europ INNET Web Studio Administration Program version 2.0 suffers from cross site request forgery, cross site scripting, local file inclusion, path disclosure, and remote SQL injection vulnerabilities.
8b945b66041046c68f9608814b1da5af72c0a32cca28ec9997b10974d6f4262383 bytes small Linux/x86 ASLR deactivation shellcode.
3c4799dd92e003e39ce50560912dd05104d6cce8bc4f1ce4a42be3063c322af2Mini-Stream RM-MP3 Converter version 3.1.2.1.2010.03.30 buffer overflow exploit with ASLR and DEP bypass.
edfd394763830724256e7884bbcdffd800bc4481aa275a07d6e9009bb6093555PHP UnZIP version 0.1 suffers from a remote disclosure vulnerability. Note that this finding houses site-specific data.
23a6b6805759f0b8d0a1867fb3e155e4357ccfc59fdb6f110096ef1b359dadacThis Metasploit module exploits a stack-based buffer overflow in Photodex ProShow Producer version 5.0.3256 in the handling of the plugins load list file. An attacker must send the crafted "load" file to victim, who must store it in the installation directory. The vulnerability will be triggered the next time ProShow is opened. The module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
bf2514d474a7b08d3b8119c8f11509c92a1414014f2de791e9a5e94b2b9e0c03Secunia Security Advisory - muts has reported a vulnerability in Dell SonicWALL Scrutinizer, which can be exploited by malicious people to conduct SQL injection attacks.
f0ccb5e2b55c245c40ea03dc1aecbb75726164ee9f5337b0ea7f906740a46718Secunia Security Advisory - NetBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
fc2ab73f81d9b37fd7f479a3237004f5c305cadc5ed26b487ef654e65b2fa37cSecunia Security Advisory - A security issue has been reported in the Location module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
454541b7a58fc771d7673b623827bb759fe2c702b466c14b246f379f5aa68b04Secunia Security Advisory - HTTPCS has discovered two vulnerabilities in Thelia, which can be exploited by malicious people to conduct cross-site scripting attacks.
c4b63ea336474287f043f95019e6cd64e843eff7a1f301eb38289f8875c0f047Secunia Security Advisory - Multiple vulnerabilities have been reported in Adaptive Server Enterprise, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and compromise a vulnerable system.
efb8365869e395dfc8adf202e5f9dafea448cca331bd66abc450b9c2081675b0Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions in an application using the library.
437136c2b6d4c58de22a78afe4d04237a3da9a57a59713b7363d6b3f84dd6fb3Secunia Security Advisory - A weakness has been reported in the Secure Login module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.
6a5dcea1138907bac81b8d38c6dc8b0ace4938837cf2debd399056437fb8f8f0Secunia Security Advisory - A vulnerability with an unknown impact has been reported in multiple Sybase products.
b3b7de1ffcf8045bdc6355426edaf09b1bad8236ebf768a2a6c8c2ed5274f70bSecunia Security Advisory - A vulnerability has been reported in the Authen::ExternalAuth extension for RT, which can be exploited by malicious people to bypass certain security restrictions.
d3a746eb41a3b0acd05d875969f2d7e618d666f75397e20bab9a14f39a98a595Secunia Security Advisory - Some Vulnerabilities have been reported in the RTFM extension for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.
70b1f89b1a0ef7f025ea8bc1bab05b8194bfcff04e4bc0ef2ee9025ff2c39d24Secunia Security Advisory - Some vulnerabilities have been reported in the Extension::MobileUI for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.
ab2e8b6413fe7d80930238df5428ddab75f4e3c2f88f803a8cec8ee50e90deaaEntropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
1256b9eabb591bfe6735cfcd5b31fafece6cca0028f6df1894bd805070ba6d45The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
369682b2e5a5716a6271a6c5db9a43e3809e91acfb08438c0d3de2fec1284a35Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
b76fc3118d8fe93230f8544a6507609fe103e65bd131ddd246af1ee88c30a1abafick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
933d4fffd3ddffb6eeb8972b47caf3bce6a24d709209a488ab2ddec8e716842cRed Hat Security Advisory 2012-1114-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
737ca44d3c22f02002125758603606b3bf1912e7077558158feefff2fb692236Ubuntu Security Notice 1517-1 - It was discovered that the Mono System.Web library incorrectly filtered certain error messages related to forbidden files. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. It was discovered that the Mono System.Web library incorrectly handled the EnableViewStateMac property. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 10.04 LTS. Various other issues were also addressed.
be0532b5d29f4ce5ef9813a17a2367a5ec386f67370f51d9825d90b7a5f27ec2Red Hat Security Advisory 2012-1116-01 - Perl DBI is a database access Application Programming Interface for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of perl-DBD-Pg are advised to upgrade to this updated package, which contains a backported patch to fix these issues. Applications using perl-DBD-Pg must be restarted for the update to take effect.
6b9911606556711f6d311f9701a306c24b1afc6085dfd1dde7ad91431c552f38Ubuntu Security Notice 1516-1 - It was discovered that OpenSSL incorrectly handled the SSL_OP_ALL setting. This resulted in TLS 1.1 and TLS 1.2 being inadvertently disabled for certain server and client applications.
f2262e55a41ba5619c60cd6ba0d89acc3919c82392ab15e2dd986d7c27563ab8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed