Cisco Security Advisory - Several features within Cisco IOS Software are affected by a crafted UDP packet vulnerability. If any of the affected features are enabled, a successful attack will result in a blocked input queue on the inbound interface. Only crafted UDP packets destined for the device could result in the interface being blocked, transit traffic will not block the interface.
d7c7801e5593cc1d56d45fb532604c74459fabf8eb1ec761e05e4ee6458e597cCisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that can be exploited remotely to cause a reload of the Cisco IOS device.
9aeff3ac6624b0acd51e8bdef45a818417a1cb077cb942319b1ba9325af60d29Cisco Security Advisory - Cisco IOS Software contains a vulnerability in multiple features that could allow an attacker to cause a denial of service (DoS) condition on the affected device. A sequence of specially crafted TCP packets can cause the vulnerable device to reload.
9e9a90544800678d068057fefc2fb388030582f354d242a3c7772701808ce930Cisco Security Advisory - The server side of the Secure Copy (SCP) implementation in Cisco IOS software contains a vulnerability that could allow authenticated users with an attached command-line interface (CLI) view to transfer files to and from a Cisco IOS device that is configured to be an SCP server, regardless of what users are authorized to do, per the CLI view configuration. This vulnerability could allow valid users to retrieve or write to any file on the device's file system, including the device's saved configuration and Cisco IOS image files, even if the CLI view attached to the user does not allow it. This configuration file may include passwords or other sensitive information.
89c62856369209d23f7e86a8a347090994a2c3bd1eb7ae5366e739c7a69af336Cisco Security Advisory - Devices that are running Cisco IOS Software and configured for Mobile IP Network Address Translation (NAT) Traversal feature or Mobile IPv6 are vulnerable to a denial of service (DoS) attack that may result in a blocked interface.
8be582b635f622a6da5938ea795792eb076c6b771a286c319f11eac43115b214Cisco Security Advisory - Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. A crafted HTTPS packet will crash device. SSLVPN sessions cause a memory leak in the device.
539b67513178c8d6e96c45b5e65a773d7fb06b37cf4b6d9b4a9675a8b9bb63e7Cisco Security Advisory - A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol (cTCP) encapsulation feature. Cisco has released free software updates that address this vulnerability. No workarounds are available; however, the IPSec NAT traversal (NAT-T) feature can be used as an alternative.
41ae361d948a74deeb0ad10994a0585596dafec4de79e7cda57617b56c0c13f1WeBid version 0.7.3 RC9 suffers from a remote file upload vulnerability in upldgallery.php.
724b8054ac1686214a3888b7b44ef75017f91526d2630701cadc8a98b66e99b0PHPizabi version 0.848b C1 HFP1-3 remote arbitrary file upload exploit.
5c79b788cc8d202cca60f022af62e69679d4108507cb3956621244d7e85d64aeMozilla Firefox XSL parsing remote memory corruption proof of concept exploit.
01e9ce8ec25822adc17fe70d3e37c7f6ae6caf6690b945ce7cbabaec58b3342cAanval is the industry's most comprehensive snort and syslog intrusion detection, correlation and management console. Aanval is designed specifically to scale from small single sensor installations to global enterprise deployments. Aanval is browser based and designed to work on all current variants of UNIX, Linux and Mac OS X.
7529ddd8b8b8f4e4b5479dc8b9eb5760f8587674e55143525914854bc468b580Debian Security Advisory 1745-2 - Several security issues have been discovered in lcms, a color management library. This update fixes a possible regression introduced in DSA-1745-1 and also enhances the security patch.
c77800fadd6c284e42c35d6fcb110b184e99091d0e1d7a6cdfbdea548c3735e4Secunia Research has discovered a vulnerability Adobe Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of JBIG2 streams. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file containing a malformed JBIG2 symbol dictionary segment. Successful exploitation may allow execution of arbitrary code. Adobe Reader versions 8.1.3 and 9.0.0 are affected.
3a6f7e4aad0b7d0f7fb53f01f4c49768416ddd1ab350f118ec3c37a4d19d7965Adobe Acrobat Reader suffers from a memory corruption vulnerability. Versions 9.0.0 and 8.1.3 are affected.
3fd5159ce227deda8ad64450f949dbfdf2df7c0a4cc546070dccc3e295484604Pivot Scan is a scanner written in Ruby for the meterpreter tool.
45ecdf791525de7234a5d539bbcfc9801fc8ecc45b4c462216830f1b0c819b69DirectAdmin versions 1.33.1 and below suffer from a symlink permission bypass vulnerability.
53052199c58574efd9c8e08901a5480d5721d6a9a1745f95edae74e88a503fb3Secunia Security Advisory - Some vulnerabilities have been discovered in PHPizabi, which can be exploited by malicious people to conduct SQL injection attacks, disclose sensitive information, or compromise a vulnerable system.
f6fba59a653815517d0ba3520ffc5793b7a8d6e82ea6758d16ed79db5de14b57Secunia Security Advisory - Slackware has issued an update for lcms. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
73c5f0f79cfde7a49061fae802d40d11d532771bc61aeb7cafb6938a1b716e92Secunia Security Advisory - A vulnerability has been reported in ldns, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
5238acb231f6b9babed46dc03a1edfe733e00c7a82e98283b5b1aeaea76285d1Secunia Security Advisory - A vulnerability has been discovered in Media Entertainment Script, which can be exploited by malicious people to conduct SQL injection attacks.
f950e9b5405457184fa8705208b326a9448391301a3c49fbf0aa1d6a00916427Secunia Security Advisory - A vulnerability has been reported in Hannon Hill Cascade Server, which can be exploited by malicious users to compromise a vulnerable system.
4eb72c99fd4a5682e03be05e470c7de8c47573da1a2baf0b9b528a2a4e828d07Secunia Security Advisory - Some vulnerabilities have been reported in cPanel, which can be exploited by malicious users to conduct script insertion attacks.
8c0b9f482135f28b253a65a51ed0d65b3dfe3fb52702a1d71e1b0175c5e43e6fSecunia Security Advisory - Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious people to conduct HTTP response splitting attacks or disclose sensitive information.
8d4d42cc29551c79dfe47049785f3680f75f463c00ce2de1a4d3c57121fe45f4Secunia Security Advisory - Red Hat has issued an update for acroread. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
ac2530cb2e538d6c9e4ea58923a77289ab167a8f32eb6d3f7231f284dee61214Secunia Security Advisory - A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks.
da98cf350490254cb226f7f3c29142e48360b71a06515219ae1acb4550ec3ae1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed