iDefense Security Advisory 04.02.08 - Remote exploitation of a buffer overflow vulnerability in Borland Software Corp.'s CaliberRM enterprise software requirements management system could allow attackers to execute arbitrary code with SYSTEM level privileges. iDefense confirmed that the trial version of Borland CaliberRM 2006 (file version 9.0.809.000) is vulnerable. The actual vulnerable component is StarTeam Multicast Service 6.4. Other Borland products containing StarTeam Multicast Service component, such as Borland StarTeam, may also be affected.
159b775b557eef960fa0dbc9a097aadf2c2e86589748b24658d30310f1915c46The Call For Papers for POC2008 has been released. The 3rd POC "POC2008" is an international hacking and security conference by the Korean hacking and security community.
932686cd836df52c4fa57e9874dbe4c95e374a9094888806e5f5fcf90d496782Local account bruteforcing utility using the su command and a python module called pexpect.
a1ba2fa01159ed86d8320897547372bd2ca79ab03897ee3ab185a84d94ad292fFTPNullSearch is a FTP scanner that can scan a range of IPs looking for servers that allow anonymous logins. Written for Linux.
a91386c0c329e353023f79d969c12450058c95171a3888661eccbe4d0319d520PHP Photo Gallery version 1.0 suffers from a remote SQL injection vulnerability.
6d57f2194e7439d4efdb1ae68a2cacdba7b6f117a12c936aa0321fcf92ff511dComdev News Publisher suffers from a remote SQL injection vulnerability.
63e2b109d4c7d608aff4065e9e5f383c0ae7d31a0ee79e79ae35f7d3c23f2aafsabros.us version 1.75 suffers from a remote file disclosure vulnerability in thumbnails.php.
d9109f8ddda1da24926a15d8c751f6c7e4658db1675461c7dffd8b1322304c53Software Zone suffers from a remote SQL injection vulnerability.
01f51568e5e2e52add5dcdf460142921065b14cd257b57fbe472db3e1bd20a7fCore Security Technologies Advisory - Orbit Downloader is vulnerable to a buffer overflow attack which can be exploited to execute arbitrary code. Versions 2.6.3 and 2.6.4 are verified vulnerable.
5d3f26cc60b2acbc37303d798ced9e82dfcc36f67de4fa6c23dad8b588c86a14Blogator-script version 0.98 suffers from a remote file inclusion vulnerability.
1bcc8d033a4d8351d9fb02fce8c59219fbad029e8f5f9e1fc72c9c8942e74c83Affiliate Directory suffers from a remote SQL injection vulnerability in directory.php.
cc4920601269d60411e78372eaaef679872232aa47a7c34681f9fdb823d403edTechnical Cyber Security Alert TA08-094A - Apple QuickTime contains multiple vulnerabilities as described in the Apple Knowledgebase article HT1241. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.
1da76b6ff09c28b93a2c9aae13aae772d04f39f4df875741caffeb4f5ed76b84Cisco Security Advisory - Several products in the Cisco Unified Communications family of products contain a command execution vulnerability in the Disaster Recovery Framework (DRF) feature. A remote, unauthenticated user could exploit this vulnerability to execute arbitrary commands that may allow full administrative access to affected systems. There is a workaround for this vulnerability.
cab91d6185c7c4d7d703736fc2bb7e8b6c2c4f58e9a001803b1dbd9cf616a406XPOZE Pro versions 3.05 and below remote SQL injection exploit.
1e6928a3827bb26276b7b5d7066a4dde93d2aae961e2ebc03e0dd531102e3b5cIt appears that Secure Computing Webwasher versions 6.6.3 and below suffer form a denial of service vulnerability.
3a9136bc5f0fbf3e6e8690afbc0ac29d6f2b1e875d4926c026830c99e84da391The Joomla com_lms component suffers from a SQL injection vulnerability.
e35664abe9b055a846b17c7e948902c20e3dd3399a09d819e244cf76e51d37b3Virtuozzo from Parallels suffers from cross site request forgery vulnerabilities.
ebaad3d635c352d3c9f1ac5fc2240d69b74469fbafa8caa44dfa42135de15d11The KwsPHP ConcoursPhoto module suffers from a remote SQL injection vulnerability.
ce0c7c0cc57ad144fe209a7c02eca7b951a537295dc6393912039ad312fd5aa8The KwsPHP jeuxflash module suffers from a remote SQL injection vulnerability.
ed134c4e79ba6e5c89d3fee15702889bcf3e9d9f15700798039bd7199b612ffeThe KwsPHP Archives module suffers from a remote SQL injection vulnerability.
87e27dd1d8883deefc3c3a2931a69ed3b8c7783f527e292173b771ee61989f00The KwsPHP Galerie module suffers from a remote SQL injection vulnerability.
cc5fba6990c3e0eff38996478f0bdda997a8ffc57317020effab22da5921be9bDebian Security Advisory 1537-1 - Alin Rad Pop (Secunia) discovered a number of vulnerabilities in xpdf, a set of tools for display and conversion of Portable Document Format (PDF) files.
a2b802b314090bc3787a75eb0ebdd17fcb5b1e6f2c714ca4a4c46aa2b2d26bd4kses-based HTML filters for projects like WordPress, Moodle, Drupal, eGroupWare, Dokeos, PHP-Nuke, Geeklog, etc, have been found vulnerable to cross site scripting and code execution vulnerabilities.
9d5fb634f4e89873c5a836813b8c36aef28c608fca8b1d46aa2298d5d4586c72Secunia Security Advisory - Duong Thanh has reported a vulnerability in Blackboard Academic Suite, which can be exploited by malicious people to conduct cross-site scripting attacks.
cdf76cc0486d186228d0d033601d72b1699ef6e7fc4238e4299aa2479da17c79Secunia Security Advisory - SUSE has issued an update for Sun Java. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system.
0200dfa3475dd3311ffd3c19959ea373292d6af9c231fe52e21d5083eb5e2023
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed