Slackware Security Advisory - New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues.
b63a4dbdbb1ef8c895ac5afc462ea155c07bc23c4edd49af0325b7f3fa1e920bSlackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.
7b7836408b4254a7a556ead89226e0ca4048fbd90c229d4b90f988a290afe1c7Mandriva Linux Security Advisory 2012-174 - Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. The updated packages have been patched to correct these issues.
77a768adbe80cd4b982ace89f614bb542baed7f98b9bac2b9895f19f597fdf85Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
bb2d6f1136f33e11d37e6e34184143bf191e59501613daf33ae3d6f78f3176a0The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.
e23c89d44db9163f784b4ff04d606d1d56ae5646f4b6067a4cf9eb08c6eab232WordPress Zarzadzonie Kontem third party plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
dabbf8f277721a115251a4fc9ddc214797c96b3fbf36964e3d3366e8ea03717cWordPress Zingiri Web Shop third party plugin version 2.5.0 suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
33e48b2629820bb1f49eb5160c1b5e85747875d370c0743db0987af583804bcdWordPress Webplayer Player third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
d69cd4bc562251e4c95062dd6d91dc522ad3027613df830d537ee3bf94f409e3WordPress FS-Real-Estate third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
a95cc5c4f3002f51988d57a65b80a57548cc9d52aa6c7054c64b6cab72660b0cGianni Messina CMS 2.0 2010 suffers from a remote SQL injection vulnerability.
7413f864df6b0ffa6276a50f18c07ec9b0803cac1c325169b0ab7f2f1ed57b44WordPress Simple Slider plugin version 1.0 suffers from a cross site scripting vulnerability.
b62822bddeca9f6484d902fe80cc09828535e9f746d5cf7e2ffa58d421d49075vBulletin version 5.0.0 Beta 19 suffers from a cross site scripting vulnerability.
383a851953f113d20eee5651b22a19e11f4351c29d50b0617501bbb61a8f4268Simple Lighttpd version 1.4.31 denial of service proof of concept exploit.
bb9db2d5fb90777223307f529d060fc6a280653ad1ae2d1bd6798d5cfd9126c8WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability.
981db04fd87b5d87619c34a16a05e6dbd45876887adce6d3423107dafc1af622GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
fffa541c346b2d756f93b344a190f965c9b43b7dca0fb94043b81a9f64107cc1Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
3d1e4c41d08e5baf8af7d5cee22f9eb7fd7ed309f653a29a3211116a0cf24340WordPress Magazine Basic third party plugin theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
a0f0a2bb4d25112d7a6582eb26bee1291efed1a5f1e1f840369aeeedd948fe27Unix/Darbe-A is a new kernel rootkit backdoor based in the /proc file system.
e25b0997b5091f37ef98994f27fe8bbbd761dbb249f79ecc16ff5c73bf2ba57e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed