Secunia Security Advisory - A vulnerability has been reported in Solaris, which can be exploited by malicious people to compromise a vulnerable system.
ba80317acf61549fa1ba000763d23a0b403e62a851d7b8982c39e7b4813ade85Secunia Security Advisory - Secunia Research has discovered a vulnerability in SqWebMail, which can be exploited by malicious people to conduct script insertion attacks.
1ad053470b349dca87c34c886082a6857433975098d4c7f2896b06ee6da88f8aSecunia Security Advisory - Kozan has discovered a security issue in ZipTorrent, which can be exploited by malicious, local users to disclose certain sensitive information.
4d48c1e0c6bda910f36c4a4f4538715c96741e8f9e61abf28ba30f4eecb14098Secunia Security Advisory - Gentoo has issued an update for PEAR-XML_RPC / phpxmlrpc. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
c68ae5c73bb3484b7d9a6f3d08949b59a5b64664207be7b60d3c6fd83f8d4c33Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Ventrilo Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
3a6a5f37464a1d1adb76953ca8d0ace59ac4b5ce50b67a2d15eaef0f1f41c098Secunia Security Advisory - Sowhat has reported a vulnerability in LeapFTP, which potentially can be exploited by malicious people to compromise a vulnerable system.
40c69fba7968cfedf6c107d143706e5d036148efe09574b77c7b9b0bc0fe851cSecunia Security Advisory - Josh Bressers has reported a security issue in cvs, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
a6fb98cdc04d87513dd38a94e07cfc54b32a41c483aa656414252fbdaa67bf8aSecunia Security Advisory - Fedora has issued an update for cvs. This fixes a security issue, which potentially can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
605564b0003d332ce1331e5784014d8ae937568029ad6fe3ac5d1bc08d44a5e3Secunia Security Advisory - Igor Franchuk has discovered a weakness in Microsoft Windows, which can be exploited to hide certain information.
81b756e68c6cc1b3f60c7a0ba5571b9b6c6b822b2fb3bc6c998c068642f8f83aGentoo Linux Security Advisory GLSA 200508-13 - Stefan Esser of the Hardened-PHP Project discovered that the PEAR XML-RPC and phpxmlrpc libraries were improperly handling XMLRPC requests and responses with malformed nested tags. Versions less than 1.4.0 are affected.
b392e04daac6a3131a159750ecf6640f104e46dc1e949490958e28588b03b917Debian Security Advisory DSA 783-1 Eric Romang discovered a temporary file vulnerability in a script accompanied with MySQL, a popular database, that allows an attacker to execute arbitrary SQL commands when the server is installed or updated.
0bdaf61278be5abca20b301dac437ae4001a24bd0b9e600a1bd8632d16a251e8Exploit for the Ventrilo 2.3.0 malformed status packet vulnerability.
ad0ab9cf0589c79a21541d14896eedcac439df6ebd2f779645049f293aea60c1It is possible to crash Ventrilo 2.3.0 by sending a malformed status packet.
6cb018997e473aaa91fd732430eed0e401f4cd1feee78f164f7540daf14e6263This Metasploit module uses a vulnerability in the Solaris line printer daemon to delete arbitrary files on an affected system. This can be used to exploit the rpc.walld format string flaw, the missing krb5.conf authentication bypass, or simple delete system files. Tested on Solaris 2.6, 7, 8, 9, and 10.
3865e92d6319da6652ab4c7ed8c01bd18db40efa2f58d0e789c6a8a79b4fb63dSecunia Security Advisory - Phuket has discovered some vulnerabilities in PHPKit, which can be exploited by malicious people to conduct SQL injection attacks.
d82f266f336a74620fb5e0beb194c3a5184abbbc6196aca3831ddab467dc340bSecunia Security Advisory - Ubuntu has issued an update for libpcre3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
ff26acd3f887f68ec0a47bcc150cfaf7e28cf56ecefd9c186d683ce6fe3af904Secunia Security Advisory - Red Hat has issued an update for elm. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
3e08750339bfda75bf38c6c8de95a2442dfb29828bcaf345f66061158c428530A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.
90dedc2182e9f13fe60b58ffaaf6d0166a5497e077ce7855d8e3d7e2c6b8fd3bGentoo Linux Security Advisory GLSA 200508-12 - Ulf Harnhammar discovered that Evolution is vulnerable to format string bugs when viewing attached vCards and when displaying contact information from remote LDAP servers or task list data from remote servers (CVE-2005-2549). He also discovered that Evolution fails to handle special calendar entries if the user switches to the Calendars tab (CVE-2005-2550). Versions less than 2.2.3-r3 are affected.
c3c0a5ca715423ba57ad0ed3bb8e8b0cddf7444a0020c4349015ede584102d19Javier Fernandez-Sanguino Pena noticed that the pwmconfig script created temporary files in an insecure manner. This could allow a symlink attack to create or overwrite arbitrary files with full root privileges since pwmconfig is usually executed by root.
376f85a08e46d04bd581a85bbc2d275ce2e2f13f3f55865875c59d8ef2fb241fZipTorrent stores proxy server information and password in X:\\[Program_Files_Path]\[ZipTorrent_Path]\pref.txt in plain text. A local user can read passwords and others.
f17cbabb6214be4b1a15c231b17cecd4ba1bdd923fb0449fab9505b53fb8a0daMercora IMRadio 4.0.0.0 stores username and passwords in the Windows Registry in plain text. A local user can read the values.
baac3f4238dc50049d9fc04fadf14b5bfe96c656f5abe232e2c22c30f47da2d1A dictionary based Oracle password checker. This is a useful and fast (150.000 pw/sec) tool for DBAs to identify Oracle accounts with weak or default passwords.
347557ee38aed91ccdfda881256b418152b5fc74c3ede2186cf61ff83fe5f29cLogcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
170d528a300aa2f1792277680a460ba822c427433349e63d2a245318f6e0bfa1Wepdecrypt is a wireless LAN tool based on wepattack that guesses WEP keys using an active dictionary attack, a key generator, a distributed network attack, and some other methods.
29ae072985616a0141a07e767e667cd33c917605338d37824de96c765a692333
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed