Debian Linux Security Advisory 1978-1 - Several remote vulnerabilities have been discovered in phpgroupware, a Web based groupware system written in PHP.
69f85bade634aaa80b3a1ffe6f5ddcafd82e697ba944c468ffbf9fa38537dbddWhitepaper called Methods Of Quick Exploitation Of Blind SQL Injection.
c69a4c103d432b2d88223df4dc98088b20c316605edf6809bd15d959593d2fd5LookMer Music Portal suffers from a database disclosure vulnerability.
a3ee94babad164467618891403ee460acf6ea0ce265ec1b2dc0617c058fd9c7bBasmi Okul Scripti suffers from shell upload and database disclosure vulnerabilities.
4862a4f33b48b143c77d2cf8b1b48377ec8d80bb4ea2eef7e2809cb304ab5dd3Discuz! version 6.0.0 suffers from a cross site scripting vulnerability.
bc946b356870b8085d969310360a71bc24171d2134452572fcd12fdece9df47aMandriva Linux Security Advisory 2010-026 - libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does not properly handle a \\'\\0\\' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
d24aa6b26a33a379ee5a3aeb6a16a1856818804de3fa37eae392f97c6825290aUbuntu Security Notice 890-4 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for PyXML. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.
42a2daccd8cc1406010126b963ee66d202639413a9de1bb48654443115f644d7UGiA PHP Uploader version 0.2 suffers from a shell upload vulnerability.
f8b27d4b44d0f381b3a521dd8e4bb36a8ac5308048e9d8bf34b12f6a9990bde6This Metasploit module exploits a privilege escalation vulnerability in South River Technologies WebDrive. Due to an empty security descriptor, a local attacker can gain elevated privileges. Tested on South River Technologies WebDrive 9.02 build 2232 on Microsoft Windows XP SP3.
d1b1cd0b24c521c3ac658150a5658356bf2ad8fce479a3690ef93ddb1ce99210KOL WaveIOX version 1.04 .wav local buffer overflow proof of concept exploit.
4c9d7c267dc16e081588cd99eab9a6bc279c175609e568fe2dc4497dc8f21c51KOL Wave Player version 1.0 .wav local buffer overflow proof of concept exploit.
a8ef8bc0c251dbfab265c626b091962902c509e4cad875f7b9efb517bd032906This perl script is a simple encoding utility that converts data to Hex, Unicode, etc.
2b30fb69bb60fef848c4afa61d58fad18d20e6e793de647d90fe8fd5c59c4af2The IBM DataPower XS40 Security Gateway suffers from a malformed packet denial of service vulnerability.
22f95689d88e5a8859a94456da4be2b3876d90089600c32767be934074c15957Microsoft Internet Explorer versions 6 and 7 local crash exploit.
4919b1da84a18ee8dd1946be9767fbd69d36552aef4bed91d749811ec7aa7886Secunia Security Advisory - Trancer has reported a vulnerability in cPanel, which can be exploited by malicious people to conduct HTTP response splitting attacks.
a7c37a1685d9a31cc59ef4367bb453cb4f7de21dd5869597f71ee3e509b6f7f3Secunia Security Advisory - A vulnerability has been reported in yaSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
bb7784179150a0693fe149a19bfe158575e7985a64d4f6d3afaf6563bf408ff9Secunia Security Advisory - A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious, local users to bypass certain security restrictions.
f71dd45568764812b2462e52e2193e8989f5193f8d943c2b8c21305b7a18e79bMozilla Firefox version 3.6 suffers from an arbitrary setting of Personas without user interaction.
c0a381292581d3fcf994fd260f74219521dc77f1c33df1488cff34970457cc73Secunia Research has discovered a vulnerability in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a use-after-free error when trying to display a blocked pop-up window while navigating away from the current site. Successful exploitation may allow execution of arbitrary code. Version 3.0.195.38 is affected.
ca51a53be3e2be60a135aef75af0e1b2b44ab80b91e0ccfa337b8c33ef7be350Joomla version 1.5.12 suffers from remote file execution / local file inclusion vulnerabilities.
a835dff9a8ce1c69ba0f9042398b4a9f1c7a7e1357438f432017e7ac275354b2Joomla version 1.5.12 suffers from path disclosure and local file inclusion vulnerabilities.
34c9c59dbb357a2b1cbbbe48015e34d9b35753de40daafbf09042cabbfe2a13fDebian Linux Security Advisory 1977-1 - Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that the embedded Expat copy in the interpreter for the Python language, does not properly process malformed or crafted XML files. This vulnerability could allow an attacker to cause a denial of service while parsing a malformed XML file. In addition, this update fixes an integer overflow in the hashlib module in python2.5. This vulnerability could allow an attacker to defeat cryptographic digests. It only affects the oldstable distribution (etch).
28197fcb1e4306a91d0fa3becafcfc0ced03343e6c675879be0de7506a38c77dPublique! Framework version 2.3 suffers from a remote SQL injection vulnerability.
b5c3513c8949c151cfc05bdfe1cd8973445f1bbc09b6cebdbedbef350dbaac2dStatus2k remote add administrator exploit.
0963d7f0df034726c05cd0e475a5566182a77d8c09f06d0ec2194f29055d6b8cThe login page of the F2L-3000 version 4.0.0 is vulnerable to SQL Injection. Exploitation of the vulnerability may allow attackers tobypass authentication and access sensitive information stored on the device.
0aa31d61a17571c0fb1db50bfa89f614672ac6e1de71f37e6ea906313453af1b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed