Secunia Security Advisory - luny has reported some vulnerabilities in Pre Shopping Mall, which can be exploited by malicious people to conduct SQL injection attacks.
fd9ef0f9fc0377aa654ccc0c7db03e7a6fd7fa069c913fca98793e8e89f072fcSecunia Security Advisory - luny has reported a vulnerability in CMS Mundo, which can be exploited by malicious people to conduct cross-site scripting attacks.
76a1ae4defb950562e439bdfd6391a47a7ed29122565c652696b7cb3232a05e6Secunia Security Advisory - beford has discovered a vulnerability in V-webmail, which can be exploited by malicious people to compromise a vulnerable system.
3c9cfbf4abd4b99b87e728e218e119d9e8218a9926b0cbe926f8e24195f6e656Secunia Security Advisory - beford has discovered some vulnerabilities in DoceboLMS, which can be exploited by malicious people to compromise a vulnerable system.
4500dcb77866c1a7de12747fe0e18e8c32e9735cff6619e4c588485055e999b1Secunia Security Advisory - Kacper has discovered some vulnerabilities in ActionApps, which can be exploited by malicious people to compromise a vulnerable system.
b17c34a3af7bda0b712055576c7675b94883668287aa2101187cade526eb8268Secunia Security Advisory - str0ke has discovered some vulnerabilities in Basic Analysis and Security Engine, which can be exploited by malicious people to compromise a vulnerable system.
db5b24e656a549fb1f79a921e6e123b06184d198f746e4de7c0445a4ccd733f1Secunia Security Advisory - Kacper has discovered a vulnerability in the open-medium.CMS, which can be exploited by malicious people to compromise a vulnerable system.
9080e8ddfe85c07d391a26b8eecf5fa607b6ac8d644c2c11ea4333ccd7fe2feaSecunia Security Advisory - Jeroen van Wolffelaar has reported a vulnerability in Open OBEX, which can be exploited by malicious people to manipulate certain data on a user's system.
fbbfdd35cf079d480951ef9fe57094d860b5c075c258d91238967d657d5dd2f7Secunia Security Advisory - A vulnerability has been reported in MailManager, which potentially can be exploited by malicious people to conduct SQL injection attacks.
a24909e482facad647997d5c4c38f1376eca9a2b7d847e36d9ea7ea22c1ece96Debian Security Advisory 1074-1: A. Alejandro Hern
c950d477246aaa1411c089a7a5b99ff8faefe7443b45e1fd76bf6da9d7dc9eb1Mandriva Linux Security Advisory MDKSA-2006-091: An integer overflow in the wordwrap() function could allow attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, triggering a heap-based buffer overflow
7846d4113e359dc33b8a3da153d6ea6409c1d5bc10c1bd418403985c197e23f3Mandriva Linux Security Advisory MDKSA-2006-090: A potential security problem was found in the useradd tool when it creates a new user's mailbox due to a missing argument to the open() call, resulting in the first permissions of the file being some random garbage found on the stack, which could possibly be held open for reading or writing before the proper fchmod() call is executed.
33a87576086a09cc18f57d738a69d4cc0de63725b8f8554b6cf14ec4865fdcb0Mandriva Linux Security Advisory MDKSA-2006-089: Kphone creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords.
21ee06562d8588a70a2a0faef8341156f9548fe79f75c66f69cc10aaca1db028Mandriva Linux Security Advisory MDKSA-2006-088: Hostapd 0.3.7 allows remote attackers to cause a denial of service (segmentation fault) via an unspecified value in the key_data_length field of an EAPoL frame.
33fe48ff6bbf0c8125375e2a2b59eebdcff559f7f4508a091b094775e0c85b83Mandriva Linux Security Advisory MDKSA-2006-087: Memory corruption can be triggered remotely when the ip_nat_snmp_basic module is loaded and traffic on port 161 or 162 is NATed.
c7e3fc6f5f7ef2859ce7d6bc006856a8c1c6c8f2cb6b21697f9761e244d6129aHPSBUX02114 SSRT061115 rev.1 - HP-UX Running Software Distributor Local Elevation of Privilege
c0a4c15fa178f2550342cc8ce4b768373160c43634bbe732e9e6e440e2e0315aHPSBMA02121 SSRT061157 rev.1 - HP OpenView Storage Data Protector Remote Arbitrary Command Execution
5e37ca123f364566ca21d2851cfbeacc981524b30152484d8767fdc2b1c60aa2HPSBUX02075 SSRT051074 rev.5 - HP-UX Running xterm Local Unauthorized Access
531b2e434c34aa85548a21c86b70e34a6eee3f8d26e23578a32f04b0269fa1adHPSBMA02098 SSRT5911 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Access, Arbitrary Command Execution, Arbitrary File Creation
ff13eb6f569a7931ccdef20afd23cc3f2dfa54a6a6b5c316d2cf1b52ddd68692Paper discussing new avenues of exploitation for OSX systems running on Intel hardware. Details ways to execute code despite the NX bit being present.
9d18fe12fe6c0f06eef46fae37e5f916eab293d3d1e3d6cb0c09d272fb631603OpenPKG Security Advisory OpenPKG-SA-2006.008: According to a Secunia security advisory [0], a weakness exists in OpenLDAP [1] which is caused due to a boundary error in slurpd(8) within the handling of the status file. This can be exploited to cause a stack-based buffer overflow via an overly long hostname read from the status file. The weakness has been reported to be in OpenLDAP version 2.3.21 and earlier.
35b2c6e9172d541f87ce454adf0ccdedf773c8a13b249e3d6998f0e996d82829Kaspersky antivirus 6 and Kaspersky internet security 6 suffer from a vulnerability due to HTTP parsing errors in the HTTP monitor that could allow malicious software on the local computer to bypass the HTTP virus monitor.
268c19c0cb19f78740cd72d2a95993b7c5094298ce1e62a50f86ff0573425201Paper discussing the Stakkato intrusions which ultimately resulted in the theft of IOS source code released by one of the affected sites detailing how they caught stakkato.
f12d9a771f93e172c82d0cf8c134be8d0542594beb3ee7913f2f44001af575f3If the Netgear WGR614 Cable/DSL Wireless Router is configured to backup configuration settings, the device will store various information in cleartext. Accessing this file could allow an attacker to obtain sensitive information which could aid the attacker in compromising the web administration interface of the device, DSL/cable account passwords etc.
9cfbd8d261b1cb15794d7cc39039afff53588ee685db3d47a76a4b7e215c8f43The default screen saver in Windows XP and Windows 2003 Server runs as a system process. Thus if a malicious person changes logon.scr to cmd.exe or explorer.exe they can take control of the system when the screen saver runs. POC exploit included.
9e05af997c3f8dc90610177e1645b1cbb30384da557ca3ff72d1e3a6861247a5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed