Secunia Security Advisory - rPath has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
f8a95694fdfc2a8049c7457db7933d37c871157102966a37b6ed367681714d89Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of service), and by malicious people to potentially cause a DoS.
f30f647e31c8ce6c9c45f7d64d818a1140767b5cb999aff42ed20cee157fd7bbSecunia Security Advisory - Slackware has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
0edade49e4768129fa81918a8a72f2edb282891c07d61e5b6fc70c8f0495a431Secunia Security Advisory - Russ McRee has reported two vulnerabilities in DT Centrepiece, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
9204a9f8404c5080033afc5a23a09a2933ab01c8bf7f19f9322de3b5072ffde2Secunia Security Advisory - Cr@zy_King has discovered a vulnerability in CKGold, which can be exploited by malicious people to conduct SQL injection attacks.
47047a4d3ff9339ff8b2b41f07ae406aa551c55c337313a492a35e0d1f95e97eSecunia Security Advisory - A vulnerability has been reported in Ortro, which can be exploited by malicious people to conduct cross-site scripting attacks.
8868a1663caee4030b5c66fbe477a57b1d534cf774d0cdbc876754ce81d52f60Secunia Security Advisory - A vulnerability has been reported in Creative Software AutoUpdate Engine ActiveX Control, which can be exploited by malicious people to compromise a user's system.
b5f83493345205170c196a3771a7ef5b8119732f0c1acc3976a325340f39e7e3Secunia Security Advisory - A vulnerability has been reported in spamdyke, which can be exploited by malicious people to bypass certain security restrictions.
379be6b1508b72720d17ee5ba9e71124e3db7df43adf1e1e9388ec8ef4ef7473Secunia Security Advisory - A vulnerability has been reported in Motorola RAZR, which can be exploited by malicious people to compromise a vulnerable device.
df58f3399105910a69c672be37d60ea9fbfcd39c5d60ffffd113dc22de7187c1Secunia Security Advisory - Some vulnerabilities have been reported in EMC AlphaStor, which can be exploited by malicious people to compromise a vulnerable system.
a158f8be169cd3f96aa5c1c1354a67c329d752029e719f949ac04ac9d0279d8dOpenSSL Security Advisory - Two moderate severity security flaws have been fixed in OpenSSL 0.9.8h. Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and OpenSSL 0.9.8g. Testing using the Codenomicon TLS test suite discovered a flaw if the 'Server Key exchange message' is omitted from a TLS handshake in OpenSSL 0.9.8f and OpenSSL 0.9.8g.
798bc0606364fec82629c9cbf4774497ca88fe671a7f59a54d0c210d236374c8Opera versions below 9.25 are susceptible to a heap-based buffer overflow that allows for a denial of service and possibly code execution.
f6dc341cce8dd3f5bc84c05a0c44cde29463acefebfde3867a34bf222e7aabf7Debian Security Advisory 1589-1 - It was discovered that libxslt, an XSLT processing runtime library, could be coerced into executing arbitrary code via a buffer overflow when an XSL style sheet file with a long XSLT "transformation match" condition triggered a large number of steps.
3f71ed6525424de09bdb4c065d5f0d71884755d3d298d7a2f09c76bf171bc7cfOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
224e1ca3aeeda8acc72e5c48b34843904b9d585aaadb4d5a15524c25f6c6a1ceSecunia Security Advisory - A weakness has been reported in IBM AIX, which can be exploited by malicious people to disclose system information.
7b5014a03048ed2a6fc25ee0b197386be1fda83098e4618f7768e230e4407862Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
fc0a1b5efd1652a58c80143a93e3a22f3e8e87c57a13cd1c5c7edcda6aa74afaA vulnerability allows remote attackers to execute arbitrary code on vulnerable Motorola RAZR firmware based cell phones. User interaction is required to exploit this vulnerability in that the target must accept a malicious image sent via MMS. The specific flaw exists in the JPEG thumbprint component of the EXIF parser. A corrupt JPEG received via MMS can cause a memory corruption which can be leveraged to execute arbitrary code on the affected device.
73dad834e8ff64514f4a305d4cd194246463b06aed7c666a0862feb68f6c97d4iDefense Security Advisory 05.27.08 - Remote exploitation of an arbitrary command execution vulnerability in EMC Corp.'s AlphaStor could allow an attacker to execute arbitrary code with SYSTEM privileges. AlphaStor consists of multiple applications, one of which is the Library Manager. The Library Manager is used to manage the replacement of disk drives in distributed locations. The Manager consists of a single process, the "robotd" process, that listens on TCP port 3500 for incoming connections. The Library Manager is prone to an arbitrary command execution vulnerability. When sent a specific request, "robotd" will use a string from the packet as a command to execute on the system via the CreateProcess() function. This allows an attacker to run arbitrary programs on the host with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in AlphaStor version 3.1 SP1 for Windows. Previous versions, as well as versions for other platforms, may also be affected.
89af74c8a928b81854ee449e94087273d27f78d647c9fd326a1544aff4057f61iDefense Security Advisory 05.27.08 - Remote exploitation of multiple stack based buffer overflow vulnerabilities in EMC Corp.'s AlphaStor could allow an attacker to execute arbitrary code with SYSTEM privileges. AlphaStor consists of multiple applications, one of which is the Server Agent. The Server Agent is one of the core components of AlphaStor, and is used to initiate disk management requests. The Agent consists of several processes, one of which is the AlphaStor Command Line Interface process. This process listens on TCP port 41025, and is prone to multiple stack based buffer overflow vulnerabilities. iDefense has confirmed the existence of these vulnerabilities in AlphaStor version 3.1 SP1 for Windows. Previous versions, as well as versions for other platforms, may also be affected.
8da9b9e7f94fd0d1345754a53a84aca4080928bbb8dcd14ed122e9038bc29440Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
e312925c3a88adcbaf242f9a2e1d47c30c9041b15512ec09273576dc7eec87fdSecunia Security Advisory - A vulnerability has been reported in Cisco Voice Portal (CVP), which can be exploited by malicious users to gain escalated privileges.
23d19ebd5d2722b6d0316f55bf74fb45a7631b3b9a9d99e462d0afd271de8801Secunia Security Advisory - Some vulnerabilities have been reported in Cisco Service Control Engine, which can be exploited by malicious people to cause a DoS (Denial of Service).
bd0ae3a4b7ce74da4ba0b008d75cbddd679e33ab0b0f94f0664ebbbf9464b23aSecunia Security Advisory - Some vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
db68766e691e65d24a21bfff0d3c413c6a92c61d80175da01db437d42966a5afSecunia Security Advisory - Red Hat has issued an update for compiz. This fixes a security issue, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.
4f0b6497b83e76b87a0da9874aaee7eae875a3736422d9211db450c944543222Secunia Security Advisory - Digital Security Research Group has reported a vulnerability in SAP Web Application Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
b528e46e31a3863ba167d4d6b01f92cca168196b2334f49dfbc679e86a642a34
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed