HP Security Bulletin - Potential security vulnerabilities have been identified on the Secure Sockets Layer (SSL) and BIND running on the HP Tru64 UNIX Operating System that may allow a remote attacker to execute arbitrary code or cause a Denial of Service (DoS).
0797a1c3b43486be060117b3832720006fb08eef29b1802532b5a91390b0e977The Netsprint Toolbar version 1.1 suffers from a denial of service vulnerability.
e9cc9e4665886779c1953810e27ff4a64ac57889d1f0144271ec14580c46166eGentoo Linux Security Advisory GLSA 200704-15 - The driver does not properly process Channel Switch Announcement Information Elements, allowing for an abnormal channel change. The ieee80211_input() function does not properly handle AUTH frames and the driver sends unencrypted packets before WPA authentication succeeds. Versions less than 0.9.3 are affected.
343f8db2facb368991d622a79eff6bb11b725ee838aa62bdad50a14b3fc194aeGentoo Linux Security Advisory GLSA 200704-14 - The Coverity Scan project has discovered a memory leak within the handling of certain malformed Diameter format values inside an EAP-TTLS tunnel. Versions less than 1.1.6 are affected.
394f9353978046dede907c0190926b1d878b6ee2d2f4d59d8381d69442dc267bGentoo Linux Security Advisory GLSA 200704-13 - Conor Edberg discovered an error in the way file processes a specific regular expression. Versions 4.20 are affected.
2506972ff6adf0795259bcdd54431de17a9b2daaf796592e4910ec97337c5c94Microsoft Internet Explorer version 7.0.5730.11 is susceptible to a denial of service condition via a malicious script tag.
32587f15bbb42c74cfa9fc2813a6618500bf3892730f92d4f3161e81ef007b14webMethods Security Advisory - The Glue console versions 4.x, 5.x, and 6.x are susceptible to a directory traversal vulnerability.
1795c892370d4d75c63b2185e944366a2dbd06d9713f1d99bba0062600db2acfMy Little Forum version 1.7 suffers from a remote file inclusion vulnerability.
32b75d8fab68aff268bcf050430e9d7e0b7c208f03830687f959279d986d2288My Little Weblog suffers from a cross site scripting vulnerability.
f6259cd62a61d40b04037f38286cd61dbae8934bc090bc1bcda31b63f7b1e24bGizzar is susceptible to a remote file inclusion vulnerability.
96f9df24b82a983366e25ea652b8c844c03dbef65f4bade8e2e5b4c2501d3c63Symantec Vulnerability Research SYMSA-2007-003 - Macrovision InstallAnywhere packages include an XML project configuration file named InstallScript.iap_xml. This file controls the behavior of the installation process, including verification of a password and/or serial number (if applicable). Upon starting an installer, a directory is created in temporary disk space. This directory contains multiple files, including a ZIP archive that contains the XML project file. A LaunchAnywhere executable is also created during the installation process and is used to launch the actual Java application installer. It is possible to bypass serial number and password controls by creating a copy of this temporary directory, extracting a copy of the XML project file from the ZIP archive, deleting the relevant serial number or password verification sections from the XML project file, replacing the modifiedXML project file in the ZIP archive, and then manually starting the installation process via the included LaunchAnywhere executable.
8d6368a7a5dc6be2dc66cb1a63b2011fe58892345e2214f89c6ca919ad835e5bThe Web Application Security Consortium is proud to present 'The Importance of Application Classification in Secure Application Development'.
d9a32f3b781c2f938c1a1a50aa3c7ef46d1a0c0fc3e0c42a284172f4b791baf9Secunia Security Advisory - A security issue has been reported in ProFTPD, which potentially can be exploited by malicious people to bypass certain security restrictions.
c01a87714715d33ceae32e75142de8f22b0578704b0118d23ee57fbd5255daeeSecunia Security Advisory - Janek Vind has discovered some vulnerabilities in the vWar module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks and cross-site scripting attacks.
4cd51ea0c6dc61597e0952cc5409c10f1e6ac8c4fa8c6720e1bcbea500a3c587Secunia Security Advisory - A vulnerability has been reported in McAfee e-Business Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
99b27977a57fe57bca8af98d125652317d4ff2546fb193ba8c7cfbcc1492dae1Secunia Security Advisory - Dj7xpl has discovered a vulnerability in Anthologia, which can be exploited by malicious people to compromise a vulnerable system or to disclose sensitive information.
a9e8fecb7495a926864c2f82a6b8b3f4c8f10b5832e226ed5c8d21af40ba12f1Secunia Security Advisory - A vulnerability has been reported in McAfee VirusScan Enterprise, which can be exploited by malicious people to cause a DoS or to potentially compromise a vulnerable system.
3bcfa028e2195c30df4ae002ca14d88e4ed8e8792a7cdebe5145e6a1d4945d3bSecunia Security Advisory - Gentoo has issued an update for freeradius. This fixes a security issue, which can be exploited by malicious people to cause a DoS (Denial of Service).
92b512e832ae1b8c1031675f9a44f83f120b198a01600037cb4bc5bd639387a3Secunia Security Advisory - Gentoo has acknowledged a security issue in file, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
8f5b3e078d374a57fcdcb74aa72a34eab8c5448f18fb8a13326305584a97cdeaSecunia Security Advisory - Frank Dick has reported a vulnerability in Sun Solaris and Java Web Console, which potentially can be exploited by malicious people to compromise a vulnerable system.
aab8f7b6f709fa2c9b4832a57b1327b2f7149e1572fc420dd2463b291cb79aaeSecunia Security Advisory - Multiple vulnerabilities have been reported in various Oracle products. Some of these vulnerabilities have unknown impacts, while others can be exploited to bypass certain security restrictions, cause a DoS (Denial of Service), conduct cross-site scripting and SQL injection attacks, or potentially compromise a vulnerable system..
f7594422107013c718f4ff693f13e561177051323df8f417767693434f822e5aSecunia Security Advisory - HP has acknowledged some vulnerabilities in HP Tru64 Unix.
baec090982eff47b1e173b6f5facafc62d7be7503bf10e6c9d84363c7005ea3bSecunia Security Advisory - Gentoo has issued an update for madwifi-ng. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of potentially sensitive information or cause a DoS (Denial of Service).
e9a420869e1cbd8238df1989ce21a5d5528b04b573b334dc793e79ca0e2ad783Secunia Security Advisory - Patrick Webster has reported a vulnerability in webMethods Glue, which can be exploited by malicious people to disclose sensitive information.
b810a68ea25ef5207cfb4c0b679f2141094c8463fc96e1e81c7a40def17aa351Secunia Security Advisory - Gammarays has discovered a vulnerability in ShoutPro, which can be exploited by malicious people to compromise a vulnerable system.
6122a4de92284452fd0ff0c49ec9c3116f9716d55aae779d693c6b703d93d4d9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed