Secunia Security Advisory - Debian has issued an update for apache2. This fixes some vulnerabilities, which can be exploited by malicious people to gain access to potentially sensitive information and cause a DoS (Denial of Service).
c4ce7eec0616d3488541e67050dc5be3be50de1c73c602792c5e7ee4c2485016Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in e107, which can be exploited by malicious users to conduct script insertion attacks or to compromise a vulnerable system.
49123e7fcfbdcd34b94ca961d9f0a69034aea1dae73cf1ad362a5eb21c9371fcSecunia Security Advisory - Debian has issued an update for kdm. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
b2a2990e78ed5573402f8f6828864c1ddac30c8dc2bcd70e826bf151b2d29de2Secunia Security Advisory - Some vulnerabilities have been discovered in openMairie openScrutin, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
56330adf544fc5a9b4ed5fe33b48767eb92532da489d18694b848a423043efb9Secunia Security Advisory - Debian has issued an update for pidgin. This fixes some weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service).
7eb5576a3be0f85defad90eee90369257be958aab1ad079f0c1a53e5a63a033eSecunia Security Advisory - Fedora has issued an update for openssl. This fixes some vulnerabilities, where one has unknown impacts while others can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service).
804c6e13bb3ec5f95274898d3e2f75ee6075546f4b342cbd3ef1852b4d21a247Secunia Security Advisory - Two vulnerabilities have been reported in AgentX++, which can be exploited by malicious people to compromise a vulnerable system.
fb34f14423a0eb13479ff52b8773e9b0b8ac3836fe1de3f6c8ad439d49765773Secunia Security Advisory - Fedora has issued an update for kdebase. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
7502eb06b99d0dfeb6bcb0e3bca59f762deb77442376149b4a7cb26cbea8e54cSecunia Security Advisory - Valentin Hoebel has reported a vulnerability in the JoltCard component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
e3400a155f888100f9955b1def61e3da44a2009028631e406fed277d74913a95The Joomla GBU Facebook component version 1.0.5 suffers from a remote SQL injection vulnerability.
d9cfb90388cc56dba60fd7eb6a09c8b3e44303637719ffe14aaf5f340b3812acsudoedit as found in sudo versions 1.7.2p5 and below fails to verify the path of the executable and therefore allows for an easy to exploit local privilege escalation vulnerability.
a12883304c4dce1e37de911cb644e89a0c117cf64d9679955b98211211bdd18aUbuntu Security Notice 932-1 - Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.
4372a4aff4c5766652268cb33f145075be19e371399eba24f8aed1555bfe6f26TweakFS version 1.0 stack buffer overflow exploit that creates a malicious .zip file.
905ad02a613f983dda9eaae9bab76456411f4e51d7ef6ac4c81902c6d115408aReFrameworker is a general purpose Framework modifier, used to reconstruct framework Runtimes by creating modified versions from the original implementation that was provided by the framework vendor. ReFrameworker performs the required steps of runtime manipulation by tampering with the binaries containing the framework's classes, in order to produce modified binaries that can replace the original ones. This tarball includes both the binary and source code releases.
0150edfe2da9666ab255444c54509fb5f54575c6e51ee5e18f42df461e8bee05Secunia Research has discovered a vulnerability in e107, which can be exploited by malicious users to compromise a vulnerable system. An error exists in the handling of file uploads for avatar and photograph images. This can be exploited to upload and execute arbitrary PHP code via a specially crafted image file with a ".php.filetypesphp" extension. Successful exploitation requires that "Public Uploads" are disabled (default), but uploads for avatar or photograph images for users are enabled, and a certain server configuration (e.g. an Apache server with the "mod_mime" module installed).e107 version 0.7.19 is affected.
45428821d57d683fe1349074f3b121de28a05956ea85e81aa8b952bc93652c39The Joomla iF surfALERT component version 1.2 suffers from a local file inclusion vulnerability.
8991125b0c29e0b5e4fffbc1226069b29359aab85e2b985e261fc55240e30f52Mandriva Linux Security Advisory 2010-082 - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka.Q) compression format. NOTE: some of these details are obtained from third party information. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides clamav 0.96, which is not vulnerable to these issues.
eb840d0860c67dd281facb646f931facd1346a2f4f7d2636f450384c9134a3b0Mandriva Linux Security Advisory 2010-081 - A race condition was found in the way mod_auth_shadow used an external helper binary to validate user credentials (username / password pairs). A remote attacker could use this flaw to bypass intended access restrictions, resulting in ability to view and potentially alter resources, which should be otherwise protected by authentication. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.
9728cb8ba5f7338d78acd40572d815abe86c8eecb05818ae0a772387c321b136
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed