8d3e9bea71a663fd9dd6cc3cd6f65b648a939ff4b8ab898Red Hat Security Advisory 2012-0441-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.2.0. It includes various bug fixes and enhancements. The following security issues are also fixed with this release: It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.
aa88fdb7a6bd80c673f8c3a8fd33a6748135e59f49d09b6b5f841cb97ee7fcb8Ubuntu Security Notice 1414-1 - It was discovered that Aptdaemon incorrectly handled installing packages without performing a transaction simulation. An attacker could possibly use this flaw to install altered packages.
6dc132eab4251e42407f8753fa52044ad3783132d6adc04da99578a40dc765dd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed