Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and retrieve a user's files.
1ccc89b51dd2864d985b7f3e3c5aecb730ab0e3b0d9552b80db5b2f807eeeb00Product Cart 2.6 is susceptible to a SQL injection attack.
1a7a0193f797f2414538f0d22427694af75bdc11429f381d7e35ea32387f411c@Mail 4.03 WebMail for Windows and 4.11 for Unix variants suffers from multiple cross site scripting flaws. Detailed exploitation provided.
e7d45ee0b78d0b31102938dd2bfec6cb78c5dc938ca19586df1e1abc829b6175NGSSoftware Insight Security Research Advisory - HP OpenView Radia Management Portal versions 2.x and 1.x running the Radia Management Agent suffer from a remote command execution flaw via a directory traversal. By connecting to the TCP port and sending a crafted packet, it is possible to traverse out of C:\Program Files\Novadigm and run any executable that is located on the same logical disk partition.
7cb720055d0a9def2c53bdea7b3ee97ae5cad852628a3a71f3790a7d689c41d5HAURI live update suffers from remote file download and execution vulnerabilities.
8660e9e5bc91f7d58a77d85284653089f929ee327c8d874075220bc19d50efdcGentoo Linux Security Advisory GLSA 200507-27 - Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.12 are affected.
87617aafa02091df595ab6db40815b529e291cd56660a694f24bb48cd1578324Secunia Security Advisory - Leandro Meiners has reported a security issue in Lotus Domino, which can be exploited by malicious users to disclose certain sensitive information.
243c1fb55b43dacf0771d9357f36c4fbd9beb9384b47449964bcb8b27ef18c67Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files.
abb0618aa145cdd7bf0d2afb3b38a3b305a05bd0be854828da1155a4eeed9de1Secunia Security Advisory - Yun Jonglim has reported a vulnerability in UnixWare, which can be exploited by malicious people to cause a DoS (Denial of Service).
0f07b51b103ff9ef10c0fbe1da4f791a4bb774da3895e301057ad6a51ae1d019Secunia Security Advisory - A vulnerability has been reported in FileZilla Server, which can be exploited by malicious people to conduct a DoS (Denial of Service) or potentially compromise a vulnerable system.
4a50864d577470543713ddff631923c3f3a313e0c742c823ef44f7c552ae902eSecunia Security Advisory - Joxean Koret has reported some vulnerabilities in GForge, which can be exploited by malicious people to conduct cross-site scripting attacks.
af2410d1397932e2aff5cc2b4deba247e7eb224248af31e5d7dd3fccc8ba697bSecunia Security Advisory - A vulnerability has been reported in MySQL Eventum, which can be exploited by malicious people to compromise a vulnerable system.
b24203254f3a8dbcecf99a870efbdf7e619a52685d6f9ae757ee77f804520da2Devolution Security is a video surveillance system for Linux based systems. It supports up to 16 cameras and features unicast and multicast broadcasting, a Web interface, an X11 interface, themes, motion detection, record on motion, eight different camera layouts, camera cycling, fullscreen mode, and more. Devolution Security uses its own toolkit (dtk).
8a4872181387842214e8960c30b50482b80b892477c0cc52bb4ff4d2a1e60890Sinister is a reverse engineering utility that allows you to manipulate executables' memory images.
67608cec90b231795aa1040d1484736b43693e7ebc6f2de348c8d691e4069133NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
a6f36c1bd5f13f1d9b28c0359dbdab4e91556f82a833dc0affca11d7f8fd6bf8Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
66d61aaafcd681dc8e88918cb9de12b63b67f78a6c5cf48b6e9f2de55790903dKismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. Full changelog here.
6d8fba697a72b26c3cd889f59462e5acd3fc544eb0d84cd37fabe6d2203ee203GNU Mailutils imap4d version 0.6 remote format string exploit. Tested on Slackware Linux versions 9.0, 10.0, and 10.1.
401bc6296bf7e0cad8ec471e000d36ed641cd07f6b35a73673bd4b9fb17f3e30Debian Security Advisory DSA 768-1 - A cross-site scripting vulnerability has been detected in phpBB2 that allows remote attackers to inject arbitrary web script or HTML via nested tags.
17296a07f9fba6b5c5f9faf1471bdb2a29cf1904a453fd429c18ffc14e85d298Debian Security Advisory DSA 767-1 - Marcin Slusarz discovered two integer overflow vulnerabilities in libgadu, a library provided and used by ekg, a console Gadu Gadu client, an instant messaging program, that could lead to the execution of arbitrary code.
731eacaf7aa145a94852bb7f67e1228edc4c06417f2f52ce69534cf0eca41cd9Clever Copy contains a flaw that allows for unauthorized reading and deletion of private message from other users. Versions 2.0 and 2.0a are affected.
cee6aa9d03d9edb950fbb011536da583d407b1e927dcf7183fbede8e4b96685dFreeBSD Security Advisory FreeBSD-SA-05:19.ipsec - IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator.
9d75e7d220ed1f61f09ae93e44a8e0ba4c60a6a4d11ff8f03cc972a6df79b6eaFreeBSD Security Advisory FreeBSD-SA-05:18.zlib - A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges.
b2d40ae5f59903bd6c1b0e96942c8b40d5b7c0070b211d4957535d4b74ee339cClever Copy suffers from multiple cross site scripting and path disclosure flaws. Versions 2.0 and 2.0a are affected.
f8361167214508e7b7908f034dc5d4028f06638ffdf5ed43ac11e033d97286fbBMForum Datium! 3.0 RC1-4, Plus! 3.0 RC1-4, Plus! 2.6.1, and PlusMX 3.0.0.5 all suffer from multiple cross site scripting flaws.
d3b2143c60bb09f3023734011cae42cd0b588014515e61c578f8f0df1bd2bcdc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed