Secunia Security Advisory - VMware has acknowledged a security issue in VMware vMA, which can be exploited by malicious, local users to potentially gain escalated privileges.
8f5018b833acb56f430ac9805d2ae7154b3df46d08d7dd5f1e7059d5cc0fd873Secunia Security Advisory - VMware has acknowledged a vulnerability in VMware vMA, which can be exploited by malicious people to potentially compromise a user's system.
14f0529d79b641358834f8714d17f19f3d5a9406bb6a3355b1767704326a236fSecunia Security Advisory - VMware has acknowledged a vulnerability in VMware vMA, which can be exploited by malicious people to cause a DoS (Denial of Service).
697ebb9c4454d3763a2ad39ff8603927741b7be24ef40661af1960f7b0f6a250Secunia Security Advisory - VMware has acknowledged some vulnerabilities in VMware vMA, which can be exploited by malicious, local users to disclose certain system information, overwrite arbitrary files, bypass certain security restrictions, cause a DoS (Denial of Service) and gain escalated privileges, and by malicious people to cause a DoS.
d696a6d82dc2d3300fc2b1ea532e644644475309765f2182f4c4665132271680Secunia Security Advisory - John Leitch has discovered a vulnerability in Home FTP Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.
892d4f78a222efeed8f9209e75e3d46095191978206540e48c09b2212e1d8ae8Home FTP Server version 1.10.2.143 suffers from a directory traversal vulnerability.
2f06167fdaf06832de2d57613482d2f70c245cc8a54490e2dce55331794214d6The Joomla MediQnA component suffers from a local file inclusion vulnerability.
f1fd1e83c30ec62f15640c3fe8320ec21d9f762d088688d6c6ef96b898ddd999Mandriva Linux Security Advisory 2010-110 - The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a denial of service (crash) via a malformed PDF file, related to an inconsistency in the calculated stream length and the real stream length. Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote attackers to cause a denial of service (crash) via a crafted PE icon that triggers an out-of-bounds read, related to improper rounding during scaling. This update provides clamav 0.96.1 which is not vulnerable to these issues.
8265db2be8f314e34b496a700d50e5bbb34294ef05e4b5aa3d2947737ecefc69Whitepaper called Cross Site URL Hijacking by using Error Object in Mozilla Firefox.
993115eaca328415779f0ad41ec21241e1acdc72bd095710c3cc2939a0d118f5NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
72a518658d17a8e88988867f00b4bfd8e5da11e3ca2bcff97091c5f435a13b7eUbuntu Security Notice 945-1 - It was discovered that ClamAV did not properly reallocate memory when processing certain PDF files. A remote attacker could send a specially crafted PDF and crash ClamAV. An out of bounds memory access flaw was discovered in ClamAV. A remote attacker could send a specially crafted Portable Executable (PE) file and crash ClamAV. This issue only affected Ubuntu 10.04 LTS.
cc7d52c9fd696386c5ee3ad281de63e4fe60807ff4ac7374646f205fcc5e26d7Nginx web server versions 0.6.36 and below suffers from a path traversal vulnerability.
c8c2faee0dfc75f1004b96cc34f362329297ccf297f8d880789ce34e25330c4cHampshire Trading Standards Script version 1.0 suffers from a remote SQL injection vulnerability.
bf5accb6ef4abd93273fda1984d76e43f10600b9f9d496fa5590c82eaef7ea88Mandriva Linux Security Advisory 2010-109 - gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times. This update fixes this issue.
fd37a0333074f22843b9284dc068deae15fe1b07943400355e8d7a51c292c24dWhitepaper called Improve File Uploaders' Protections. It focuses on Windows-based web applications.
803f2abcacda9201f41388593ce11f07255874a6d23932ff67d843faf023b0feFreeBSD Security Advisory - The NFS client subsystem fails to correctly validate the length of a parameter provided by the user when a filesystem is mounted.
70736852d69a5ba3339928319cc037983dc3817d723837db593e3435317fcb66FreeBSD Security Advisory - The jail utility does not change the current working directory while imprisoning. The current working directory can be accessed by its descendants.
b2bcf78251c6486bcf6a16cbff4254da82066d5d6d8dfee5d7e784cbe34d6018Game ID version 1.0 suffers from a remote SQL injection vulnerability.
7e617a391cecdcf87c213607ed72b4dac49d2f608a91bd563b6d7eafc7c7c757Whitepaper called Finding vulnerabilities in YaFtp version 1.0.14.
df7b6114136d60935a464739865eac6e7866ddee528d58b47d356fb5c6881b15PPhlogger version 2.2.5 suffers from a remote command execution vulnerability.
2c7bcbb9af03ec5b07e6d5fd76175cb282bcc673f7dfed5c734c7636475ab55cFreeBSD version 8.0 ftpd off-by-one proof of concept exploit.
a17d270d62782bdb0279584ea2dad8c8fe353c35767657f09ffda201da15d4f5FreeBSD Security Advisory - A programming error in the OPIE library could allow an off-by-one buffer overflow to write a single zero byte beyond the end of an on-stack buffer.
131cb41ee3226c91716b15316e0d2870cb7092520923a4ace9a5c051500f74a1Toronja CMS suffers from a remote SQL injection vulnerability.
34b152273c98f38125d61654baca295f4d75fa8ca70a3c6e90716ce0ac145e20GlobalWebTek Design suffers from a remote SQL injection vulnerability.
0747a87831a2495367a82497ae885cb7a53aa31cf1093904ba42e92da40b6792Realtor Website System E-Commerce suffers from a remote SQL injection vulnerability.
66261d56f25fc0c21c19aa2f2a10dcdc01a4db5549ba2394a4961579e194a0ec
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed