MttKe-php version 2.6 suffers from a cross site scripting flaw.
acb4fa8dc82c4238ba81970d67aea5492f38fd1851e06cd86f85f1d24926c94aA vulnerability exists in Firefox versions 1.5.0 through 1.5.0.3 and SeaMonkey versions 1.0 through 1.0.2 that allows attackers to execute arbitrary code on vulnerable installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
92ff76589f52b7f12a99064f622ee16a1fcf346cee16f9c98a1edf93b848a97cDebian Security Advisory 1125-1 - Several remote vulnerabilities have been discovered in the Drupal web site platform, which may lead to the execution of arbitrary web scripts.
d33d79b369ff9056d0cb5795b4f5bb0d5be992bd5fb933073859c9c6f9010aeeA cross site scripting flaw exists in www.uni-bocconi.it.
01afd36320e7137c012b0f6187b3fc939002234e9a3d9a5782748b832de29868Debian Security Advisory 1111-2 - It was discovered that a race condition in the process filesystem can lead to privilege escalation for the Linux 2.6 kernel series. The initial advisory lacked builds for the IBM S/390, Motorola 680x0 and HP Precision architectures, which are now provided. Also, the kernels for the FAI installer have been updated.
29d04f30390e5c6a5457d0a7c7fb811303f7b8c1e81d94df734664be018dbfadThe Zyxel Prestige 660H-61 router is susceptible to cross site scripting attacks.
1720b41ae93ce1a113b3fb90b64a501944eec9577df00c122f4d1cd03ac285f3SUSE Security Announcement SUSE-SA:2006:042 - A slew of kernel related vulnerabilities has been fixed in SUSE Linux for the 2.6 series.
4c8c22343a9c6f45ba441423e790535d6fa953e7a4733a9309a92d7c98856860OpenCMS versions 6.2.1, 6.2, 6.0.3, and 6.0.4 are vulnerable to multiple access control and input validation vulnerabilities. Other versions may be vulnerable as well. Authenticated users can perform attacks allow arbitrary file access, viewing the source of JSP files, the uploading of malicious files, and more.
dae1da08286e5fcadd45f3c2651460bce4ec4265bc744b87f052a7a66a30c060NTA Monitor discovered a denial of service vulnerability in the Cisco VPN 3000 series concentrator products while performing a VPN security test for a customer in July 2005. The vulnerability affects Phase-1 of the IKE protocol. Both Main Mode and Aggressive Mode over both UDP and TCP transports are affected. The vulnerability allows an attacker to exhaust the IKE resources on a VPN concentrator by sending a high rate of IKE requests, which will prevent valid clients from connected or re-keying. The attack does not require a high bandwidth, so one attacker could potentially target many concentrators. This mechanism behind this vulnerability is similar to the well-known TCP SYN flood vulnerability.
be9e71e7ed762a62e165c493b33ebe9e8bc248cea205d65985b9212c0de7e083Secunia Research has discovered a vulnerability in AutoVue SolidModel Professional Desktop Edition, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of ARJ, RAR, and ZIP archives. This can be exploited to cause a stack-based buffer overflow when a malicious archive containing a file with an overly long filename is opened. Successful exploitation allows execution of arbitrary code. AutoVue SolidModel Professional Desktop Edition version 19.1 Build 5993 is affected. Other versions may also be affected.
e93adff3a8f625d54d58dc9486926383f88de6f10f23d5b6f9a008feef926f49Ubuntu Security Notice 320-2 - USN-320-2 fixed several vulnerabilities in PHP. James Manning discovered that the Ubuntu 5.04 update introduced a regression, the function tempnam() caused a crash of the PHP interpreter in some circumstances. The updated packages fix this.
2198394c03ebd4c25f5b37e6da9b26b5af15075834b194d7361046b1ac0d0df8wwwThreads is susceptible to a cross site scripting flaw.
b918e8da64c073df3ba9b7ebcd73b0658c6434e65b75187c42e97232c5a1f1e3PHP-Auction suffers from remote SQL injection vulnerabilities. Details provided.
4bcaa056a2db57b12c72521e1c7d8378c28b9c2f996e414d7caf92ba0710a23cUbuntu Security Notice 323-1 - A massive security update for multiple vulnerabilities in Mozilla has been released.
5bac46201d85b7d87564a81483d060451294ae059915c3f5ed9d49a994560665PHPProBid version 5.24 suffers from cross site scripting and SQL injection vulnerabilities.
f5ef7e02ab1a6140ee161214fe9d3c5a9d1bf4a4f077e96fbfa3e228b7e4c311OpenPKG Security Advisory OpenPKG-SA-2006.014 - Brian Caswell from Sourcefire discovered vulnerabilities in OSSP Shiela, a CVS repository access control and logging extension. The vulnerabilities allow arbitrary code execution during CVS file commits if a filename is specially crafted to contain shell commands.
651a47962b4a17cf094ec8d6a0a5335125974ff1d48fa54c362051e4b58cf1c3An arbitrary code execution vulnerability exists in PowerArchiver version 9.62.03.
be1c7f5acea357664b1372470353015f39b13264a61266b84630702156f1c79cA buffer overflow exists in Midirecord version 2. Proof of concept exploit provided.
886784e049f1a5102e35911ca2cea4f6e4df504f06264a9a6709c32107a3783cEtomite CMS versions 0.6.1 and below remote command execution exploit making use of rfiles.php.
f32148cfde5038ca39dc41c079d83a1c70f26109c9fdb480d1b79b8fbb729cadSecunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system.
ca910b5e37e9b7f2457130bcc74c4501716cae92c7e6c40a020f4c920fc00416Secunia Security Advisory - A vulnerability has been reported Heartbeat, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
98af680579b0b8d507a1f05da143f6235c24ea406e73de0898a881772016a33aSecunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), bypass certain security restrictions or potentially gain escalated privileges, and by malicious people to cause a DoS.
7a82853b54522fefb083f40da3d38d29650120bfab7abd9fcb4188ac06a64de1Secunia Security Advisory - Michael Freeman has reported a security issue in Opsware NAS, which can be exploited by malicious, local users to disclose sensitive information.
cf8b221676625bf42b3997ffb8ce768bf7608be7fb2e48d0163c72153d3af569Secunia Security Advisory - Meder Kydyraliev has reported some vulnerabilities in Alkacon OpenCms, which can be exploited by malicious users to conduct script insertion attacks, disclose certain sensitive information, and to perform certain actions with escalated privileges.
a3c15c12ef56e3386b53a6768224b565aea243b221c32f6c784f4656643df6b2Secunia Security Advisory - Pete Foster has reported a vulnerability in Check Point VPN-1/Firewall-1, which can be exploited by malicious people to disclose certain sensitive information.
b43e80b240a8faa650171b47744530fb347304c253bd55d1050e9a5ae1d178d5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed