Secunia Security Advisory - DecodeX01 has reported multiple vulnerabilities in Huawei MT882, which can be exploited by malicious people to conduct cross-site scripting attacks.
2d850dd9baa9d0ea66de89b2dfb605878e1dcf2c4243926d11c5d6811d7f872f
Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to gain knowledge of system information or compromise a user's system.
71b27c502631c809c8e0a74eb3eebe42723af25f109d6cb8e4ed0d4b5ac8c6ae
Secunia Security Advisory - A vulnerability has been reported in various Symantec products, which can be exploited by malicious people to compromise a vulnerable system.
9624c50b5874a8c0668b5bb4fc0e92a8238226d6777b1680041fe6cacc70f21b
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovsessionmgr.exe application. The session manager is passed credentials originating from POST variables sent from the ovlogin.exe CGI application. Both the 'userid' and 'passwd' variables are copied in to a static 0x100 byte heap buffer via a sprintf() call. By specifying large enough strings this buffer can be overflowed leading to arbitrary code execution.
d3e347769d9a0169119de61e0f00d5eeb0cfc5247b54c5ce41f1e884a1e5daf0
The Joomla Mamboleto component suffers from a remote file inclusion vulnerability.
2014fc101fbd17e31e9ee333ff81e7a6d8e576bb9e07c70577fa3c91512002b8
The Joomla JPhoto component suffers from a remote SQL injection vulnerability.
70e47552ea0a16d8a89908715ebab0c55e27922d555f8f006f3125379617ee1f
The Joomla JS Jobs component version 1.0.5.6 suffers from a remote SQL injection vulnerability.
abfb9823ae7244b1b5131080c150d79671ba2ebde6bfe542ff0994b61c37c291
Peter Glen Script suffers from cross site scripting and shell upload vulnerabilities.
d157dfd256c168e3f50fd7152caef60af88a810bba83268bbba13cf1fdb7df61
Technical Cyber Security Alert 2009-343A - Adobe has released Security Bulletin APSB09-19, which describes vulnerabilities affecting Adobe Flash Player and Adobe AIR.
a4bc242954422d960261801c1a304d593f725cfaf0177c99a1936ae6daee86f3
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovlogin.exe CGI application. During authentication both the userid and passwd POST variables are passed to this CGI and copied in to a static 0x100 byte heap buffer via a sprintf() call. By specifying large enough strings this buffer can be overflowed leading to arbitrary code execution.
dfe02bea723b3ba6bc783229b860dc9e56116e53f1fcb3a220423f03a8453200
Zero Day Initiative Advisory 09-098 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of multiple Symantec products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the VRTSweb.exe Web Server component which listens by default on TCP ports 8181, 8443, and 14300. The process fails to properly validate an authentication request made to port 14300. By providing a specific request an attacker can bypass the authentication and instruct the process to unpack and execute data within an arbitrary WAR file. This can be leveraged to execute arbitrary code under the context of the SYSTEM user.
940888fa6d1670303841052a35c807cdefee07b8fb368c877da6f521b425f94f
Zero Day Initiative Advisory 09-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the IIS web server listening by default on TCP port 80. While parsing POST variables, the vulnerable process copies the contents of the Template parameter into a fixed length stack buffer using a vsprintf() call. By supplying a large enough value this buffer can be overflown leading to arbitrary code execution.
b7a1cab9b73a91e2a37ba05f42c370d2cfc6f64a25eed063552cf99883511283
Zero Day Initiative Advisory 09-095 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the snmp.exe CGI executable accessible via the IIS web server listening by default on TCP port 80. While parsing POST variables this process copies the contents of the Oid parameter into a fixed length stack buffer using a sprintf() call. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution.
9dfe9d8b1a33f43c8cb51046a6d15dc01d833dd7b15cfdde66985e2e820ac464
Zero Day Initiative Advisory 09-097 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the IIS web server listening by default on TCP port 80. While parsing POST variables this process copies the contents of the Template parameter into a fixed length stack buffer using a strcat call. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution.
0c230958740a35c21d0869c9cd1233cf8383a039a07970de78fbfb4aeb4e5756
Zero Day Initiative Advisory 09-094 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard's Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaws exist within Perl CGI executables distributed with Network Node Manager (NNM). Several of these applications fail to sanitize the hostname HTTP variable when requests are made to the NNM HTTP server which listens by default on TCP port 3443. By supplying a pipe operator a malicious attacker can insert arbitrary commands that will be executed on the remote server.
e1d792b1b389375f89ef389c449e85b1221397cc5abcc929d2f86c11318013d0
Zero Day Initiative Advisory 09-093 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page or open a malicious SWF file. The specific flaw exists in the generation of ActionScript exception handlers. In Verifier::parseExceptionHandlers(), a large value for exception_count will result in an integer overflow condition leading to a memory corruption which can be leveraged to execute arbitrary code under the context of the currently logged in user.
1d7637f8dcda17452e5aeb74896ae0f9066a049dca139f3bfa7331a75825e114
Zero Day Initiative Advisory 09-092 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page or open a malicious SWF file. The specific flaw exists in the parsing of JPEG dimensions contained within an SWF file. Due to the lack of sanity checking when calculating the frame size of an image it is possible to overflow a heap based buffer. Successful exploitation of this issue can lead to remote system compromise under the credentials of the currently logged in user.
135f46251318d37edfe18ccff13a7add7c4b9bd0f509d303fc509d4d24e5af08
Zen Cart suffers from a remote file disclosure vulnerability.
2d9cc7eb47dc4b8bd62a001d34062586144ec14593754e16da1fc61be7cf1203
Invision Power Board versions 2.x through 3.0.4 suffer from a cross site scripting vulnerability.
8a46e76274f2800f27e3d9e865aa8fa9c1fdc028ba434775bd668a0212368029
Running DISA SRR scripts against your server can get you easily rooted. They run arbitrary binaries discovered on the filesystem as root. They apparently need another Security Readiness Review script to first audit their own Security Readiness Review scripts. This is an update to the previous finding, documenting that although a fix was attempted, it failed.
f673f52c73b3976d29097777a7b7e4f7a112b97834ac0ca5076c16ccc63480f0
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS). Yes, HP has just patched a bug from 2002. Better late than never, I guess.
bd8963cfb2f658fb813b742f0223f978d5048fac3de0439256b00df2a62e609c
Mandriva Linux Security Advisory 2009-328 - Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled certain malformed NTP packets. ntpd logged information about all such packets and replied with an NTP packet that was treated as malformed when received by another ntpd. A remote attacker could use this flaw to create an NTP packet reply loop between two ntpd servers via a malformed packet with a spoofed source IP address and port, causing ntpd on those servers to use excessive amounts of CPU time and fill disk space with log messages. This update provides a solution to this vulnerability.
04933083a65371fdd2f4b01740b0e330568ee4a0a8655c66a0bda801808d0605
Ubuntu Security Notice 868-1 - It was discovered that GRUB 2 did not properly validate passwords. An attacker with physical access could conduct a brute force attack and bypass authentication by submitting a 1 character password.
c47c0bdbba6c8195bc69b9aa6e3b23341564fa4002b4085d2e1046ed1b25d2a3
iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling.
6e732798cad62163d6e033aa52e22b771246556a230c0f66cd33fe69e96d72a4
Real Estate Portal X.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0a69e51d13580fd6df949280ba369c2749ce44a0f7020deab1f24f218dfe9aba