osCommerce suffers from an authentication bypass vulnerability that allows for unsolicited mailing.
b9982ae7b67c17e621dd30b877cc77f1dbcf1eb0ccb066ecfb7e2b9dfdfab542Whitepaper called Stack Overflow: Automatic write() Discovery.
7dd20ddde34b4bd6b3184e835048ba165de8f2a67f78832df404359fc6900db5Whitepaper called The Metasploit Framework. It gives an overview of using Metasploit and is written in Macedonian.
036008cf890ff7cf679ba566708f3ad7df4541b2b777deb60594d8769699675bThis paper is a high-level overview of the threat space used during penetration testing and hacking.
918f60948d489c0585ead8648c0d9cce80ce8eb06b0aee3d219d723620a55bb8HTC Peep, the Twitter application found on HTC mobile devices, suffers from multiple information disclosure vulnerabilities where your credentials are passed in the clear.
e7c8c2ae22980fd16b583c0a29bf1d2d1bdaf5be93cd3d9c83b6e8d2789f811dUbuntu Security Notice 1058-1 - Geoff Keating reported that a buffer overflow exists in the intarray module's input function for the query_int type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user.
1ecb13ec368acb58d5eeddec7b9324ef46d5faf2653e8c9b20252e2b42468c10ssh2ftpcrack is a simple FTP and SSH dictionary brute force cracking tool written in Perl.
117bb96f36c8247626e9110c63097fe81c130b235dee0c2bec0d4bd579495eb1Secunia Security Advisory - Fedora has issued an update for asterisk. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
7d69415927c6954c577c69d6bb6628accf82b001dcca62b56f62a6e251a7d7daSecunia Security Advisory - A vulnerability has been reported in BMC products, which can be exploited by malicious people to compromise a vulnerable system.
221cb0c5ba636df00257194b8248901cc12d1c938c388f2f52278d22fd119d50Secunia Security Advisory - Two vulnerabilities have been discovered Serendipity, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
6da965d17b48726b6ebaa978530bcfeb3dbae95d5bb40252215f9b3d7d467b1fSecunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious users to conduct script insertion attacks.
854e3f118dc775b0674546478c38d70107ffc83ff4ef33fe1534aa932598e701Secunia Security Advisory - Two vulnerabilities have been discovered CMME, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
ebf79924a6ff27e20552b1dd4e77ffa1a3b483b84a6031447702fd4db6e90262Secunia Security Advisory - Two vulnerabilities have been reported in the Chatroom module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery and script insertion attacks.
4fda4e5800af010b6730367b8b5dcc02174a48e950c6de26ce1cfb59d86b867aSecunia Security Advisory - A vulnerability has been discovered in Techphoebe QuickShare File Server, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system.
ba4c9034defe584a9a7c57f1aa06c3307c319e0246910935b4d79d19f8a1442cSecunia Security Advisory - Some weaknesses and vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system.
4d2c717d68a0391e183e2a1578115110367ef3a896d939b982902e5ccf2625cbSecunia Security Advisory - Red Hat has issued an update for php53. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information and cause a DoS (Denial of Service).
76fdec4767d30ef2e93a294140370a067c1807274d35c109d7675523671784aeZero Day Initiative Advisory 11-039 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BMC Patrol Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the service daemon which listens by default on TCP port 6768. When processing the BGS_MULTIPLE_READS commands a user-supplied length value is trusted and utilized in reading arbitrary data into a stack buffer. By providing large enough values a remote attacker can abuse this to execute remote code under the context of the SYSTEM user.
061fd2006621751204cc17fe12eb1ffd328b359ff870d2a5f19e1d7788ff829dUbuntu Security Notice 1057-1 - Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy.
9a69c98fb0ad40a633e5492b8214a1d0050651faf008c16b90593fb3071e0bc6Debian Linux Security Advisory 2157-1 - It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution.
0805288cbab6faae214f58712edd9593ea0b1d674e40916709469f1f343a0b55Mandriva Linux Security Advisory 2011-020 - Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object.
547327952f428a6f8dc055831561535a3f2070163a0f177dc4fec33a8c279c56
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed