SmartFTP version 4.0.1142.0, Speak Aloud, The GodFather version 0.80, Vip Rumor Player version 3.7 and Wise Registry Cleaner DLL hijacking exploit.
0a8c2d9a9b6b25e76828d4528d063bf6d6e6d75f8d9314b1a6682e9bf35411b7Microsoft Windows Vista/7 suffers from a DLL hijacking vulnerability in lpksetup.exe.
0b0eb9feb6c3855164b908c8fb3a05f19029df2808703a991ee4ae4932833ec6Apache 2.2 suffers from a local denial of service issue on Windows.
a2ae731ec092009c52e197c594544de0d92bdc247403bbef73391ab3d382af0eUbuntu Security Notice 959-2 - USN-959-1 fixed vulnerabilities in PAM. This update provides the corresponding updates for Ubuntu 10.10. Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploit this to gain root privileges.
13fe9e17bf363b24f61bcc60c7749fd69ace6d3fc16fccaf18770b869c4188dbMicrosoft Visual Studio can automatically make an application binary planting-positive (i.e., vulnerable) even when the developer makes no programming errors.
c0aac373bffee68fe54e852d86ae18b53aec0d15a35e61bf4dfca325de3986f4NitroSecurity ESM version 8.4.0a suffers from a remote code execution vulnerability.
5a5dff0296b475d5d8af442fad48c87fe0e18e612bc44dab86e13d7fc361a66cWATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
7c1e710eec1da55d3deabf2188674969336e3a10322582883e32c802d758bd2eThe openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.
017e4bc4b19cd3e0ca1fe409fbd112062a5c83df08da20725b25002b83dedc46Mandriva Linux Security Advisory 2010-212 - A vulnerability in the GNU C library was discovered which could escalate the privileges for local users.
27824cb5ad39df45b578745df06ac49ee7e9dd151aff60c35aa46455813df0c3This is a phpBB remote file inclusion scanner written in Perl.
93a467b53eb62570fc5e92ff28d8edecb743efdb81ac154adda4586ccb58ad9cUbuntu Security Notice 1008-3 - USN-1008-1 fixed vulnerabilities in libvirt. The update for Ubuntu 10.04 LTS reverted a recent bug fix update. This update fixes the problem. It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor profile which provided partial protection against this flaw. It was discovered that libvirt would create new VMs without setting a backing store format. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue did not affect Ubuntu 8.04 LTS. In Ubuntu 9.10 and later guests are confined by an AppArmor profile which provided partial protection against this flaw. Jeremy Nickurak discovered that libvirt created iptables rules with too lenient mappings of source ports. A privileged attacker in the guest could bypass intended restrictions to access privileged resources on the host.
63476f7093bd4cdf143ecf0e6be3f36b4401d578678f83a81b45c064b91d554eUbuntu Security Notice 1009-1 - Tavis Ormandy discovered multiple flaws in the GNU C Library's handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges.
436a2e4feaa4238d9dba3a9f3b177ddc072f40c78aff95073498c45ecf37ac5c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed