Ubuntu Security Notice 1182-1 - Yoshihiro Ishikawa discovered that the Samba Web Administration Tool (SWAT) was vulnerable to cross-site request forgeries (CSRF). If a Samba administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the Samba configuration. Nobuhiro Tsuji discovered that the Samba Web Administration Tool (SWAT) did not properly sanitize its input when processing password change requests, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
b5365411c65e521113377455a95fb0f5eb3b5f1438e32a7b5c8c7fb63e1875c2Red Hat Security Advisory 2011-1106-01 - The kernel packages have been updated to address a vulnerability. A flaw allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
d2511485720906fd14fc2a3f975c01b817038b49d64c90f52a352c78915e2b1aDigital Whisper Electronic Magazine issue 23. Written in Hebrew.
808bef75f9f92f4a824dc27916a418683b3932202291c50b278dac977d0ed626This whitepaper details the ins and outs of return-oriented programming and DEP bypass.
cd7c52e6aacd9baf229c258107646cd9b87b0fd8eebc7072ca57f5903e148874System Werkform version 2.0 suffers from a remote SQL injection vulnerability.
885c01f00d03554a914bdbb499c296759662718182582d6ebcca7d7eb11dcc99The Facebook mobile system suffers from a user enumeration vulnerability.
3019482c64ace86e5a5026e090506cf5b63a6a4f5f8fda853511567dad32241d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed