Secunia Security Advisory - Multiple vulnerabilities have been reported in Novell ZENworks Configuration Management, which can be exploited by malicious people to compromise a user's system.
6f7f22d50731afa6f63bcef6184558c702b2646db40a65ee5b7ec4b26e74afd0Secunia Security Advisory - Stefan Schurtz has discovered two vulnerabilities in Yet Another CMS, which can be exploited by malicious people to conduct SQL injection attacks.
55bb0ddac8a9750b1ec9d0dc5f983ca88d6c1edd46b2f07dcecb11fa54c1a84aSecunia Security Advisory - Oracle has acknowledged a vulnerability in Oracle OpenSSO, which can be exploited by malicious people to manipulate certain data.
eac25f844c023774bc7eb8a4285e513d1cfab8974972c309420fccc9e044b03cSecunia Security Advisory - Oracle has acknowledged two vulnerabilities in Oracle OpenSSO, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service).
ef903d62c886c68d46c5dd26cb418270928ec1ad4b3aa6bd8489e050dab8751cSecunia Security Advisory - Ubuntu has issued an update for krb5. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
963b803aa274d87a1c6667918f8532d63c76408114f96562d8fa9d4c35a13235Secunia Security Advisory - Multiple vulnerabilities with an unknown impact have been reported in Piwik.
e601edc3b435c399dcc17846b1abb9bec363f7962dbf4737e00b74271ebb66adSecunia Security Advisory - SUSE has issued an update for cups. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
b86aaf326a74078f11fdfd034b775061d36b2cdcbb8b5d9c90c941f105cf8bb1Secunia Security Advisory - A vulnerability has been discovered in the WP Photo Album Plus plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
a7f4b3fb5706c63dc7640c1609a7529b3581bb852de12c94248812f29f214298Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Data Protector, which can be exploited by malicious people to compromise a vulnerable system.
89b292fb69ebf5330ebd0c0e857a7d7a6618df13ca557a994a7b242d6d9dc476Secunia Security Advisory - A vulnerability has been reported in Asterisk, which can be exploited by malicious users to cause a DoS (Denial of Service).
185076393e69df6fcfd248e577479544fb3b4f45bd65720deb604945556d0351Secunia Security Advisory - SUSE has issued an update for libopenssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
53e00187b14ffd41acd44033c7505a2cb53f65d725c92f569b775f551595d613Ubuntu Security Notice 1233-1 - Nalin Dahyabhai, Andrej Ota and Kyle Moffett discovered a NULL pointer dereference in the KDC LDAP backend. An unauthenticated remote attacker could use this to cause a denial of service. This issue affected Ubuntu 11.10. Mark Deneen discovered that an assert() could be triggered in the krb5_ldap_lockout_audit() function in the KDC LDAP backend and the krb5_db2_lockout_audit() function in the KDC DB2 backend. An unauthenticated remote attacker could use this to cause a denial of service. Various other issues were also addressed.
260023c2168a6d777713e24fc88c1d9f550cbd57d478d0bfa9df694c73399e85Red Hat Security Advisory 2011-1380-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute code on the RMI server with unrestricted privileges.
8221a223c89ce2ea73be4fe52f25f9521f2857546e752765f878046db40237e1Red Hat Security Advisory 2011-1379-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. Multiple NULL pointer dereference and assertion failure flaws were found in the MIT Kerberos KDC when it was configured to use an LDAP or Berkeley Database back end. A remote attacker could use these flaws to crash the KDC.
3d6771e4cf54c7c15da89a0109e505400e96e3e7d851a51fb3c6f07261a1b7e4Zero Day Initiative Advisory 11-295 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles flashpix files. When a flashpix contains a tile that has a Compression Type 0x2 (JPEG) and an 'JPEG tables selector' value that is bigger then the global stream property 'Maximum JPEG table index', Quicktime will write outside the global JPEG table. This corruption could lead to remote code execution under the context of the current user.
2cf19827a903dff6a72cc3f52cd9a7825b3bdf665e3eb3509ca7d78cfd35a2f0Whitepaper called DNS Poisoning Via Port Exhaustion. It covers everything from how DNS poisoning works to various methods of performing attacks. It discloses two vulnerabilities. One is in Java which enables remote DNS poisoning using Java applets. The other is in multiuser Windows environments that allows for a local DNS cache poisoning of arbitrary domains.
59aae9b502f6267802e5e03c5acbbc8cc5b2055211508a758f0223c1089883beHITB Magazine Volume 1 Issue 7 - Topics include What Would We Do Without Enemies, Extending SQL Injection Attacks Using Buffer Overflows, Windows Security Hardening, and more.
e50b7e046d890e1a621a0b6036fbe9a6bbd09f45dedad72d1e4e39172a6cd5e8Site@School version 2.4.10 suffers from cross site scripting and remote SQL injection vulnerabilities.
52694c6e5b1545947799ec5516fa803298868adbd0427bbd993cf8a1ce6c7ee4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed