Ubuntu Security Notice USN-337-1 - Damian Put discovered a buffer overflow in imagemagick's SGI file format decoder. By tricking an user or automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges.
b0a994a1d3a25e132895df0d702e1195e96cffaef8cbdc41935e7d54f1d1e857
Ubuntu Security Notice USN-336-1 - A buffer overflow was discovered in gas (the GNU assembler). By tricking an user or automated system (like a compile farm) into assembling a specially crafted source file with gcc or gas, this could be exploited to execute arbitrary code with the user's privileges.
38d939b17fa0214853a1addeae072d2362df1352902572dc53c468af9a186a85
CubeCart versions 3.0.11 and below "x_invoice_num" blind SQL injection / admin credentials disclosure exploit.
5e9a928c7148b01b50cad53afece6f67472f69766063fd0ca94325e988350bad
CubeCart versions 3.0.11 and below "oid" blind SQL injection / admin credentials disclosure exploit.
b0668df87bb7d60eceafe98ac84e2fe759a486ec5184e33da418856352982331
CubeCart versions 3.0.11 and below suffer from cross site scripting flaws.
fd87e86a0f7bedddd0d3276475643923cdef6f516abe98d1222d6d97efeb0050
A security issue exists in Telmex, Mexico's largest ISP. Advisory is written in Spanish.
a8606b5409713925372cb4cd6c17c3410f853be40afebe9a4b2fa39615b5c2f2
41 byte shellcode to flush iptables for Linux/x86.
df755db433463f4873e6b1571f278daa6a3415a152f0a9a9e69bb8aa3b2ae13e
eEye Digital Security has discovered a security vulnerability in IBM's eGatherer ActiveX control. This is the second vulnerability found in this control by eEye Research, the first being from Drew Copley. This control is typically installed by default on IBM workstations and laptops, and is used by default for auto-finding drivers/updates on IBM's/Lenovo's support site.
9c84908e1b617bcd8bdf8c955b46130747f8f7e108a5d3bf442c32fe17b7a573
discloser version 0.0.4 remote file inclusion exploit.
441c63bfd7d275fdcf07c50ed311f71e153edaace28bc89f405a0cf4fbae23d7
Mandriva Linux Security Advisory MDKSA-2006-143 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program.
4ea8be5cbf740393a2e029272fa3cb4f90a624cde42c0cf0a7fc0f010f1b3f12
Formal write up discussing how arbitrary HTTP requests can be crafted using Flash 7/8 with Internet Explorer.
255a3d2253e2f6988647d919e94f2316e545debac79aa3bd39fd8c4906113f23
Symantec Security Advisory - Symantec discovered a security issue in Symantec's Veritas NetBackup 6.0 PureDisk Remote Office Edition. An unauthorized user with access to the network and the server hosting the management interface can potentially bypass the management interface authentication to gain access and elevate their privileges on the system.
8e974c7fc009ae3e7308711422221b19beca99e579c11126f553bda2721afcd1
Symantec Anti-Virus Corporate Edition clients controlled via the Symantec System Center Console do not follow the "Download product updates using LiveUpdate" setting.
7f8bf6003e1c7290c318f9ecbc1ba7b2b429be7b939001daa508fe0ee2062c11
There is a vulnerability in Microsoft Terminal Server when an application is specified for the user instead of a full Windows Desktop. It is possible to easily cause an error in explorer.exe and to gain access to a full Desktop. This is an issue for anyone publishing applications through TS to domain users who also logon to full desktops either on the TS or on another machine.
d64c9d402f1bb8e25e76432b26bcff82f0808bc359afaae44e10c6fe851b3e67
The Reporter Mambo component suffers from a remote file inclusion vulnerability.
b90399a04651b723f8945dc9811db4f71474e870391e69d0c9a8b5aa8aa4e7db
Ophcrack is a cracker aimed at NT-style (LANMAN) password-hashes. It uses a large precomputed hash database to crack the majority of all passwords within a matter of seconds, rather than hours or days as would be the case if you search the entire likely keyspace each time you are looking for a specific password. This type of cracking is based on a technique referred to as "rainbow tables".
b8ad977b2c1835f6ce705ef6c2faf13a0dbf98445b72b60c7697fb5077503a3d
PHP versions 4.4.3 / 5.1.4 and below local buffer overflow exploit. Yields webserver uid.
76d2a73f8fb3743433f837c194707701127c12b5166a020c2396aef7f6d354a4
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in search.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
26c3ceb148d5508570a99beb7063062a83fe03cece6d91d209c274554ed67c30
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in index.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
7c57bc41e7ce313d1d89a5dbbcc9d4f11333e6aa61b26698f67ec4ec0f4dc009
Accessing Java Clients with the BeanShell. This whitepaper goes into detail discussing the assessment of Java applications utilizing the BeanShell.
d88b3a4015272cba9306c073c84c23f81966ed4e83fa15e3f4ca6721bd9b240e
Ubuntu Security Notice USN-335-1 - Yan Rong Ge discovered that heartbeat did not sufficiently verify some packet input data, which could lead to an out-of-boundary memory access. A remote attacker could exploit this to crash the daemon (Denial of Service).
10b5c007fe31344262afb6cdf2244273a82b0015a9dc9facad3621e9b7c8e64b
The Mambo com_lm component suffers from a remote file inclusion flaw in archive.php.
75f3b3cbc3c4293082b46dbddecf0819b0ee2c354e3e0998ace5cf6a4dbd27b9
VMWare version 5.5.1 suffers from an arbitrary partition table deletion issue with Windows.
7f917510e7dbb12bafe725f2b5e7efca1f35f44bc7b1882ac3c14a764e7a76cc
Ubuntu Security Notice USN-334-1 - Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid() system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid() to fail via resource starvation. In that situation, the tools will not reduce their privilege levels, and will continue operation as the root user.
12f66fc37c6dc081c7884cf969144db2f616dc6f0bb1fe070d82c2b129fcea1e
CPanel 10 is susceptible to multiple cross site scripting flaws.
a2146f8cb3e35cb7189d1e023df78bf1089c9012c2a5c1f2211ee45d4720cb50