Secunia Security Advisory - Slackware has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or to compromise a user's system.
2ebcaa3e85bf01326efa3be6d787ebaf00d942e6785c7453d372575cf4a215e3Secunia Security Advisory - Some vulnerabilities have been discovered in Tribiq CMS, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.
a56e0212956769f233bd22695019ec9e9a9b784cf2c2debb09f83cb0f1cd5d3cSecunia Security Advisory - Sun has acknowledged some vulnerabilities in Sun Solaris, which can be exploited by malicious people to compromise a user's system.
10bc1f7f7fbd8c6fb0e0372883992695666bac64ba1cf743075ee087d1ff83e7Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Sun Solaris, which can be exploited by malicious people to compromise a user's system.
109562b493ef53e5fee3559a1078188148a3b506c25c742797557096d823b082Secunia Security Advisory - Two vulnerabilities have been reported in IBM Rational ClearQuest, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
7845e5dec09babdc22e335ae5932826482d240b66e1ef850b21de874854058d7Secunia Security Advisory - ViRuSMaN has discovered a vulnerability in the PinMe! component for Joomla, which can be exploited by malicious people to compromise a vulnerable system.
2e927e92359cfc663824fd26291e41bfddd35b6eacd192ef2db249954ee8b2aaSecunia Security Advisory - A vulnerability has been reported in Cisco Video Surveillance Services Platform and Integrated Services Platform, which can be exploited by malicious people to cause a DoS (Denial of Service).
52a4f48f96494c9fd6efa9607a8cf36cb42aa8605cfb8ebbdb546e29556dcdf5Secunia Security Advisory - A vulnerability has been reported in Cisco Video Surveillance 2500 Series IP Camera, which can be exploited by malicious users to disclose sensitive information.
5d609166cf7dcd2106a509854ec4f0871d5286718a9f1d20c08546d2fbb306bbCisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Physical Access Gateway. There are no workarounds available to mitigate the vulnerability. This vulnerability has been corrected in Cisco Physical Access Gateway software version 1.1. Cisco has released free software updates that address this vulnerability.
cb1d05002a63cf831b7c0d333420f908f0e9096f80c143fadb4dbad97ba242caCisco Security Advisory - Cisco Video Surveillance Stream Manager firmware for the Cisco Video Surveillance Services Platforms and Cisco Video Surveillance Integrated Services Platforms contain a denial of service (DoS) vulnerability that could result in a reboot on systems that receive a crafted packet. Cisco Video Surveillance 2500 Series IP Cameras contain an information disclosure vulnerability that could allow an authenticated user to view any file on a vulnerable camera. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.
3b56d120b6856f73ef48b6879e7de75cf47fb8f500ff02f80c93c32f09dfc51dThe Cisco ASA Web VPN versions 8.0(4), 8.1.2, and 8.2.1 suffer from cross site scripting, credential theft, and html rewriting bypass vulnerabilities.
826573c559cecc29255977b0d05ddb68c96b1d5ee4bffbb810ce7796d4a3c7b5Call For Papers for CHASE 2009 - Conference On Hacking And Security. This conference will be held November 6th through the 10th, 2009.
a8abd0fffc1673c3db9edae5cf560d2ceb07c9f082d93f8dee2e340b4b0f6b08The Joomla Amocourse component suffers from a remote SQL injection vulnerability.
38ae44847da04c0df0b9addb193d1f97deac9d67add385ba0b65237dc0b20be7Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.
4a52d8f8bba302fff49a30af8ebbe6b95c6a6de20f1455f8e85022813f9632d8LightOpenCMS version 0.1 suffers from a local file inclusion vulnerability in smarty.php.
2ea8825b67f4a536dfc0abc3cd7c159bb6a646e5c38a8cbc229a44ba6e4ce178PHPEcho CMS version 2.0-rc3 suffers from cross site scripting and blind SQL injection vulnerabilities.
4cfcda462a15a7d3dd071f6054d698ff814a93e29dcc432dde1c585812b90e22Ubuntu Security Notice USN-791-2 - Christian Eibl discovered that the TeX filter in Moodle allowed any function to be used. An authenticated remote attacker could post a specially crafted TeX formula to execute arbitrary TeX functions, potentially reading any file accessible to the web server user, leading to a loss of privacy.
cfc1498d9d234062c6029888260b1a535de25f14fc02b8ab3fda4affa7ef4853Ubuntu Security Notice USN-791-3 - It was discovered that Smarty did not correctly filter certain math inputs. A remote attacker using Smarty via a web service could exploit this to execute subsets of shell commands as the web server user.
50ab743350ae3ce592b5af8df39209875ef6d9093bc8ecaed63b68eb7ef24e34Ubuntu Security Notice USN-791-1 - A large amount of Moodle vulnerabilities have been addressed including code execution, SQL injection, and cross site request forgery issues.
64eba19d281ac935355625ea75f3a8d85a741d8ad8b8abd7435d68842a28d061Ubuntu Security Notice USN-790-1 - James Ralston discovered that the Cyrus SASL base64 encoding function could be used unsafely. If a remote attacker sent a specially crafted request to a service that used SASL, it could lead to a loss of privacy, or crash the application, resulting in a denial of service.
2c9fc157da531805cdd5da963075f3f8fd23477c2114e55795f715a1ad7bfafbAN Guestbook version 0.7.8 suffers from a local file inclusion vulnerability.
205fcebefa7007e63cb1b83a77ba4d130ad2845ca274eb95136e8544d5c08a71Tribiq CMS version 5.0.12c suffers from cross site scripting and local file inclusion vulnerabilities.
c531aafc7ccd4fd12a3cef9881cc9b0feb72d7aad64683b308606a76108b73f0The Joomla PinBoard component suffers from a remote file upload vulnerability.
b8bdf53b03773b13bcfdf710a728f7062629aa79632be992e8140f399a81258eMandriva Linux Security Advisory 2009-139 - A security vulnerability has been identified and corrected in libtorrent-rasterbar. Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file. The updated packages have been patched to prevent this.
df968b48a75671252ad5e27d386882167cc1f161476de70fd745f1c69c1f311cGlossword versions 1.8.11 and below suffer from a local file inclusion vulnerability in index.php.
273810e74f9701aa30e1e70039f2f7af6379da4b285dca3890d3bf3bfde294e6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed