Insomnia Security Vulnerability Advisory - The ODBC service component of IGSS listens on port 20222/tcp by default. The application layer protocol runs over TCP and reads an initial packet that specifies the amount of data to follow. A second read then takes place and the data is copied into a variable length buffer. Next the data is parsed and during this process a buffer overflow occurs on the stack. At minimum this vulnerability leads to denial of service though remote code execution may be possible.
9b00196dabcaf93182f5a536e6c2c63ee2b1c359b79ac0f8472802f7bb57d00fOnapsis Security Advisory - JDENet is a network communication middleware that performs network communications workstation-to-server and server-to-server. It is used to call remote functions, to authenticate users and transmit information between hosts in a JD Edwards environment. If a certain type of message, containing a specially-crafted Unicode data packet, is sent to the JDENET Service, the JDENET Kernel executes a system call, using a user-provided value as the time parameter. This causes the service to stop responding for a period of time.
79b3c65811e59b25443d9a05f8600c42cb7d9ecd8b95e729190c1172ccc7e3e8SE Software Technologies suffers from a remote SQL injection vulnerability.
55e2527e04b3dd937b6c340e1c1d15332b0a0cd8c58364aa23c1e143136b0a4clibmodplug versions 0.8.8.2 and below .abc stack based buffer overflow proof of concept exploit.
dbfed6a7a58ca7e45c3fb022dda6012d48c3db31b77600aca3592fc6e32e19c4Onapsis Security Advisory - It has been detected that the SAP Enterprise Portal runtime presents descriptive error messages when special HTTP requests are processed, returning information about the filesystem structure were the component is deployed in the target system.
d62881883bf04e378522bd7017f63f180b0724bc85d732833c2b6efad9db3923Onapsis Security Advisory - The SAP Web Application Server (WebAS) is the application platform of the SAP NetWeaver, which is the basis for the other NetWeaver components. With the SAP Web Application Server you can implement both server-based and client-based Web applications. It has been detected that the ITS Mobile Start service suffers from input validation vulnerabilities and design weaknesses, which can be exploited to perform XSS and arbitrary redirects attacks.
4973dde1444f7ea1451bf61d92f93f460d71a3e5898a4dae972e180aaafefe31Onapsis Security Advisory - The SAP Web Application Server (WebAS) is the application platform of the SAP NetWeaver, which is the basis for the other NetWeaver components. With the SAP Web Application Server you can implement both server-based and client-based Web applications. It has been detected that the ITS Mobile Test service suffers from input validation vulnerabilities and design weaknesses, which can be exploited to perform XSS and arbitrary redirects attacks.
b1a16e8fafc41fd2fd523be4fe06a2088738ea8be3c1a1f316e68006cd95226dJohn the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.
b821bac5059a3cdc8beb9a715691a9a412db4947345adb7f88eda2fa93293030xMatters AlarmPoint Java Web Server API version 3.2.1 suffers from a cross site scripting vulnerability.
4d18669ab73ab6d9de1600f56c01ff07b87a8ca67c7effa5cd907e1b5db3d0a5CMS Made Simple versions 1.9.4.1 and below remote shell upload exploit.
92049434cb2bd8f6a583baeff7f79abf85cc49fb49fe0162f4718be889ed112eClanSphere version 2011.0 suffers from shell upload and local file inclusion vulnerabilities.
4d1a95b9a80050f14fb1622f4741629ba579c1e41dbf79ffe972075e3ddf73e6Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
7970b7e093607d27d757175767c03080bd3d08df8b6851c188d2805d018cdcf9Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
7970b7e093607d27d757175767c03080bd3d08df8b6851c188d2805d018cdcf9Secunia Security Advisory - Ubuntu has issued an update for pcsc-lite. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
3de961338a15c0086a0dc059c9ae0027fbdbb0f21084e28924c47b8191fa3f9cSecunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct spoofing attacks, and potentially compromise a user's system.
5c56aba1f06ba83ef23a4b1c2183d7e60fb3b5bf39a4240549d045d2437aa3b0Secunia Security Advisory - Ubuntu has issued an update for rsync. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
4c4d75caeb4ab1fd5582ab3ea46b0da4075755138a24075d5eed807348d7aca4Secunia Security Advisory - A vulnerability has been reported in the Node Reference URL Widget module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
463f4a3157492be3ed7c80df3c7e7610e387ff68f9f80804eedacae44bf921e3Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS, and by malicious people to cause a DoS and potentially compromise a vulnerable system.
de9c3b2221db875d98f910a285a45f7e56064c68b216b0c484db1ad8bb6b921bSecunia Security Advisory - Acidgen has reported a vulnerability in MAGIX Music Maker, which can be exploited by malicious people to compromise a user's system.
a46457fc073ebbde94209c81d4dac707a57a5462cd5dd4db1b10e01a8b4e620aSecunia Security Advisory - A vulnerability has been discovered in Subtitle Processor, which can be exploited by malicious people to compromise a user's system.
9f9c3c197aa6dd56a59bf421cd5c1bac4d00d552c81fb3cab3bb26b661fbd741Secunia Security Advisory - A weakness and a vulnerability have been reported in CA Arcot WebFort Versatile Authentication Server, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.
fc40b866f4dd258b7d2d332feaf3614b3d1fcf7f24d61e260ceadb9d1db09654Secunia Security Advisory - NetBSD has issued an update for dhclient. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7898fe4840fdfff9ef75b241e2022402fa4b617340bbef3fecdbdf34ab8e0a94Secunia Security Advisory - Debian has issued an update for asterisk. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
0dbff8d1287ff9d820a2f26d4c6a97775867021a4e27bf410835f0021588d9afSecunia Security Advisory - Debian has issued an update for libmodplug. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
c0aa196f16f51df1be0900e57ab990970adc249eb098dad8738ae55a02dbee4cSecunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Advantech Studio ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
0922c1f183edaf0cebd923a4eefed01bf570b184f870700a384f86d073b53906
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed