OTRS versions 1.x and 2.x are susceptible to cross site scripting and blind SQL injection attacks.
29a93f181ca50c41c945c33f389fbc58031fd5070257f52be573f16df9624226
VHCS version 2.x is susceptible to cross site scripting attacks.
a64c886730a27fa7f9e5d60cb54bd223035aa6ac5fd5675faa7317d401c18841
PmWiki version 2.0.12 is susceptible to cross site scripting attacks.
bb96806a02efeecb8751569e66d53ea1c75ed55feba3ba0f94f4ddad337c08d4
Gentoo Linux Security Advisory GLSA 200511-20 - The Horde Team reported a potential XSS vulnerability. Horde fails to properly escape error messages which may lead to displaying unsanitized error messages via Notification_Listener::getMessage() Versions less than 2.2.9 are affected.
7ebef673b27c012b971fcbae4070ca3b871054fb16b88431d3559f21f4d41b6f
Gentoo Linux Security Advisory GLSA 200511-19 - Eric Romang discovered that eix creates a temporary file with a predictable name. eix creates a temporary file in /tmp/eix.*.sync where * is the process ID of the shell running eix. Versions less than 0.5.0_pre2 are affected.
9415603e285f21d002329073e8ed42933a1a87829bc8eef8b7e44193bd9d641f
Gentoo Linux Security Advisory GLSA 200511-18 - Christopher Kunz from the Hardened-PHP Project discovered that phpSysInfo is vulnerable to local file inclusion, cross-site scripting and a HTTP Response Splitting attacks. Versions less than 2.4.1 are affected.
a2eb56e477d316f99adc9e1880904b41b2c54d04f5f0cf82b00ae616aeb6c502
LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry handlers, so it does not modify sys_call_table, or IDT content. It hide files, directories, and processes. Hides chunks inside of files, gives remote reverse_shell access, local root, etc.
607c945eb9e8b7760b860b7afda9a0934239a23077685c3bdc98f93518e535f0
Horde MIME Viewer versions 3.0.7 and below suffer from a flaw where gziped content is not sanitized before displaying it. This can allow for cross site scripting attacks.
fc46fac339a1d85ce05f960d9ca898b2d145c07ba3b55e492ac85383ebc2dff1
Gentoo Linux Security Advisory GLSA 200511-17 - Thomas Biege discovered that fusermount fails to securely handle special characters specified in mount points. Versions less than 2.4.1-r1 are affected.
c252bb62a986e19acfbebfd92e33923b03bb4904985592643fe4b7762aa8fb41
Cisco's response to Arhont's advisory and exploit the demonstrates a denial of service condition in various PIX instances when they receive a packet with an incorrect checksum.
ce2995625fd3b7cd09a8eb02aba41379c1300fd48226a4c5362a44697d3364c6
Wesley is a fake DHCP server that implements various features like invisible redirection of connections and MAC filtering for singling out a specific host or not replying to DHCP requests from security scanners.
4141b12cdfa4abc4b138353a5f8f09ad7ae2721a53d307cfb78905670c2d665c
PHPP version 1.0 is susceptible to cross site scripting vulnerabilities. Exploitation details provided.
9f0b93533446c6334581e450749eed571af105c4644900f436f6f35f2981af5c
Ubuntu Security Notice USN-219-1 - Multiple kernel vulnerabilities have been addressed with the latest package from Ubuntu.
045e59159fd1cda08678fa6a7124b2cf04462677b694178973f8aa5f530676e5
Remote denial of service exploit that makes use of a blocking feature in Cisco PIX 515E OS version 6.3(3).
7c07d9ecb298f2f95f46e5e969afcb9cb1a27c7b2e68bc042e1e63fd45406c5c
Cisco PIX 515E OS version 6.3(3) is susceptible to a magic packet denial of service flaw.
aa7e0dd9168a55e03e21896b95dd87cc1909bc95d71f1e5a09529f206d9ab566
Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the shell script used to launch Opera parsing shell commands that are enclosed within backticks in the URL provided via the command line. Versions below 8.51 are susceptible.
7f5c14bdc2019e06d48256414bf2ea131c5f04ec0912f9ea8a1ed800db6da6a1
Torrential version 1.2 is susceptible to directory traversal attacks.
c7bf8e3081823b5976ffb184e97f79a21ce20602f215062939de5c7fbd892b2e
Host Fingerprinting and Firewalking With hping - This paper discusses some of the techniques that can be effectively used in host fingerprinting, especially when a host is behind a firewall. Various tools are discussed with hping as a primary focus.
4551fc357bc99a5d90e564c450d8eddd4597186a144d53e9b6e875d61830337f
Secunia Security Advisory - Alex Wheeler has reported a vulnerability in Panda Antivirus, which potentially can be exploited by malicious people to compromise a vulnerable system.
94c37f62a2e55774224e350e883fb224940800087ae012b5c02400e078951ab5
Secunia Security Advisory - Debian has issued an update for gtk+2.0. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
6a58a3ddfe5cdae8bd9d75f31353bef72f090441f3df323ad9a4efd0f3854818
Secunia Security Advisory - Pasquale Minervini has reported a vulnerability in QNX RTOS, which potentially can be exploited by malicious, local users to gain escalated privileges.
79c7ab6eb31fbc29ad2ac38707be4b345c0611a0d1ba622fc092cd41f97ad728
Secunia Security Advisory - KingOfSka has discovered a vulnerability in N-13 News, which can be exploited by malicious people to conduct SQL injection attacks.
f8386bfd63b64538080ff30cb654ceb12a09db8fb51f049e9daf7f71aa17e1f7
Secunia Security Advisory - rgod has discovered a vulnerability in Xaraya, which can be exploited by malicious people to disclose and manipulate sensitive information.
027f7277934ae7e6f5d44a6be3ce016e911521f67971a77d722650458ac2b670
Secunia Security Advisory - info has reported a vulnerability in ASP-rider, which can be exploited by malicious people to conduct SQL injection attacks.
4ed59267d5fb1932a0f57deb2b6b677ac7c66468d3dd876b40c210281c749841
Secunia Security Advisory - r0t has discovered a vulnerability in O-Kiraku Nikki, which can be exploited by malicious people to conduct SQL injection attacks.
a7c7dfd9cf6d73aa63f00ba3f513887360a96b78612b11ff57f3c342c4d41bdb