Asterisk Project Security Advisory - A Null-pointer dereference has been identified in the SCCP (Skinny) channel driver of Asterisk. When an SCCP client closes its connection to the server, a pointer in a structure is set to Null. If the client was not in the on-hook state at the time the connection was closed, this pointer is later dereferenced. A remote attacker with a valid SCCP ID can can use this vulnerability by closing a connection to the Asterisk server in certain call states (e.g. "Off hook") to crash the server. Successful exploitation of this vulnerability would result in termination of the server, causing denial of service to legitimate users.
0ffad12f4ee7638c64029cbf2387da33862ed3926680288d1303b12b6023069eAsterisk Project Security Advisory - A remotely exploitable crash vulnerability exists in the IAX2 channel driver if an established call is placed on hold without a suggested music class.
58df312830538efb7064340b0ec5a2811f9dbc943e1ac2e4e461efa35a6bc391This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 0.9 of VAMCart and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.
2f631d7a476c9b413ae2de8686ab1f98d4e0e9c4ff4f224e34949b05e6bbf3c0VANCart-InternetShop version 0.9 suffers from cross site request forgery and shell upload vulnerabilities.
a3d1a0eb4bb484d54b974426fd346ef862dfc26b4788bc1577f86886d324b2b8This Metasploit module exploits multiple cross site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 to allow for arbitrary file upload / command execution.
f39d87cd2d0ecdc33b13e8ce46c0cbdb325accad08219c2178ea9f86295312c7Multiple SQL injection vectors and an authentication bypass were discovered in SCLIntra Enterprise. An attacker can leverage this flaw to bypass authentication to the application or to execute arbitrary SQL commands and extract information from the backend database using standard SQL exploitation techniques. SCLogic SCLIntra Enterprise version 5.5.2 on Windows 2003 is affected.
c7954229b9ce16aaf5f3c60a61787040cfee262c67b973d25aca89a39defc883This Metasploit module exploits a stack-based buffer overflow found in the handling of SAMI subtitles files in MPlayer SVN Versions before 33471. It currently targets SMPlayer 0.6.8, which is distributed with a vulnerable version of mplayer. The overflow is triggered when an unsuspecting victim opens a movie file first, followed by loading the malicious SAMI subtitles file from the GUI. Or, it can also be done from the console with the mplayer "-sub" option.
ff773c1737c09b314a58cb07dab372f6b99f077dc26dbd42fd59a36e56c907a7Debian Linux Security Advisory 2480-2 - It was discovered that the recent request-tracker3.8 update, DSA-2480-1, introduced a regression which caused outgoing mail to fail when running under mod_perl.
e07b2f00d518d311c1eeb0eea530260835e3164ea995c4f29764a08ebe15c712Red Hat Security Advisory 2012-0699-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS application data record lengths when using a block cipher in CBC mode. A malicious DTLS client or server could use this flaw to crash its DTLS connection peer.
c06ac1424785317703c7aa22ceb6c44b036fc510567d485d7bf8e44c5ffb7b08Red Hat Security Advisory 2012-0690-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that the data_len parameter of the sock_alloc_send_pskb() function in the Linux kernel's networking implementation was not validated before use. A local user with access to a TUN/TAP virtual interface could use this flaw to crash the system or, potentially, escalate their privileges. Note that unprivileged users cannot access TUN/TAP devices until the root user grants them access.
42f48969c33d14b422067a511d25a3ed7b2209d984bf368ba28a35ce8df3755bMandriva Linux Security Advisory 2012-084 - ncpfs 2.2.6 and earlier attempts to use ncpmount to append to the /etc/mtab file and ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors. The updated packages have been patched to correct this issue.
fbbe98313708f44403759851b9e9a64ecf87770fa03e46e7a245e2ac52cf9e1eMandriva Linux Security Advisory 2012-083 - Multiple vulnerabilities have been discovered and corrected in util-linux. mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors. The updated packages have been patched to correct this issue.
9f2d5ece52fc0a4e6ef741dd56347d53587505feec92ac9c027216e42692a92ePBBoard version 2.1.4 suffers from multiple remote SQL injection vulnerabilities.
7fe5b20927aaffae29776bb564eeb8a96670bea62bb6fcb45a4fd730c7f8b817OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
861fdebde307031be539289f54b2408220b8332179ea9458686a3786d19eb8fdGNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
310262d1ded082d1ceefc52d6dad265c1decae8d84e12b5947d9b1dd193191e5Secunia Security Advisory - SUSE has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.
d6faa20c6fe4e8e318fda883b939064501a92647dbfc33016d528a261e89c0a4Secunia Security Advisory - Some vulnerabilities have been discovered in TopicsViewer, which can be exploited by malicious people to conduct SQL injection attacks.
666f2e73e93190b7aba8403149d57b407f3ff9098cd705cef8beadd772706b16Secunia Security Advisory - SUSE has issued an update for jakarta-poi. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
f57d38a77ba2884713ddf85e182f5311d9f90ac05d3d12e8cdcf92089bfc9bdfSecunia Security Advisory - SUSE has issued an update for python-django. This fixes some vulnerabilities, which can be exploited by malicious people to disclose certain system information, manipulate certain data, conduct cache poisoning attacks, and cause a DoS (Denial of Service).
44269d4ebcbc135496b8b32591cec5e1edf6e67f42a94b85adcc158d2c8da5bbSecunia Security Advisory - A security issue has been discovered in Yamamah, which can be exploited by malicious users to bypass certain security restrictions.
e8fadfdcc3be0d9bb4298cf346de650cf1e567db63593b63a5657fcbb34f9258Secunia Security Advisory - A vulnerability has been discovered in TFTPD32, which can be exploited by malicious people to cause a DoS (Denial of Service).
e177b01c48069524db7066c2d2cf236b4432303c18f4ec81d7633a4910b20f9aSecunia Security Advisory - A vulnerability has been discovered in WinRadius, which can be exploited by malicious people to cause a DoS (Denial of Service).
351d0d4b9b32ff224e0d36ebaf67b551542648744a0723327a578d4db97396e0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed