Mandriva Linux Security Advisory 2011-103 - Stack-based buffer overflow in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. Stack-based buffer overflow in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself. Stack-based buffer overflow in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a long Foreground field in a plugin configuration file.
a9707df186667e960fb7bcccb9b44257753c19aac46b92c0e7a54f39a8f4c029Cotonti versions 0.9.2 and below suffer from a remote blind SQL injection vulnerability in users.php.
8b857580d193e31504d88a424f28241570185469ca0ab375eb935a749fd65e67Cotonti versions 0.9.2 and below suffer from a remote blind SQL injection vulnerability in forums.php.
bd9910b77c5d99b02082c7bd71375236d0edd0a63a4ff84bccd2a2d2c50821acDebian Linux Security Advisory 2246-1 - Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder.
ba3a5abdd8001f5ec154d30befa0306d62a84e4263dc60f203fbe254133a260fDebian Linux Security Advisory 2245-1 - Several vulnerabilities were discovered in the Chromium browser.
95d73137a834ded9030bb360069113dddf15ccd4c1c7e7324bd1bff59ee266d2Mandriva Linux Security Advisory 2011-102 - Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a. in a pathname.
e95e4028e63acc2a106410223cc65ea955c645b12d8dd36b9ac2e57235d52189Gadu-Gadu suffers from a man-in-the-middle vulnerability that allows for remote code execution.
ede23e4dcb6d4a79c96cf3cc1f607fdb0cfd0d9de0378853dca7264cec08c912Poison Ivy version 2.3.2 remote buffer overflow exploit.
5b3216c88aa8ecb57dc333701bd9328faa889c21e0e43688f483d216b3c65eeaGuru Penny Auction Pro version 3 suffers from a remote blind SQL injection vulnerability.
71ed018cec5ed63cc172174389fdb02cb194955bf0bb7302b198ce5c62130640Duhok Forum version 1.1 suffers from a remote SQL injection vulnerability.
12c2bd7d2231495101cf8d039cc376e07964ec005f0a39bac308c951521016f0Joomla JMSFileSeller component version 1.0 suffers from a local file inclusion vulnerability.
e935372257a3e73870aae7652b89def888c1b4e53016c2e5e61a49173d744c35Call For Papers for the 7th edition of the Ekoparty Security Conference being held from September 19th through the 20th, 2011, in Buenos Aires City, Argentina.
5519d305746aceb7de9f32a8248f9eb33f127d1b4c36c0254c6b1cab2a583b9dTwo shellcodes for FreeBSD/x86 that perform execve('/bin/sh -c "reboot"').
3bd000b32b1f9ee525b704f044dac18d1b44ec62b624c73b1cd4f4a817928fa4Cotonti versions 0.9.2 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
9d0bcae92d5f817235eadbfd0c19094dca6ee95409e6850dad8195904cfecb5dHP Data Protector Client remote code execution proof of concept exploit.
951db48f45c071586a2510454c9514403bde6360de72d224a170ce5b8cc143dbSecunia Security Advisory - A vulnerability and a security issue have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions.
baea630fbcf85c09b4e4403fe1523e283d1461b0890b664e5b7ab50742dabb4bSecunia Security Advisory - Fedora has issued an update for systemtap. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
93b02196aa223bc626e9fccb91cfdd1af22b8cac4aee55fe5db953404af0ee61Secunia Security Advisory - Ubuntu has issued an update for dbus-glib. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security features.
28286e0752f1af2575d13dd78502de0dd65dc4223cead54188ebc464a267f715Debian Linux Security Advisory 2244-1 - It was discovered that BIND, an implementation of the DNS protocol, does not correctly process certain large RRSIG record sets in DNSSEC responses. The resulting assertion failure causes the name server process to crash, making name resolution unavailable.
1d5d9062a169179cd4ddf94fe0a3ecabc58a694c5253fb7da52827e2d41efd17Debian Linux Security Advisory 2243-1 - It was discovered that Unbound, a caching DNS resolver, ceases to provide answers for zones signed using DNSSEC after it has processed a crafted query.
e9b7b8f531d7f0bf62453a71f0ee84e29f0c50968fee5a72a1b77af5437f7843This paper, called Security Implications of IPv6, was published by CPNI and is a collection of security implications to think about while transitioning to IPv6.
c237c137715ec6c6b22b18847817cae159ad2b52af7a8aac8da06ea03c3945fdApache Archiva versions 1.3.0 through 1.3.4 suffer from a cross site scripting vulnerability.
5efbf8901967ec7d67fef99169880a4eb9b5f7f796e2016b76d3c042d56f0674Lil' HTTP Server version 2.2 suffers from a cross site scripting vulnerability in a default CGI script.
1cd00218bbd303ceb7a7c683ad4f9e471fe94b3e8bd6679f9bf4aab7ee9035d7Proof of concept cross site request forgery code that adds a user for cPanel versions prior to 11.25.
a024c484981bd080759beb56b4616306d09fd3038a7cbfbd27ace111d7c4bed6This is a brief whitepaper discussing tools and methodologies used by black hat hackers.
99cb5168fe73f25bc8cebea491434ac4136ad39ade7060bd9bca61721ecbea5c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed