Hotel Booking Portal version 0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
6681a356490ff44dcaab0358c4e61b55Debian Linux Security Advisory 2526-1 - Just Ferguson discovered that libotr, an off-the-record (OTR) messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to an application that is using libotr to perform denial of service attacks or potentially execute arbitrary code.
44b562511685ea6c899304c4ec4d04f2Ubuntu Security Notice 1535-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.
cf6d7fd3511ba46e569dc7497cd7b66bUbuntu Security Notice 1534-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.
b471f92c9127d7c31a949576671b66cbUbuntu Security Notice 1533-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
02e3ab665f99c2becbff7af3f76da4d5Ubuntu Security Notice 1532-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
643e40ef4808b43a2dda3fe2a84ff6d9Ubuntu Security Notice 1531-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. Various other issues were also addressed.
8b4dae4786f2ee8fc7cd5d2a4d254774Ubuntu Security Notice 1530-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
e2d239d87239c06731337489dde960eaUbuntu Security Notice 1529-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.
af2ef686a035e339e802557747aba3dfUbuntu Security Notice 1514-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.
135d74622b0eb63c6f412c8920b6b530Ubuntu Security Notice 1527-1 - It was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. Tim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.
df65e8959613da375d92a4a7be72b40cViscosity OpenVPN client for Mac OS X suffers from a local root command execution vulnerability due to a suid binary executing site.py.
310eead57ed8a1879d25cfaf62404d5bPlayboy.com suffers from a cross site scripting vulnerability.
62062a0450be45516e08cf33ba0af445The heasarc.gsfc.nasa.gov site suffered from a cross site scripting vulnerability.
4cad41640ae6cad0928df7259ce1f3d1The Passwords^12 Call For Presentations has been announced. It will be held at the University of Oslo (Norway) December 3rd through the 5th, 2012.
78c313258de90ce307754db2f3eea004Mcdonalds.com suffers from a cross site scripting vulnerability.
d2b948b0e5a5d90cb80f4681c0089746The profile.callofduty.com site suffers from a cross site scripting vulnerability.
95be4d23c8643c29e1b7ea6493c74ef4Blogspot suffers from a cross site scripting vulnerability.
a5d48831a640465e569db74458a66c11IBM WebSphere MQ File Transfer Edition Web Gateway suffers from a cross site request forgery vulnerability.
00eb8d50107aa9470e32b9e750dd32b2Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious users to cause a DoS (Denial of Service).
f2b866a0fe301e5f2aa3e00063912586Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
503ffc6d8584484b9e210f14286ebd52Secunia Security Advisory - IOActive has discovered a vulnerability in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
32a45c41ea7a1acf54504e4db086874bSecunia Security Advisory - SUSE has issued an update for rubygem-actionpack/activerecord. This fixes two vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks.
d4e5ed96744306d3096746de9af3c43fSecunia Security Advisory - SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
e8b379295a2fbdea97a75f89d4f4a087Secunia Security Advisory - loneferret has discovered a vulnerability in Xeams, which can be exploited by malicious people to conduct script insertion attacks.
e4c94d8af0373dffd1a0e86f5a0e65d8
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed