Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
86200ad5b5163c143405eed4a71a559dSlackware Security Advisory - New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
612f413cfdfccc0da36aa5aefe838fa8Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1, and -current to fix security issues.
af9386a307e4306cd773d00e8428fac3Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.
05611c0b154ff1745c960aaeb99ebf70DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
9953713c3dbed3cb25127607470c3f62Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues.
ebaabdfcf844f55e59c706f9a50b4e65Slackware Security Advisory - New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
7f69207b471201004901d7ffadce5a2fSlackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
ee1bbb1e2e224ff31d99742c4d8f1190This Metasploit module exploits a vulnerability found in Fitnesse Wiki, version 20140201 and earlier.
42f6beeb835a921ce8418c6797220575This Metasploit module exploits a vulnerability found in SePortal version 2.5. When logging in as any non-admin user, it's possible to retrieve the admin session from the database through SQL injection. The SQL injection vulnerability exists in the "staticpages.php" page. This hash can be used to take over the admin user session. After logging in, the "/admin/downloads.php" page will be used to upload arbitrary code.
63435169c72cc2d2e9cc30ef51896580Debian Linux Security Advisory 2889-1 - An SQL injection vulnerability was discovered in postfixadmin, a web administration interface for the Postfix Mail Transport Agent, which allowed authenticated users to make arbitrary manipulations to the database.
5d2a5d97f29a80e7c8532454c554b4e6Debian Linux Security Advisory 2888-1 - Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack.
50af68b6056896c76834c7995af29cedSymantec LiveUpdate Administrator versions 2.3.2.99 and below suffer from password reset and remote SQL injection vulnerabilities.
a8ff4d370b9610bdeaefb0bdd8fbb50dLibYAML versions 0.1.5 and below are affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is caused by lack of proper expansion for the string passed to the yaml_parser_scan_uri_escapes() function. A specially crafted YAML file, with a long sequence of percent-encoded characters in a URL, can be used to trigger the overflow.
ac045385785224679f4d12e08802ffedAjax Pagination version 1.1 suffers from a local file inclusion vulnerability.
182a531b5368c59241ffb27a0e1278d4HP Security Bulletin HPSBST02968 2 - A potential security vulnerability has been identified with certain HP StoreOnce appliances. This vulnerability could be exploited to allow remote unauthorized access to the appliance. Revision 2 of this advisory.
2bb75c03699ba7140c7c6bf16a9f5739Debian Linux Security Advisory 2887-1 - Aaron Neyer discovered that missing input sanitizing in the logging component of Ruby Actionmailer could result in denial of service through a malformed e-mail message.
449b4050f0ef00095fe99ff6b7f4dfceiStArtApp FileXChange version 6.2 for iOS suffers from command injection, local file inclusion, and remote shell upload vulnerabilities.
70dae1718a79ae642e94afe4649efc42WordPress HTML Sitemap version 1.2 suffers from a cross site request forgery vulnerability.
15c5fb3e31f742f1d305ea74fe6d222aGD Star Rating version 1.9.22 suffers from cross site request forgery, cross site scripting, and remote blind SQL injection vulnerabilities.
55f7f773448bb33d99953fffa9cdb37cCanon PIXMA MX722 printer suffers from a WiFi password disclosure vulnerability.
8c091c0ab4ba66491ca381b75483768cWordPress wp-business-intelligence plugin version 1.0.6 suffers from a remote shell upload vulnerability due to including ofc_upload_image.php.
08b10dacca3c19abadcf9a52eed81eceASP-Nuke version 2.0.7 suffers from an open redirect vulnerability.
320246de1354caff29a2016cda4dd56dEMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.
4fabf55ed8ae07e61947cc08474da68dLynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
7f088bca94e3449ae2d69a200dda058a
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed