SMF Forum suffers from a remote PHP shell upload vulnerability.
af92d267e0d0498fb8bb2fefe18bad4f9127e7d1a39f795c68bf7c220327e292Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges.
83d5b0dd849e4e35c44a64b9afa630d6a714b53342787478993a57b5acf5efccMandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in pdftohtml. An attacker could create a malicious PDF file that would cause pdftohtml to crash or potentially execute arbitrary code when opened.
4d617075810c4ec96a79a14e5d07d775f7c1b109e1d2b61860085c913b9cadd8Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in koffice. An attacker could create a malicious PDF file that would cause koffice to crash or potentially execute arbitrary code when opened.
00011fc59b752c2ff881ecce8c41355af5d2a961ea20a553f7f3c7603cf84abfLizardware CMS suffers from a remote file inclusion vulnerability.
18136fdeedb1693c51ebb6e0175b2a1ebecbec7d6612da0bb8b7d181084f44d9net-finity suffers from a SQL injection vulnerability in links.php.
1e9834762cce411d4daa5d8f19f1a016e8dcf4ac6a9a470d46286308a779fdeaBlack Lily 2007 suffers from a remote SQL injection vulnerability in products.php.
10d27c3875111dcee87f7f327d704768530fec0e53f4f2ec5a7f3da5ebf17b4fMySpace Clone Script suffers from a remote file inclusion vulnerability in index.php.
7afe04843a61ae7293932824751492379466cf009d0bd7570d088565b80cd474Project Alumni versions 1.0.9, 1.0.8, and possibly prior releases suffer from cross site scripting and SQL injection vulnerabilities.
ac4295d45d89f5c92cf220bd4f9ff1addec222418dbd42811ba1402402e576dcKeller Web Admin suffers from a remote file inclusion vulnerability.
3cee7ede1daf0956843c34241f0db0090d06e749e71133dd7a5353c605c47a89Ubuntu Security Notice 544-2 - USN-544-1 fixed two vulnerabilities in Samba. Fixes for CVE-2007-5398 are unchanged, but the upstream changes for CVE-2007-4572 introduced a regression in all releases which caused Linux smbfs mounts to fail. Additionally, Dapper and Edgy included an incomplete patch which caused configurations using NetBIOS to fail. A proper fix for these regressions does not exist at this time, and so the patch addressing CVE-2007-4572 has been removed. This vulnerability is believed to be an unexploitable denial of service, but a future update will address this issue. We apologize for the inconvenience.
7152013b46f108aed4a465d8f1aab00f582a6a4ba4d2f046e5d6df11f307612bJiRos Upload Manager suffers from a SQL injection vulnerability.
52dd6a238a14f3337c18b84bb44ea1d15a5c7df63e2e90fac1efa9a9b15db2a9meBiblio version 0.4.5 suffers from cross site scripting vulnerabilities.
c30ea4ba6fe05f95dec2537250049645fa32b021ce3d29b0f119716a65c10ab6meBiblio version 0.4.5 suffers from a remote file inclusion vulnerability.
dfaf6aea0c3ccad2e9015753e364f05143a301e26b2686fb8741f047e0f9fa73PHPBMS version 0.92 suffers from a remote file inclusion vulnerability.
92af085636ec08119078ad0d420be3065d58970600bee74c38f44107dbfc12e9AhnLab AntiVirus V3 Internet Security 2008 suffers from a denial of service condition that may lead to arbitrary code execution.
b9871befeef9483c9341e420a26f081ceacb053a4ca88b82547337d463e7ccb7A remote code execute vulnerability exists in Microsoft Jet Engine. A remote attacker who successfully exploit this vulnerability can execute arbitrary code on the affected system.
e7cf4a85bcd939e834d499ef01e0e78a9ddf18bbaa3e0157ef12c45a4ee602f0Apple Mac OS X 10.4.x kernel i386_set_ldt() integer overflow proof of concept exploit.
28fff85d9bc807394b4dac7391b5e4e70c442ab717724a5cc038925144f4a097Nmap Parser is a Perl module that simplifies the process of developing scripts and collecting information from the XML nmap scan data, which can be obtained by using nmap's -oX switch or from the file handle of a pipe to an nmap process. It uses the XML twig library for parsing, and supports filters.
9d0334298128787d5455454dad04b27552f3520839e3d0c215102116634f3163fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
366dbb0c9ae38973cee960408eb1a76ed6ff544f15855affaed93331face9491arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
1b0fb55cf593acdb19f00154afcd5cb12116602b98982dfac827112c8e26d4b8Secunia Security Advisory - A vulnerability has been reported in nss-mdns, which can be exploited by malicious people to cause a DoS (Denial of Service).
5dfdff2731a76c9f2513a416fadc31f5bcb0b8fb7da661d5f2054d5649a8c057Secunia Security Advisory - rPath has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).
3f842471aa8f60241c386ca0bea50e1bb6dbc393b8de74e7d3af74bda77ff82fSecunia Security Advisory - M.Hasran Addahroni has reported a vulnerability in ProfileCMS, which can be exploited by malicious users to conduct SQL injection attacks.
60f6eebd24caf90759294f17c7393864b8d2fc024c954525713e3cafd18f7047Secunia Security Advisory - A vulnerability has been reported in Lhaplus, which can be exploited by malicious people to compromise a user's system.
54391bcaac3bfc94c56888af1df42c397604fd1bb52943e84aefc13df3e31383
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed