Gentoo Linux Security Advisory GLSA 200904-11 - Multiple vulnerabilities in Tor might allow for heap corruption, Denial of Service, escalation of privileges and information disclosure. Versions less than 0.2.0.34 are affected.
22c9b309000d22d1788a4e5b3d76214a0eca90f8886ed08d9afd65f367a06b09Gentoo Linux Security Advisory GLSA 200904-10 - An error in Avahi might lead to a Denial of Service via network and CPU consumption. Rob Leslie reported that the originates_from_local_legacy_unicast_socket() function in avahi-core/server.c does not account for the network byte order of a port number when processing incoming multicast packets, leading to a multicast packet storm. Versions less than 0.6.24-r2 are affected.
359beb4037140d4bfa148c609fb007b6ec710cc0ccbfaf3d108ea5ed90e95655Gentoo Linux Security Advisory GLSA 200904-09 - Multiple vulnerabilites in MIT Kerberos 5 might allow remote unauthenticated users to execute arbitrary code with root privileges. Versions less than 1.6.3-r6 are affected.
7b528ce4b70a3225550954d57e4772d37c008963e25bab1c29d3738f9ed187b1OTSTurntables version 1.00.027 SEH overwrite exploit that generates a malicious .ofl file.
83a924c12410cd66a913136fc67dedc5d0e9b32a0e2691aeb3742715051c45ccWhitepaper called Exploring Below the Surface of the GIFAR Iceberg. Reported at Black Hat 2008, GIFARs uses the concept of combining files such as a GIF images and a Java Archives (JAR) to enable malicious code execution. This paper explores GIFARs and the possible threats they expose.
b9b8c3fc1aec2403a14d62743baa2527bfac37c3b4b30f6cb8f84ccefae30eb8net2ftp versions 0.97 and below suffer from cross site scripting and cross site request forgery vulnerabilities.
433699ef9d591114e5c64f6df12a1c3da921c0505de64830a75dac18c05c1c86WebFileExplorer version 3.1 suffers from a remote database disclosure vulnerability.
c78c22a4ec8299866b31b707b5cf8e5ddecde4052188b1a2c8207d67a55422a6Photo Graffix version 3.4 suffers from shell upload and local file inclusion vulnerabilities.
4eb55cc07be6d213a78b19865d0237e0d6bf2e7c4f21fa07ea9a8e2340988173The Joomla Cmimarketplace component suffers from a remote directory traversal vulnerability.
5a244bcaab6c01c220efa55bd88e930ca4fcfa8ec8b430de5d3af908e470f8aeThe Joomla MailTo component suffers from a remote SQL injection vulnerability.
d47c917a736400e80b2ca3a676f3819b78be4c21481684d7f6dde75a2846a671The Joomla Maian Music component version 1.2.1 suffers from a remote SQL injection vulnerability.
f3ac968132885570f0f001d964868958e3941634a85a6f3ade7bdf8eca386266Akan Portal suffers from a remote SQL injection vulnerability.
23252fdd99faac010443bcbe0aead4270a4e39f67a82940d10c8c10710b1aef2PeterConnects web server suffers from an arbitrary file access issue due to a traversal vulnerability.
94140ebb31b68ee5e1a013a05170420471773d24e78d041d2373a844df2934c8SASPCMS version 0.9 suffers from cross site scripting, database disclosure, and authentication bypass via SQL injection vulnerabilities.
05b5258b2a47064aa511a4eff88d7f81293cc1c1d37a3748ae10083d39fbef5aOTSTurntables version 1.00.027 local stack overflow universal exploit that generates a malicious .ofl file.
f068b2fe85eb8676b557160c51e17d7c90665b11d73d3e074cbf643e1d88176fSUSE Security Announcement - The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to to possible, but very unlikely, remote code execution.
0e007593b67fdfd063439448160fe17d35f352dbb71aa7596e28fe45c721762bLinux Kernel versions below 2.6.29 exit_notify() local root exploit.
1e5274ad1304103cb6064785ebfc08688d30dca005df9ea1d9b3cc6a763b26a2Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. These range from multiple denial of service issues to authentication and ACL bypass vulnerabilities.
8ba8fbb9a40990200213b3b75a88bdf11eeb7d566fb1de495c5a0756ba1115fdThe affiliate group that controls many rogue anti-malware software has a SQL injection vulnerability in their control panel that hosts all their sites. This control panel, is also hosted on a domain that is controlled by the rogue group. On the control panel, resides a user list, malware search, definition search, settings, statistics, archives, various databases, and TODO lists.
91efcacabf3584593f19b0e4930f367709869382192c56579661b8026a992287GOM Player version 2.1.16.4613 suffers from a subtitle related buffer overflow vulnerability.
7e055f74d3da2f41f5dc05ae583ba0648de5fb3d836bff4264d31271787307e8Proof of concept exploit that demonstrates a buffer overflow vulnerability in GOM Player version 2.1.16.4613.
59464947436b05af99e4a8bf67030ccb1f9eb46af5c6045249a29a5ba12badebDebian Security Advisory 1765-1 - Several vulnerabilities have been found in horde3, the horde web application framework.
a2d28d21cc5d92073bc88de6cf9eb4fca2472e0f14b801bc60eb09696f8a903bSummer Camp Garrotxa 2009 will be held in Bosc de Tosca, Les Preses (La Garrotxa, Girona), Spain from July 17th through the 19th, 2009. This is an invitation for anyone interested in security, technology, or that simply wants to learn, to teach, to meet with old or new friends and/or participate in this event.
4a8880a04366514beb582244c8a1fba1868160d5f66b5df68dc8f684c7f94656Adgregate is susceptible a replay attack vulnerability.
ed9609f7af23db5e9fac045939f1ed362c0e92096bac58e1d7fe60b07798d120Ubuntu Security Notice USN-755-1 - Multiple flaws were discovered in the Kerberos GSS-API and ASN.1 routines that did not correctly handle certain requests. An unauthenticated remote attacker could send specially crafted traffic to crash services using the Kerberos library, leading to a denial of service.
00dff75f4b4986be32bfa2795735d00bb490a4d893892bef38d5ae41d370d195
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed