Hotel Booking Portal version 0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
256b6d0f295a339e04943601e44942aae79e9b08c4b1430be39582ee5d729968Debian Linux Security Advisory 2526-1 - Just Ferguson discovered that libotr, an off-the-record (OTR) messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to an application that is using libotr to perform denial of service attacks or potentially execute arbitrary code.
7c01fb86e171c48aa3e6e49b606b9a1e9e94d6901619b80a625f9b7c0c78d71dUbuntu Security Notice 1535-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.
45a19fe276e735d415cd1a01153d8aaa18717189a56c96cfbb4d88c50dcddeccUbuntu Security Notice 1534-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.
5ac3c3a851b0545ddc164371fc5ad555f111ce1cb5d2b35278736b9365d66c52Ubuntu Security Notice 1533-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
5082c7fb8f2daf682cfc7378525c60b86fbdff934daf85b48b38b2fb8e3e9935Ubuntu Security Notice 1532-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
d3bc5635bb481cc6a0e193e3e7c9e9b74aef3286e675b23aa6d47538518c4356Ubuntu Security Notice 1531-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. Various other issues were also addressed.
02e8241e6bf305aa37396622b58304e85b75430ea8d557a9abfcab876e316fe7Ubuntu Security Notice 1530-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
1182d44ab2f37a093d4b3adc952b3b7cbf5002be8d366863ba89dea8ab42ea57Ubuntu Security Notice 1529-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.
e952789bbefd461e15d40316c4fbdd6eac86480773556aab5265687085c3d735Ubuntu Security Notice 1514-1 - A flaw was discovered in the Linux kernel's macvtap device driver, which is used in KVM (Kernel-based Virtual Machine) to create a network bridge between host and guest. A privileged user in a guest could exploit this flaw to crash the host, if the vhost_net module is loaded with the experimental_zcopytx option enabled. An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Various other issues were also addressed.
e1c10bba69a8a49308a988c308242a9abe24b1f355d1cf1a0609f14097f65f5cUbuntu Security Notice 1527-1 - It was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. Tim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.
c3584e3aa4d3cbb82dcc486580cc91f457a48e7ca032d71f17b0d2dc8c8edb29Viscosity OpenVPN client for Mac OS X suffers from a local root command execution vulnerability due to a suid binary executing site.py.
bbed2f8bef6e98f9f906db21866f9556901fd2af1233ad2af5fa7f69e3f8af21Playboy.com suffers from a cross site scripting vulnerability.
d3c90c643472122d05f903587daaf7a21fbecbd2556a199dc7102ffaac3713b6The heasarc.gsfc.nasa.gov site suffered from a cross site scripting vulnerability.
58f35f396ed253b516d3f9af4c85beaa88e1b34ee3b6b86a72f532bebc716a74The Passwords^12 Call For Presentations has been announced. It will be held at the University of Oslo (Norway) December 3rd through the 5th, 2012.
b22177219b2df9e74a0cd122fe1ebfc286c7578564e0f26ab3dbfd71aab4ac78Mcdonalds.com suffers from a cross site scripting vulnerability.
9645dd64740cc659afa8e577fdac2bf3473b1a0624a9e0ff8055e95dc9d564c4The profile.callofduty.com site suffers from a cross site scripting vulnerability.
51263e977736c214f93598fe8b0a3642fb0f7d1eef0ba388f7b6cd5f02a5503bBlogspot suffers from a cross site scripting vulnerability.
3087ca1250acb62189df6b2bd039fb5fa6c93eb981f58ed40720f9da803aa3e3IBM WebSphere MQ File Transfer Edition Web Gateway suffers from a cross site request forgery vulnerability.
06b2bda21b62241e495908f7f89cca912345a066fc02b98fb7be62e23b3b7da5Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious users to cause a DoS (Denial of Service).
1d366967d1b82f4b9c5837e484d97357b744bb397a268d710d56649a30675bb5Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
809644f0f830b68f9237de0ad03ab3dd5c1b4a989c954f365fc500269850a12bSecunia Security Advisory - IOActive has discovered a vulnerability in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).
53d6b8949377c0c7ca12b833d41843f87f860e1a7e4d4991c1a51799b39889daSecunia Security Advisory - SUSE has issued an update for rubygem-actionpack/activerecord. This fixes two vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks.
4d86cc764da7edf3e8042b1cd70cf0c7242a758af6117463f97e8f7085b27d85Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
c47dbcfbed988fb012fc5678f5bb01004dc25cea272f7fa84fd1fbd2b7b8508dSecunia Security Advisory - loneferret has discovered a vulnerability in Xeams, which can be exploited by malicious people to conduct script insertion attacks.
8b783fab3c869b15f87c49ebe8765b32a51431b0ba60dc51f433a48d321d6fbb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed