Secunia Security Advisory - Andrea Micalizzi has discovered two vulnerabilities in Novell Privileged User Manager, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
93baa9c57d733f717d652e35a97b4825577b1ce10e57903386cde4ed2ea5616aSecunia Security Advisory - SUSE has issued an update for opera. This fixes multiple vulnerabilities, where some have unknown impacts and other can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
65472e4a3fd440bdcf1f3b7d647d04be041e64318873ae3705e5ec9819b7b253Secunia Security Advisory - Red Hat has issued an update for libproxy. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
f5e6e42fda0daf268a6cd23fc3164834b7f5f0e12a1f6acdff541ade78b4640eSecunia Security Advisory - Some vulnerabilities have been reported in Horde Groupware, Horde Groupware Webmail Edition, and Kronolith, which can be exploited by malicious users to conduct script insertion attacks.
086207794dbe4557600c01d83e4fb58e3df9badcad39b270162435fcfeb3563bSecunia Security Advisory - A security issue has been reported in the User Read-Only module in Drupal, which can be exploited by malicious users to bypass certain security restrictions.
66ef020426934de03ca3344c5b36fd1c17b73207c6e5d2a20ca6bb0c370f351eSecunia Security Advisory - Red Hat has issued an update for mysql. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
92bc46b5c60c57f1dff2276818fee16d9ee65ab7e1e9ca780fba12d446ce2489Secunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
a37ddb8b2287da8fecd18ceb27bd384e1a2b4df270bc9bd9c15a2376456b8253Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the post-views plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
4685603298a20769b67ea22214b670166030b852d6044bfbb3be8a669bff9670Secunia Security Advisory - Two vulnerabilities have been discovered in The FAQ Manager, which can be exploited by malicious people to conduct SQL injection attacks.
a4f746a4fa3cb0d072111d7210f3e158b019b66d2b07acc066bb82cf14f4d2b3Secunia Security Advisory - A security issue has been reported in MantisBT, which can be exploited by malicious users to disclose potentially sensitive information.
19157884a27023ffc663b18eac1e82db0a9c5857af4ed086450e61e0a9ee008dSecunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Tivoli Monitoring, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
4de279fbeec1c5fd244c19fd737a00e6c738bec30ea0d990fe92ef6d1ac913f9Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Tivoli Management Framework, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
9212180498603e1d3d64f67716a09ab7c86622ebff4a4f249e036719cc2e1b35Secunia Security Advisory - A vulnerability has been reported in the RESTful Web Services module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b7397911cc68869f4884c59a846ee3770ac40ba8a0cdfa47c937fa98a0041081Secunia Security Advisory - A vulnerability has been reported in Dell OpenManage Server Administrator, which can be exploited by malicious people to conduct cross-site scripting attacks.
bc6de1b2ff0c841e7288465f901a30219b9b6ff29a155718c96b80885d3d9fa7Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Lotus Notes and Lotus Domino, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
6a3612311657899c6002bd3d213b93c1456e7719bafd7ccb4bf435312d1117feSecunia Security Advisory - A vulnerability has been reported in the Smiley and Smileys modules for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
522fc391930cddc6f3ef8c682e18a9e131554f639099c803fa3e13801a56826cSecunia Security Advisory - Multiple vulnerabilities have been reported in IBM Java, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
47d5dd8933fbd35666521df65fde4fc6b37de58832545d67afcc83978f5b71bbSecunia Security Advisory - A vulnerability has been reported in OpenVAS Manager, which can be exploited by malicious users to compromise a vulnerable system.
cafe702c4ccd041ac4da34e86314de5d27ad533e9c300354fc8936af1ae99c55This Metasploit module exploits an arbitrary file upload vulnerability on the Client Analyzer component as included in Oracle Database 11g, which allows remote attackers to upload and execute arbitrary code. This Metasploit module has been tested successfully on Oracle Database 11g 11.2.0.1.0 on Windows 2003 SP2, where execution through the Windows Management Instrumentation service has been used.
84145a2bd1465f746c9f1fb3cb57ffe9811d8c12fa296a6bdabb07a13010b2adNovell NetIQ Privileged User Manager version 2.3.1 suffers from a perl code evaluation remote command execution vulnerability in ldapagnt_eval() in ldapagnt.dll. The secure web interface contains a flaw which allows, without prior authentication, to execute a Perl script with SYSTEM privileges. This can be done by sending a POST request with well formed data. Full exploit included.
f2677910b884afa12ade6e175014677e91e4db77215c215f570b78204891f70bNovell NetIQ Privileged User Manager version 2.3.1 suffers from a remote code execution vulnerability in pa_modify_accounts() in auth.dll. The secure web interface contains a flaw which allows, without prior authentication, to change the password of the user 'admin'. A remote attacker then could login to the web interface with full privileges and trigger underlying vulnerabilities to write arbitrary files against the target system with SYSTEM privileges. Full exploit included.
cb5b36fa91506836a8939d6ca42408814c64880b86065e5e6fb112b35bf19520Technical Cyber Security Alert 2012-318A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
3686044e826dfdc6eeaed504034372a13a46723b8035dba0c178d88e64c6b730Drupal Table of Contents third party module version 6.x suffers from an access bypass vulnerability.
de9d3420b8f2bb8aa45ead18120cc14b66ec3e1ee7fb7fafe60288fe5b8e9b05Drupal Chaos Tool Suite third party module version 6.x suffers from a cross site scripting vulnerability.
ca74e9dd5c4ee03813e94af77baad38fba13ceee4e867efaf0762dbb9e86e7b6iDev Rentals version 1.0 suffers from multiple cross site scripting vulnerabilities.
f49da30c25577ddf778c0ccd319f4256b0419b13ab196f1602832edc06d22abc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed