Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious, local users to disclose sensitive information and potentially gain escalated privileges, and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and compromise a user's system.
4c03a343dc37fc02680d9e728b0a3094d7f5f988718e58943b2623b3fc181beeSecunia Security Advisory - Secunia Research has discovered a vulnerability in Orbit Downloader, which can be exploited by malicious people to compromise a user's system.
61239f76c159614bbb48c91bea6c0d632fb2177e1993d4dd9be115b87e3fb679Secunia Security Advisory - Some vulnerabilities have been reported in Adobe RoboHelp Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
c6ba6048f03db55303083186793279ef0cbb717c8c12cb5ecac41b961b5048e9Secunia Security Advisory - A vulnerability with an unknown impact has been reported in CATIA V5.
d53874ae9510b390c8625157ab5d4f6e3fe057a638c4b87c4f454faa3c4f5833Secunia Security Advisory - A vulnerability has been reported in Adobe RoboHelp, which can be exploited by malicious people to conduct cross-site scripting attacks.
28a681e29fc925bc8ae56cdbacdfbe2f7c2db97a9e9e1b5db28f08e6550e3ca9Secunia Security Advisory - A vulnerability has been reported in the piCal module for XOOPS, which can be exploited by malicious people to conduct cross-site scripting attacks.
afa0ae1c2d241b6c789dfdf7011bcc6332afd21c21ead8e611e6e46edefc4770Secunia Security Advisory - HP has acknowledged a vulnerability and a security issue in HP OpenView Network Node Manager, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
48561ee5ad817725ecc8837ef3aa53c00f7bbdd2dfe8956a5a1ea218890c756eSecunia Security Advisory - A vulnerability has been reported in ZNC, which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.
456091068437a69839755d920d21797e7b7235252750232830f1f67e6bba3825Secunia Security Advisory - Fedora has issued an update for trickle. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
d441906c95bd417e7ca7a04ade29fc642601c1b6d012e2c8dc6a52f01b120647Secunia Security Advisory - A vulnerability has been reported in OpenGoo, which can be exploited by malicious users to bypass certain security restrictions.
9b6820e67d3d9a0c25e832af17016af51b0b1f51c4b6ce88ec441e3810e3d938Secunia Security Advisory - IBM has acknowledged a vulnerability with an unknown impact in IBM Websphere Application Server for z/OS.
f1b337efff9c99b5d6c3eb3f6881f7ff2ee5690f71c6b79ceb3827af5ac690e5Secunia Security Advisory - Secunia Research has discovered a vulnerability in SHOUTcast, which can be exploited by malicious people to compromise a vulnerable system.
bbc44e6ee8456cfab520fb7e7521501b53cef5d9cc88332d5e96ed9708e56460Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in ksquirrel-libs, which can be exploited by malicious people to compromise an application using the library.
04ad92ffaeff69cd629ab2ba58e2377190f1a6edc6177ee24f24e3024d4b6d2aSecunia Security Advisory - A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to bypass certain security restrictions.
ab3d35b1b4cc8217f3939767cb09935bf62e4c2ef8af165bfbd77d1b4f8daf03iDefense Security Advisory 02.24.09 - Remote exploitation of a invalid object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a Shockwave Flash file, a particular object can be created, along with multiple references that point to the object. The object can be destroyed and its associated references removed. However a reference can incorrectly remain pointing to the object. The invalid object resides in uninitialized memory, which the attacker may control to gain arbitrary execution control. iDefense has confirmed the existence of this vulnerability in latest version of Flash Player, version 9.0.124.0. Previous versions may also be affected.
780e892128d7d79681ecb9f2b0c8adb3af7430a9be41d1863f245d1dd740cf75Mandriva Linux Security Advisory 2009-054 - Cross-site scripting (XSS) vulnerability in Nagios allows remote attackers to inject arbitrary web script or HTML via unknown vectors. The updated packages have been upgraded to the latest version of nagios to prevent this.
544c4685dc0a733c59dfbcf1a766af69dc7f1253439bcb798e1e8d1ca4292635Mandriva Linux Security Advisory 2009-053 - Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie. Additionally many of the bundled plugins has been upgraded. The localization has also been upgraded. Basically this is a syncronization with the latest squirrelmail package found in Mandriva Cooker. The rpm changelog will reveal all the changes. The updated packages have been upgraded to the latest version of squirrelmail to prevent this.
f10d6407afc5ea153fd0b88200f19c313fb2c56e5f2651a605edc858330a1d0cMandriva Linux Security Advisory 2009-052 - The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and (1) a dollar-sign character, aka php executed in templates
320925f85c4d23b112e37e7cf0cd11335ace328e819692e57ca631de75eb3fcapPIM version 1.0 suffers from a large amount of security issues including cross site scripting, SQL injection, authentication bypass, password disclosure, and code execution vulnerabilities.
867a21afa0b3a477d7216572f04d5013ccf1cc6079e5ee2726b45c0da1e4458aNetragard, L.L.C Advisory - The Cambium Group Content Management System (CAMAS) Failed most Open Web Application Security Project ("OWASP") criterion during testing.
6dc9216857c8b8a7de3efc27c3d5195a6260f1f1903675c0dbdb8d568555f4bbVMware Security Advisory - Update for VirtualCenter updates the Tomcat package to version 5.5.27 which addresses multiple security issues that existed in the previous version of Apache Tomcat.
c355b6e2f3962839d0823d64d74f68d14bbda56c666d5663b4c909775faa2654The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
53c34cba5b945d668a3b9f520f2e7a4716f9cb0a7f48ffe15851454032cc03bbdradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
a6f9a40c9bbde3778c9c523f59e469d3dabfeadfc17dc95a8b955cf93d81a15fWhitepaper called Wi-Foo Ninjitsu Exploitation. It touches on methods of cracking keys, tools involved, and how to break basic simple defenses.
f73687ecb0c453b0161adb863066bbad00c22a65d1479f219fa5be0605bb517bMandriva Linux Security Advisory 2009-049-1 - A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. The updated packages have been patched to prevent this. The previous update package was not signed.
b18c87b6823d40961d07979b10ab0567db6472ac2c3f2d3d3378d1cb70a26ca7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed