Secunia Security Advisory - SUSE has issued an update for openssh and opera. This fixes some vulnerabilities and a weakness, which can be exploited by malicious, local users to disclose potentially sensitive information and bypass certain security restrictions, and potentially by malicious people to compromise a user's system.
946028e133ff1201b1b04488c094fa1ffe0ed0cfbf793bbec5a32a69fe788147Gentoo Linux Security Advisory GLSA 200804-14 - Michal Zalewski reported two vulnerabilities, memory corruption when adding news feed sources from a website (CVE-2008-1761) as well as when processing HTML CANVAS elements to use scaled images (CVE-2008-1762). Additionally, an unspecified weakness related to keyboard handling of password inputs has been reported (CVE-2008-1764). Versions less than 9.27 are affected.
d1e63ed39045702061c8738f66326c5631367c2ff0ee8b57953bfe1d8379319eGentoo Linux Security Advisory GLSA 200804-13 - Multiple vulnerabilities have been found in Asterisk allowing for SQL injection, session hijacking and unauthorized usage. Versions less than 1.2.27 are affected.
67da6681bc621e1c47a9b59a1836b85459c55a674e2f9489f48e2bca51d3ffd7Ubuntu Security Notice 601-1 - It was discovered that Squid did not perform proper bounds checking when processing cache update replies. A remote authenticated user may be able to trigger an assertion error and cause a denial of service. This vulnerability is due to an incorrect fix for CVE-2007-6239.
0c0ababe57cbd5b653e96a773f52efe8a94122769b245b42563aee9373fad61cCezanne version 7 suffers from a remote SQL injection vulnerability.
4f513e27a069c861f54191d62da844a44fef875775d97ab20369bdb7cbd7f1e4Cezanne versions 6.5.1 and 7 suffer from multiple cross site scripting vulnerabilities that require a user to be logged in (which is what you want if you are stealing cookies).
e4a896ec10b96c670a3c81498dfb55740cc5ab91c1bf38218cb47553d6ab6b2cCezanne versions 6.5.1 and 7 suffer from a cross site scripting vulnerability in the SleUserName parameter.
bb7a3249a474104147ff8c1167c08869b5a662f111666d8b1e543c413a1be933Fones Clinic Mart suffers from a SQL injection vulnerability.
dc7e993637e840f55cbca9cdca6a3f058006ddca10878dffe441be70880405e9Secunia Security Advisory - Tavis Ormandy has reported a vulnerability in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
b3010c3afcce9c4cf55d0c46959842051fa5b84ce1cd80a3d708b6c2e58bc4deSecunia Security Advisory - A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to cause a DoS (Denial of Service).
721d1d7db9f59f1c79194976d86cd611821f424c09ddb6c3577829f0ba2c5087Secunia Security Advisory - IBM has acknowledged some vulnerabilities in IBM HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
ced73e0eee0336e75b2c687b7f61d1ff39f3ffde6e3a0131ebc37ba89ae3907fSecunia Security Advisory - t0pP8uZz has discovered a vulnerability in CcMail, which can be exploited by malicious people to bypass certain security restrictions.
345f8afc3a9b6aec7f1e20a5ee586497b2f8c7536c8e136c6b56bff6a41c894aKoobi CMS versions 4.2.4, 4.2.5, and 4.3.0 suffer from multiple remote SQL injection vulnerabilities.
863782de14740f806f8af339bca5c7f2652b787c4b138d9f2b31070f65e9c45cKoobi Pro version 6.25 poll suffers from a remote SQL injection vulnerability.
cb62ef315df239dda87869572aec9671a3464746f9b9819c4f4ddf174c58f88dHP OpenView NNM version 7.5.1 remote buffer overflow exploit that takes advantage of a vulnerability in ovalarmsrv.exe.
79517ef09f533c58bd8ca54d6f622896981f4cc4f7214590fbd386a5b8b35089This code generates an emf file that demonstrates the Microsoft Windows GDI API stack overflow vulnerability as detailed in MS08-021. Spawns calc.exe.
6f68db9ec797e0add0cb4a67fd3be85362d579bbb59ac2c3a624fdfeff5362f4KwsPHP remote code execution exploit that leverages upload functionality.
045a9d94752845769721fc8baf1ac9b910835d5fd915f08562dfbb2f188d6778BosNews version 4.0 suffers from a remote SQL injection vulnerability.
98c55f3eedf3f17f12f5d41ba0c331a46e5c58fb5cf01c21825f58deaac61debBosClassifieds version 3.0 suffers from a SQL injection vulnerability in index.php.
25789016183f4def90c3195b4a85876fbb2dd3c20924896051dc45b18a33fd43SmallBiz eShop CMS suffers from a remote SQL injection vulnerability.
99645bd155236d4be48e71ef4afc2ff1c27efdd871cd9b13bd5a219b6b0ffe1dSmallBiz 4 Seasons CMS suffers from a remote SQL injection vulnerability.
87f35ec298085246524344d246f2e2d858259c5ea9c7e5e8b805a2ed1bc46126Mumbo Jumbo Media OP4 remote blind SQL injection exploit.
dcd7c431d30cffe30f76ff235d454ba81bd2e34e07404541462c10e7beea1a4aThe Joomla extplorer component versions 2.0.0 RC2 and below suffer from a SQL injection vulnerability.
175a6e78d80481dfbe67e015b0d82c2c48e0ef564d7a33ee6c62254700756e0b1024 CMS versions 1.4.2 and below local file inclusion and blind SQL injection exploit.
b2fe79895891927df1cdbbbf642362c31d9ed388dbbbf156c9b45ad606f8fcdeSecunia Security Advisory - A vulnerability has been discovered in Coppermine Photo Gallery, which can be exploited by malicious users to conduct SQL injection attacks.
7b70cbdd500ac1e69d21155408381d9f8f9d87f3a8c1d2cbf40c157a27c53312
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed