SAXON version 5.4 is susceptible to a cross site scripting vulnerability.
1d43a200a24c368debf8a8e4ecee5ed36919c93f61f189dd6150d359436d3501Webroot Desktop Firewall versions 5.5.10.20 and below suffer from a DNS recursion vulnerability.
7499ce19071c898db4710e4a745d9d4bd46c353b60d884a7b6f1e0746d168c5bSecunia Security Advisory - Joey Hess has reported a security issue in vobcopy, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
b73a33229ad873d14944c1485b66cc3d03ac62ac3e6fd46a5b1a4d5adf851dd4Secunia Security Advisory - Some vulnerabilities have been reported in OpenLDAP, which can be exploited by malicious users to cause a DoS (Denial of Service).
425bef9722424c9c57b0d7b7d10ebae7ea0ba5559ab26af6f05a25863be54609Secunia Research has discovered some vulnerabilities in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to conduct script insertion attacks. Certain input passed in HTTP requests to the CAD service is not properly sanitized before being logged. This can be exploited to insert arbitrary HTML and script code into dsmerror.log, which is executed in a user's browser session in context of the affected site when e.g. viewing the log file via the web-based interface using the "FILE" functionality of the CAD service.
277de8c11d9582d8e9b98a606bb24ac192a34dc0c97ab2267b159f9843c34e82Smart-Shop Shopping Cart is susceptible to cross site scripting vulnerabilities.
6dab28de6ebe8e2ea6aa36fc03a5207632099c3f00fc85f513eb04fb2a85d6efWhitepaper discussing the prevention of cross site request forgery attacks.
f175ac2a874a9f1415a57c6ed31b6044ef783497e4f88ea01d77445b1856299eteatro version 1.6 suffers from a remote file inclusion vulnerability.
34775a535f81918b876209a41fa291526e131661c6309a39abc201f8d5e7e616Sige version 0.1 suffers from a remote file inclusion vulnerability in sige_init.php.
30739a13aa770eebaba651ec9bd3f2d8536bfd5e701bfa86035eca2333f26b3bFireConfig version 0.5 suffers from a remote file disclosure vulnerability in dl.php.
5ac06960677d27bac2d19a384d86dce491a168dc67614b7b03fbe1c5f6cea201emagiC CMS.NET version 4.0 suffers from a remote SQL injection vulnerability.
8a181bfc9e06840ffc2b5f3b2dd5b7cf282541bfd6f1e7cc7def8a1a4edf5229CaupoShop Pro version 2.x suffers from a remote file inclusion vulnerability.
9ffa13cfe6c4724fc67482f77e0c005fdd29193e08b8d7290d08d029e49af884JobSite Professional version 2.0 suffers from remote SQL injection vulnerabilities.
f3b459b9cd363e265838f28475c8ed746aefd632da148c0a1839ac48ec4e7e72GoSamba version 1.0.1 suffers from multiple remote file inclusion vulnerabilities.
88d9c984d7a14d597e6aa639d88d58779c91a8d765db21afd3472196f24ae5d5WordPress version 2.3 is susceptible to a cross site scripting vulnerability in edit-post-rows.php.
dc6c62b4cc76439a4d4ba84987a55d176a951524fe31b6b5b35f5c1198b81240IBM Lotus Domino IMAP4 server LSUB command exploit. Binds a shell to tcp/4444.
773b707809d24e3b39210ae41f67d5268fb2011eb73260a3b0f1c8900b05ac7eDebian Security Advisory 1396-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser.
8fe44bb7245d98b16367831bc25a2cdbd53ab91d169bf07f76151139fb5dac32Micro Login System version 1.0 suffers from a password disclosure vulnerability.
059b8aff0fbef904d59016996fcda6b107aa31022225b4377455fe6c5a7dd3aaNuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
9b57ab5e37cbe973145bc40283e194036c9d8690ab0f3bbcb2a67b769ad62a71Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.
f5650b01913e31cc748087063327b1d4f66cf84cf99cd1679f646e70feb16ef4Secunia Security Advisory - Multiple vulnerabilities have been reported in RealPlayer/RealOne/HelixPlayer, which can be exploited by malicious people to compromise a user's system.
7f51a4561320cef45b0b1f89c34ccb6f07815212b43fe637933bd811bc25007aSecunia Security Advisory - A vulnerability has been reported in Trend Micro's Scan Engine, which can be exploited by malicious, local users to gain escalated privileges.
ddf54763016184a36248c44ceb0461d6affe73ad8ee4a5697dfe3069835c2f68Secunia Security Advisory - Gentoo has issued an update for sylpheed and claws-mail. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
e6d5489d56885f9834f3be8020bacd14438249d65e5bfd7466118621af9362f4Secunia Security Advisory - Sipera VIPER Lab has reported a vulnerability in the Vonage Motorola VT 2142 phone adapters, which can be exploited by malicious people to conduct spoofing attacks.
fbae73ed30ca276c392cb98a4e62f418d2af551858bc3d7f7f773e698d574a29Secunia Security Advisory - Gentoo has issued an update for qt. This fixes a vulnerability, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
1b3dff07144252b989e48bdb51fcb7b1e57c736d1a180a13429edda2139b8dd2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed