Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people to cause a DoS, and by malicious people with physical access to potentially compromise a vulnerable system.
71925c8d31fd9cd4679982b545baa1c67928235b1c90231e5426bb83b03f9595Secunia Security Advisory - Aung Khant has discovered multiple vulnerabilities in Elgg, which can be exploited by malicious people to conduct cross-site scripting attacks.
6bf278a319d272bfbe4242f74262cb9c942bfb684f70e1139b2fed8afd7b4dacSecunia Security Advisory - A security issue has been reported in Android, which can be exploited by malicious people to bypass certain security features.
2147e1dec52f94edb8905c6903d2a474d2c4b7674b79c3aa50949adfa8246c5eSecunia Security Advisory - Red Hat has issued an update for foomatic. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
2fb5598cc26356cfe0b080d8905f61570812589e326e2c4f68d5e5398ba8d154Secunia Security Advisory - Fedora has issued an update for java-1.6.0-openjdk. This fixes a security issue, which can be exploited by malicious people to disclose sensitive information.
b00544c015021e7ace5a0139c812f7b51ad473415b7c26adfa92d10893c55659Secunia Security Advisory - Red Hat has issued an update for foomatic. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
13825ca021fd7c993ce0dfd7a95ee3210cf55eee7d81cda398e456ff66da2088Secunia Security Advisory - A vulnerability has been reported in ZoneMinder, which can be exploited by malicious users to disclose sensitive information.
54c422ee6d7e81e49d0524043d0fb7947768ffa767a8833aa4098ff5c27b0de1The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
45c3c379ea82e46d8efef9cbbe0afa8ae8df98e50f2642afcea84a86c83c5a50OpenSSH with gssapi-with-mic support suffers from a resource exhaustion vulnerability. It is possible to provide any value to the xmalloc() function, which is a simple wrapper to the malloc() function. This forces an application to allocate a huge amount of the memory (4GB?) and naturally exhausts available resources. Repeating this attack, by simply open many session, can kill the server.
65e738aed80888821cfc7b7291b21f403013fd57e28e24c9a17233bbb9662c26Red Hat Security Advisory 2011-1111-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 5 Update 4 has ended.
6ee296df7b45070ab8464e5d8c2d287f2d4b7b6258527ebc32c356cf083971a7This program listens for sound. If it detects any, it starts recording automatically and also automatically stops when things become silent again.
ae08c0b3cfb4c38eaa0188b375c0e4c868f66c5706e33d33e210cd0320e035bcZoneMinder version 1.24.3 suffers from local and remote file inclusion vulnerabilities.
f2bd0793497381b0784b61112281cc17821105867892da3745ddfa649c8ef724Red Hat Security Advisory 2011-1110-01 - Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. The package also includes spooler-independent command line interfaces to manipulate queues and to print files and manipulate print jobs. foomatic-rip is a print filter written in C. An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user.
bf2a0d2891b928c7b977295661c8fff476228de2eb96064d02635d55f69b5f8bCMSPro! version 2.08 suffers from a cross site request forgery vulnerability.
8f5e6f4675a3b0935ec4eef5a3d6e448ddc6311dcf82937862badcc119d7e112This whitepaper gives a short inside of hacking Mifare Classic. Mifare Classic is a inexpensive, entry-level chip, based on ISO/IEC 14443 Type A, 1kB or 4kB. It uses the 13.56 Mhz contactless smartcard standard, proprietary CRYPTO1 with 48 bits keys. There is no protection against cloning or modifications. Anyone with 50 EUR reading can use this weakness against their infrastructure. This cookbook is a proof of concept demonstrating how easy it can be done.
34058b51ffe60be571159ae28553f0c9800c257cd29526503c9bdf9913b6d848The abc.go.com site suffers from a cross site scripting vulnerability.
b1f269845ed280cb2f3cb12b4bfc595e165e2f5514fe02cb64bc8c8e4e7ec2fdThe cn.zynga.com site suffers from cross site scripting vulnerabilities.
b7ede883c20891e329d37c0bde83d20e5075925917faea94fb9577c7be2fbb4a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed