mpTREY is a MP3 fuzzing utility that manipulates tags. Written in Perl.
3f272c23c44352dd75429216312ed372076351d35fa4762a4869fd1da89d050dBandSite CMS version 1.1.4 suffers from an insecure cooking handling vulnerability.
c4fd3f2d252e9360e9526ff69a57e2de6348d5351edf169a5af254d4cb755dbdScriptsFeed Recipes Listing Portal software suffers from a remote file upload vulnerability.
66d2a4e8dfbe5433b9bc7f0ab2be666546dd1c886cd2220351b2799ad20698daScriptsFeed Auto Classifieds software suffers from a remote file upload vulnerability.
8deffdb64d1e9e5ff76ffb9ed73fe538d35efb472ea246d57599cb6bc48f3158ScriptsFeed Real Estate Classifieds software suffers from a remote file upload vulnerability.
5507e587dd496e035ffc189cf408249890480f643defed6af3cfab2b954ff5dbThe GS Real Estate Portal US/Internal module suffers from cross site scripting, SQL injection, and remote file upload vulnerabilities.
0537b3a874893fed826f2b1ec084f4f67f7fbb3a0cc625305484fa06ef377e99Secunia Security Advisory - Don has reported a vulnerability in Fresh Email Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
918d794c2e61bb8a2c33ad50cba146c85c40894ff67565c6fc51948e0bd22705Secunia Security Advisory - Red Hat has issued an update for acroread. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a user's system.
e85430a9fbad39a30ab019da577a9aff09186e87da0ac3059724e6b887b77a66Secunia Security Advisory - Fedora has issued an update for libpng10. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
8918d6ba4d3a64bb18b1bf4fb9529dcb8c5047a3769b266e7deaf9f9b14cc6f527 bytes small GNU/Linux x86 setuid(0) && execve("/bin/sh",0,0) shellcode without NULLs.
c0c0138eb0cbf63e6e3e5b1a04fffbf8501663ccd3ea72f3924bcf3011fe0535Secunia Security Advisory - rPath has issued an update for initscripts. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
9a2e8c8eb980f17976bae878b4b26bbc50ff53b0959f55cb7c30a453f72ee69bThe Netgear WGR614v9 administrator interface can cause a denial of service condition on the router when a simple question mark is appended to the URL.
f2c2574642ef8dd733e76621de159bcc9f66b4e306316c0205b9ab32a2bf6039Digital Armaments has officially announced the launch of the October-November hacking challenge. Digital Armaments will give a prize of $5,000 for each submission that results in a exploitable vulnerability or working exploit for the Linux kernel. This should include examples and documentation.
b2ae9a5e465944ba7e4a7712d8625cfc7eb5e530b14e5d0fc164a1a11d2950aaSecunia Security Advisory - Francesco Bianchino has reported a vulnerability in Metrica products, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
88845e8ee0872cdd776384117dd06487f5e98d5055c2c9c706351d971916b18fSecunia Security Advisory - Fedora has issued an update for optipng. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
d09f49adf0efa55ac95f13b72fdc00ba11af018f57206c248e19948925b31eb7Secunia Security Advisory - rPath has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
648c03dc838bfe9e2e121cc31f5c1b4609e98b325c1bdc483e63a781d35072f1Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system.
263fc312b82717af161fe5eaa9c16b7481375dea5c8c1b81d4798a8ab0173e58The Pi3Web ISAPI interface suffers from a denial of service vulnerability that causes the server to crash. Versions 2.0.13 and below are affected.
28ae7b680667cd7af13babc98bd853018075234dc064ab260fbba2178f775bfe.NET Framework Rootkits - This whitepaper covers various ways to develop rootkits for the .NET framework, so that every EXE/DLL that runs on a modified Framework will behave differently than what it's supposed to do. Code reviews will not detect backdoors installed inside the Framework since the payload is not in the code itself, but rather it is inside the Framework implementation. Writing Framework rootkits will enable the attacker to install a reverse shell inside the framework, to steal valuable information, to fixate encryption keys, disable security checks and to perform other nasty things as described in this paper.
f76d7dd718394137cdbc9cb275f43a192178ffb10a850e0e77481a838c67ea51.NET-Sploit is a new tool for building MSIL rootkits that will enable the user to inject preloaded/custom payloads to the Framework core DLL.
5776c1769e93b6c84140aa59330ab249d6529d492a81f74654dbb0a444b97a81Secunia Security Advisory - rPath has issued an update for net-snmp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
cebcbd07df4cf06fcc63621505e0a313fbe06ae93a2812b2c831dc6b4303f984Team SHATTER Security Advisory - Oracle Database provides the "LTADM" PL/SQL package that is part of the Oracle Workspace Manager component. This package has instances of SQL Injection in COMPRESSSTATE and GOTOTS procedures.
29603ed80c14670ee01111577280faac894cf3b0ed732e00604e0e4483cc40e7Team SHATTER Security Advisory - Oracle Database provides the "LT" PL/SQL package that is part of the Oracle Workspace Manager component. This package has multiple instances of SQL Injection in COMPRESSWORKSPACETREE, MERGEWORKSPACE and REMOVEWORKSPACE procedures.
46972c6b9e06e4bc4b703ab2962224b03b0e54bbdc772217823fb7beae043812
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed