Secunia Security Advisory - A vulnerability has been reported in Novell eDirectory, which can be exploited by malicious people to conduct cross-site scripting attacks.
03f930c59226906007a56583b0010056cbe5c565217ed0777e3aabc687ebab0cSecunia Security Advisory - Tan Chew Keong has reported a vulnerability in UltraEdit, which can be exploited by malicious people to compromise a user's system.
030cfd8f5f8ccb005fe70184f84981196aca4815152d2ef5d2779c58014cd3e4Ubuntu Security Notice 612-11 - USN-612-3 addressed a weakness in OpenSSL certificate and key generation and introduced openssl-blacklist to aid in detecting vulnerable certificates and keys. This update adds RSA-4096 blacklists to the openssl-blacklist-extra package and adjusts openssl-vulnkey to properly handle RSA-4096 and higher moduli. by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH, OpenVPN and SSL certificates.
9ab362f3984723340c03bf044eb7c4c9e2612864e5b89ab2ca4ac38b110972b1PHP version 5.2.6 suffers from a safe_mode bypass vulnerability in posix_access().
2400362e11a01b68131ed635912cd35fa61473e8014996f098b2d8dcf415d2bdPHP version 5.2.6 suffers from a safe_mode bypass vulnerability in chdir() and ftok().
4b6d7a67db3e7b0e9c14e129b981a1606917b28b4de98a46a7cfb128fef20a82Secunia Security Advisory - Mr.SQL has reported a vulnerability in BASIC-CMS, which can be exploited by malicious people to conduct SQL injection attacks.
dd17f70f31bee4fed66d34129a080ec01de5364ed540eca47614d8ac66bc5672Secunia Security Advisory - Some vulnerabilities have been reported in CRE Loaded, which can be exploited by malicious people to conduct cross-site scripting attacks.
6df26a71a5ef8ef0993da0b0c0abf4aef90606eba3619f129bf05de96bff3abfSecunia Security Advisory - A vulnerability has been reported in easyTrade, which can be exploited by malicious people to conduct SQL injection attacks
26657ace2b3b9d53e8159930a44d13e531de66da6f817aabff8745a4ea3373d9Secunia Security Advisory - Mr.SQL has reported a vulnerability in Comparison Engine Power, which can be exploited by malicious people to conduct SQL injection attacks.
7c142235eca8a1a4278acdfa65b7e0e4602b26cefe7c7e76b8238a294f118767Secunia Security Advisory - IBM has acknowledged some vulnerabilities in IBM HMC, which can be exploited by malicious people to conduct cross-site scripting attacks.
da3ec6e678ec4645491c86d2e03011fbc1519c4a311234d7bd094a7fae69593fSecunia Security Advisory - Fedora has issued an update for freetype. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
42066360b1f2f05a3216f2aaefa318b6345a9876235ea474ded69e9b4ea1b70eSecunia Security Advisory - A vulnerability has been reported in Symantec Altiris Notification Server, which can be exploited by malicious, local users to gain escalated privileges.
68edc992a8618ff00f8d9fb0362e9276600b587f027d99028291acfaa6e5152cSecunia Security Advisory - A vulnerability has been reported in Fetchmail, which can be exploited by malicious people to cause a DoS (Denial of Service).
bbec4074989c0e1c5571d53004a4f23e126fe2e6d148c41372a104cade483d0bSecunia Security Advisory - Jason Rhodes has discovered a vulnerability in ManageEngine OpUtils, which can be exploited by malicious users to conduct script insertion attacks.
df18e1230a1887df7b90e350a63f4b0249ead5a722cbbd6f27cb122783ce7793Secunia Security Advisory - A vulnerability has been reported in Adobe Flex 3, which can be exploited by malicious people to conduct cross-site scripting attacks.
6616f1412359dfcf6bd2ce654012c8627a62bd13781d9834febeec7684729826Secunia Security Advisory - Some vulnerabilities have been discovered in OpenDocMan, which can be exploited by malicious people to conduct cross-site scripting attacks.
8938af6c9e43507ce27d96b0f27f7d6de372788e214c6bb96442d15850426b5bSecunia Security Advisory - mu-b has reported a vulnerability in BlueCoat WinProxy, which can be exploited by malicious, local users to gain escalated privileges.
213ac10c059ee4c28bded6617ea33c770e40f34675991e3c0e44062d15deb17eCA ARCserve Backup versions 12.0.5454.0 and below suffer from a denial of service vulnerability.
1a4df3fe61fac5e4f40ad6f36801930488bf5e8a470502cc8bea4fb64d874753CA ARCserve Backup contains a vulnerability in the Discovery service (casdscsvc) that can allow a remote attacker to cause a denial of service condition. CA has issued patches to address the vulnerability. The vulnerability occurs due to insufficient verification of client data. An attacker can make a request that can crash the service.
0741ffe1de4d95ff387305e81ed6300a04528dc9d2dc44058f58fe0edd600007OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.
e55fd8a51b8fd0ae871d02b446549e86b865b547a2695debf48f15b56a67d459WebCalendar version 1.0.4 suffers from a remote file inclusion vulnerability in send_reminders.php.
44646a4e04541cc6ac14690908853eed86f2fca7aa08b1328b319277b7d29667Secunia Security Advisory - Mr.SQL has reported a vulnerability in eroCMS, which can be exploited by malicious people to conduct SQL injection attacks.
7886a177e102806696c687a10f8890431f4a1343fd43fbb6c7b40061ad271c1dSecunia Security Advisory - mu-b has reported a vulnerability in Deterministic Network Enhancer, which can be exploited by malicious, local users to gain escalated privileges.
2e43aa293e1f86424b9be999847ea153ff5f092549880d8a020146477c7d21eeCisco Security Advisory - Cisco Intrusion Prevention System (IPS) platforms that have gigabit network interfaces installed and are deployed in inline mode contain a denial of service vulnerability in the handling of jumbo Ethernet frames. This vulnerability may lead to a kernel panic that requires a power cycle to recover platform operation. Platforms deployed in promiscuous mode only or that do not contain gigabit network interfaces are not vulnerable.
70696b093f130e79649e00cb7dc569fa1cfde0f765376271c359f261febfd97feroCMS versions 1.4 and below remote SQL injection vulnerability that makes use of index.php.
f6ced6fa1d007b1788b5641f6c992a4c499a4902bc80b55d9a6009b64a3fcfd1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed