lustig.cms BETA version 2.5 suffers from a remote file inclusion vulnerability in forum.php.
1c5ce0430a7ee0d8823d612e455cf0d1f02aac4aad55020743d7ad457aca07e5Local root exploit for the x86_64 Linux kernel ia32syscall emulation bug.
8d91a3219d851d8406ae0d6bc5f4d6d08474c37d42d187149534fafa463a0295The Promise NAS NS4300N web GUI allows an administrative user to change the root password.
296acc5d1ca21ed112707b6bddc76675c50f0159dfb90a26d10bdc0466809919OpenSSL versions before 0.9.7m and 0.9.8e suffer from an off-by-one buffer overflow in SSL_get_shared_ciphers().
14554756f6b961b55d3c66f67ef71356931c21b86d987c2959039bdbdf012665NukeSentinel version 2.5.12 suffers from a critical SQL injection vulnerability.
8609aaa24647aa6d87049087ff33424aec448d0783a2661c0daf4ed2c1fddc9eSiteX CMS is susceptible to an unauthorized file upload vulnerability.
f140776b42ea2d5cfcabf66ae5f0716bd312a92afebbe27bf5a4c4df5a2838a4NukeSentinel version 2.5.11 suffers from another critical SQL injection vulnerability.
751572a1ba8344ba43dfda90368c4ff5c343d4c58e533eea361458d6dc46e8a5SiteX CMS version 0.7.3 Beta is susceptible to a SQL injection vulnerability.
af8c767f684397966c70f06cbee096e2f2b77708232e24509fb8f58e529c878fCisco Security Advisory - Cisco Catalyst 6500 and Cisco 7600 series devices use addresses from the 127.0.0.0/8 (loopback) range in the Ethernet Out-of-Band Channel (EOBC) for internal communication. Addresses from this range that are used in the EOBC on Cisco Catalyst 6500 and Cisco 7600 series devices are accessible from outside of the system. The Supervisor module, Multilayer Switch Feature Card (MSFC), or any other intelligent module may receive and process packets that are destined for the 127.0.0.0/8 network. An attacker can exploit this behavior to bypass existing access control lists that do not filter 127.0.0.0/8 address range; however, an exploit will not allow an attacker to bypass authentication or authorization. Valid authentication credentials are still required to access the module in question.
d6651fc0cc8bf0819bf2d81153fe0bf85e0cb9c2ab0437f6f9fc89515635ec02Secunia Security Advisory - Multiple vulnerabilities have been reported in CA BrightStor Hierarchical Storage Manager, which can be exploited by malicious people to conduct SQL injection attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.
b461d1e5ecc771fdd90f59f243295e79fadf35bc18f4afefc0bdb4a01eda47cfSecunia Security Advisory - A vulnerability has been reported in Tk, which can potentially be exploited by malicious people to compromise an application using the library.
7f002ff61cb57432bfcb29358ef622285c571bc5c3a8b90f0345c43e285222b6Secunia Security Advisory - A vulnerability has been reported in F-Secure Anti-Virus, which can be exploited by malware to bypass the scanning functionality.
de337fc1ad94451b2eb6fdbb7dbb4b9190386a76e98204c20d37af7e82a16978Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
97fa56eaa7750e7d9c0334a48a1d2a38088b450494436af198d37bc1fbc72358Secunia Security Advisory - Janek Vind has reported a vulnerability in NukeSentinel, which can be exploited by malicious people to conduct SQL injection attacks.
08938adc26314af660ce3f339b2ee5f12e35034810123632fb3996941338744fSecunia Security Advisory - darkbunny91 has discovered a vulnerability in FlatNuke, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b0b1550286eb47292113702a8c793bc447e0f11bdefe1b1327387d0bfe42046bSecunia Security Advisory - ka0x has reported a vulnerability in Novus, which can be exploited by malicious people to conduct SQL injection attacks.
e1bc24b31078749269a778054bb85e1a3dedf26d1bee7147f6c2152765d4e523Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to compromise a user's system.
ca80778767aa4a47eca7d79df63573293bfcafca4c65cdb1f1f4f91c4b935581Secunia Security Advisory - Joris van Rantwijk has reported a vulnerability in Xen, which can be exploited by malicious, local users to gain escalated privileges.
14574d403753aafab6106d8a71731c0d61c8accf15d897e3eba9bb1221a2640aSecunia Security Advisory - A weakness has been reported in Cisco Catalyst 6500 and Cisco 7600 series devices, which can be exploited by malicious people to bypass certain security restrictions.
a8e7b689ea5465eb9233edadb6e50456d150afe3e3f928b7c9c56ab627f6341dNetspear is a web based database backend for nmap. It comes with an nmap patch for 4.01 and 4.20 nmap written by esko and updated by The Finn. Netspear allows scan data to be inserted into a mysql database and hosts searched for by service, by daemon and by version of daemon. It also comes with a few reports about the data collected.
a3fc42f79a82a02347751972276fd68ca5f6e1045e48bdefdc2ab35c28693553Multiple vulnerabilities exist in the CsAgent service that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. The first set of vulnerabilities, CVE-2007-5082, occur due to insufficient bounds checking in multiple CsAgent service commands. The second set of vulnerabilities, CVE-2007-5083, occur due to insufficient validation of integer values in multiple CsAgent service commands, which can lead to buffer overflow. The third set of vulnerabilities, CVE-2007-5084, occur due to insufficient validation of strings used in SQL statements in multiple CsAgent service commands.
363a6e7d492038cdb02283292599822fec694fd384becbbaf92e0cbd416cee51Debian Security Advisory 1343-2 - The Debian 4.0r1 release contains a file package with the same version number as the last security update (4.17-5etch2), potentially overriding it. This security advisory reissues DSA-1343-1 with a higher version number, to ensure that its changes remain in effect. The changes from Debian 4.0r1 (which fix a minor denial of service issue, CVE-2007-2026) are included as well.
ea0fc63b398d84b59eb9945442c58506846b3adab43f0bee2dba81453354abf6Novus version 1.0 suffers from a remote SQL injection vulnerability in notas.asp.
50a76b4ed1c9608d23df481ff0f1d9d4bb3cd589902cc023a86924d43fd7d685Softbiz Classifieds PLUS suffers from a remote SQL injection vulnerability.
07fde2e11390bc86f1310e2f8a1f79bcd88673d1b2d3028fc14280dbc240b12fFrontAccounting version 1.13 suffers from remote file inclusion vulnerabilities.
ce85cf5a956552aad728522d06b7fbaf888fc241607d0424c5c99ac80293f921
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed