The Toshiba eStudio multifunction printer suffers from an information leakage vulnerability as passwords can be extracted in plaintext from the html source code of various configuration pages.
5734383d4ee705db601bc8d3d5e3c2dd43c7d59704ae77a50bf1ce5366dd57bcThe default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.
4f61867467d9f947166505f70c2306db6ef9f3380f5efdf8445bb8695e519d32This Metasploit module exploits a stack-based buffer overflow in GTA SA-MP Server. This buffer overflow occurs when the application attempts to open a malformed server.cfg file. To exploit this vulnerability, an attacker must send the victim a server.cfg file and have them run samp-server.exe.
6516b83685589a1ead2d78e1fafcac820b7f9e19416217a6dda64bcf91cceef6The SANS AppSec Summit Call For Papers has been announced. This event will take place in Las Vegas, Nevada from April 30th through May 1st, 2012.
f85366a74c6a05d10f5286c3687ce6acd52adea9f9b93742ae371c8b746fc1e7This Metasploit module exploits an arbitrary PHP code execution flaw in the phpScheduleIt software. This vulnerability is only exploitable when the magic_quotes_gpc PHP option is 'off'. Authentication is not required to exploit the bug. Version 1.2.10 and earlier of phpScheduleIt are affected.
5d5d2dee3205b21a8812ad1ba723eaf15edbd136751c83c17084738dd1505d2aeFront versions 3.6.10 build 11944 and below suffer from code execution, authentication bypass, shell upload, and remote SQL injection vulnerabilities.
a2df7a32a7dd4ae0a9bc4dbd2e2499dc496f68c261d43e949234ee9dc33f4c05OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release.
7ab4f46f7750e54e54d0f6721053ab9635778e313da8e2369ad9bfd717a28242Secunia Security Advisory - SUSE has issued an update for cyrus-imapd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
ecdc38a1858cfc80ebd0fd2d88975201a6eabffa4d1e52e06056ea632e598099Secunia Security Advisory - A vulnerability has been reported in the Presta2PhpList module for PrestaShop, which can be exploited by malicious people to conduct SQL injection attacks.
77f4b16edfaa37a9ede9dc3edde8ad4a5e6a509ccfb5b73a2b8e184c859703d8Secunia Security Advisory - A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
7215d9d5d7593fcc5bf61a6e25712d3007f4b0347d4ff60d6a0d33e9d53892a0Secunia Security Advisory - Red Hat has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
1be98bb677f07793f9ed3b84888b8455beadff4d4665644c71dc142b4c0d43d2Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere ILOG Rule Team Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
9761657bbf78b64616e008ceeceeb7473ac5d94c05facbac8c07bb1667ca93cdSecunia Security Advisory - Gentoo has issued an update for mod_authnz_external. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
0bb4ab755cda9dc64d36b35551b7c12c78bcc47295700ff717e7b6bc6714819aSecunia Security Advisory - Ubuntu has issued an update for kde4libs. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
2e9fef9bece728d9279d0097f42e7ca3e1b5e78bfbf4297c80d46a5de43067feSecunia Security Advisory - A weakness has been reported in OpenStack Compute (Nova), which can be exploited by malicious people to disclose sensitive information.
e7ec7d8ee0b84f89c3c47c8f7b11cf9fe32dd956425c23995048d7c02a7d394aSecunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, conduct cross-site scripting attacks, and potentially compromise a user's system.
1ae83cbec544390c6c09251076f27cbe48fa45c677d5040cd1effd693a3e6682Secunia Security Advisory - Ubuntu has issued an update for nova. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.
6ad20e61889c077aab0030de147d6b4eac883b4b9f369b3232054ef3b75ec90aSecunia Security Advisory - Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
3bf3531276b51b14429af52894e6c1f71f68ca12df376cf79455d978d7140febSecunia Security Advisory - A vulnerability has been reported in SPIP, which can be exploited by malicious people to conduct SQL injection attacks.
cf058c322c490d03c6689f9a1c0c5f28391339bf9fa1ff00b36c6623c8ac4a1dSecunia Security Advisory - Debian has issued an update for torque. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
1e11d6ea99c6064f81333e20e070414305a740305122bb042fbe6a11672eddccSecunia Security Advisory - HP has acknowledged a security issue in HP Network Node Manager i, which can be exploited by malicious people to bypass certain security restrictions.
5bbd36a06966f3c402033878dd12f640244834dff9a6036ad6cf81fe1ae37261Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple Quicktime, which can be exploited by malicious people to compromise a user's system.
63c2b2f7b2972ca0523ebc89de65b4ba81fd480a55da9580a36f8fef4acd90adSecunia Security Advisory - Red Hat has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
11467862954cb640e0a87b455fa89c6db455054fcdd0cfb09e53b58ae58745ccSecunia Security Advisory - Gentoo has issued an update for squid. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
5e31ee958f0f8f0b8764e563481735b5405bedd48e137ac233cb0b1e64fa33ccSecunia Security Advisory - Gentoo has issued an update for pure-ftpd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.
b0ebbfb2368006d13480954941a313e094efd57b1fa0af30db0b1760d8a39504
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed