The Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal. This flaw allows remote unauthenticated attackers to retrieve arbitrary files from a vulnerable system.
5a48883e4d200a10e1774f45868e05ed75591ac5a5d9a45c78dfc259425d59a1WP Forum WordPress plugin version 1.7.8 suffers from a remote SQL injection vulnerability.
3ce54b65194268dcf08fefc8a0a9ef01807a64204997c1b84d87ca38d9c206d5Mingle Forum WordPress plugin version 1.0.28 suffers from cross site scripting and path disclosure vulnerabilities.
77e1d1a7404be9664728b2c966c2bef18b65b04543fe9c26c9a19e9d56b6ebf8Question and Answer Forum version 1.2.4 suffers from a cross site scripting vulnerability.
9b03020c6a597505795573d573abb3cb61ed7165ad9ee1807ec49b9a29c42fa3NextGEN Gallery WordPress plugin version 1.7.3 suffers from a path disclosure vulnerability.
849178db2d3230a35c8d60183e3360e457fc00639e7e2251b87cf8cb6dea4ab1Debian Linux Security Advisory 2163-2 - The changes in python-django DSA-2163 necessary to fix the issues CVE-2011-0696 and CVE-2011-0697 introduced an unavoidable backward incompatibility, which caused a regression in dajaxice, which depends on python-django. This update supplies fixed packages for dajaxice.
641929e40a00a7714aad93d3dab94f2b66a080094f8e3369c64df3bfdc53dfdfForritun Og Honnun suffers from a remote SQL injection vulnerability.
c6811f4d6cf79008bc53caef8bc1fe796d1e827a7aa2fac4eed131f45272aa7aJomsborg AB, Sverige suffers from a remote SQL injection vulnerability.
54d3fc6e9650e0fb3f762223a9550f8f9dc817ed2e686c98aa3762db53fdb476Slowbrute is a slow SSH brute-forcing utility written in Python. Paramiko must be installed and if Tor is being leveraged in order to anonymize the scan, run it at 127.0.0.1:9050.
246f2736f830b35ba9fbd27adbf3c1c10ecc3d92b86bd6fedfac43078b095acbSnapProof suffers from a cross site scripting vulnerability.
9b1acd377801d4b56f4d748b041cedee8f151c98173521f4319ea8623654ee86HP Security Bulletin HPSBUX02633 SSRT100387 - A potential vulnerability has been identified with HP-UX running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
5372933645f9dbd222ca1a21d57d8a811d3b89aff405419530d097d670761adbVsftpd version 2.3.2 proof of concept denial of service exploit.
97bc1d3ccc743031a4f8c24295844c75945d7dc113934134a417a91e26c8a749This archive contains all of the 262 exploits added to Packet Storm in February, 2011.
e4b937f617fb0862a6eb33c43075b9ff602b8478885d556f3ef2fd3f5c1723f0Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
f352a1a8ffa469ae251324f89386074074bcffef1a7c6a72caa7e4c2d12ce109Linux kernel versions 2.6.37 and below local kernel denial of service exploit that leverages a divide-by-zero error in tcp_select_initial_window when processing user supplied TCP_MAXSEG.
f20e0d2ebc4ff05467a9771775dda2115edfe394b7365dba0410ad1d236a4eabVsftpd versions 2.3.2 on NetBSD and 2.3.0 on Ubuntu suffer from a remote denial of service vulnerability.
582c1d1692bc5d0b1eb73bec75e387f99e33527b0bb2b8270799c9b544858506Ubuntu Security Notice 1079-1 - Multiple openjdk-6 vulnerabilities have been addressed. It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM. It was discovered that the Java launcher did not did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program. It was discovered that within the Swing library, forged timer events could allow bypass of SecurityManager checks. Konstantin PreiBer and others discovered that specific double literals were improperly handled, allowing a remote attacker to cause a denial of service. It was discovered that the JNLPClassLoader class when handling multiple signatures allowed remote attackers to gain privileges due to the assignment of an inappropriate security descriptor. Various other issues were also addressed.
675d0308ed338b1cf506b437119680a9688b4b8b8a44d555acc084f28eb3fcd5Ubuntu Security Notice 1078-1 - Dominik George discovered that logwatch did not properly sanitize log file names that were passed to the shell as part of a command. If a remote attacker were able to generate specially crafted filenames (for example, via Samba logging), they could execute arbitrary code with root privileges.
0f547aa43b22177b3cdef403c9b0e44b89e5196125c31c09f67ed05eff3feaf3Proof of concept exploit that demonstrates the Microsoft Windows XP WmiTraceMessageVa integer truncation vulnerability as described in MS11-011.
e31bad28776892e292acb8989472895fc26f1565c00e163191c7322984a43a3b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed