Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6ff337ca71ca015d50e73a2bb90e02d894b617935482802102648d51b3876facUbuntu Security Notice 1290-1 - Simo Sorce discovered that a NULL pointer dereference existed in the Kerberos Key Distribution Center (KDC). An authenticated remote attacker could use this to cause a denial of service.
7ed0fbc4432ed32166067d84ab8cbdd22401e5d3e348a0d58e255c272905e643Zero Day Initiative Advisory 11-344 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way that the application allocates space for parsing sample data encoded with the RV20 codec. After allocation, the application will partially fill the allocation with sample data. Upon usage of this sample data, the application will use the uninitialized data to calculate an index that is then written into. This can lead to code execution under the context of the application.
50e66ded99d11173f3c8167b6f12e294aa22a831c7b09425d4215df5292503c6The Call for Papers for the third annual HITBSecConf in Europe is now open. Taking place from the 21st through the 25th of May at the Okura Hotel in Amsterdam, it will be a quad-track conference featuring keynote speakers Andy Ellis (Chief Security Officer, Akamai) and Bruce Schneier (Chief Security Technology Officer, BT).
b91449f24b3ad6b16eddc8476a1114a0c9926f521215ee6b5b71c02c8e4e9775The KnowledgeTree login.php login page is vulnerable to a blind SQL injection vulnerability within the username field. An attacker can leverage this flaw to execute arbitrary SQL commands and extract sensitive information from the backend database using standard blind SQL exploitation techniques. Additionally, an attacker may be able to leverage this flaw to compromise the database server host OS.
d3f77e8bceace3fc7ce207fa65ce9c2f16782589248552275d3f46df8cd67399Zeema CMS suffers from cross site scripting, information leakage and remote SQL injection vulnerabilities.
0e88167fb75ef28d1a96a7a15c4869c8737467e133fe9a9d89a228940d3866b0Zero Day Initiative Advisory 11-343 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Realplayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the mp4arender.dll module. If the channel count is altered inside the esds atom, the allocated buffer will be too small to support the decoded audio data, causing a heap overflow. This vulnerability can be leveraged to execute code under the context of the user running the application.
1de47a5d32b9c4dcf8ee7ada8fb59ba281f7d617834a3920d1d09016015f5407Zero Day Initiative Advisory 11-342 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks Asset Management. Authentication is not required to exploit this vulnerability. The flaw exists within the rtrlet component. This process listens on TCP port 8080. When handling an unauthenticated file upload the process does not properly sanitize the path. Directory traversal can be used to drop a file in an arbitrary location and a null byte inserted into the filename to provide arbitrary extension. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of SYSTEM.
2cee1a50137f6669e7975ff91ba14fa783263398787505aebdbcb678aa0d7213Zero Day Initiative Advisory 11-341 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within atdl2006.dll. The vulnerability is caused by lack of validation when parsing WRF files. A specially crafted WRF file will cause the application to incorrectly push a size value to a memcpy, allowing for corruption of heap memory. An attacker can leverage this vulnerability to execute arbitrary code on the target system under the context of the current user.
5c6949e6b0eb36f74456cb25567b1e74b31591741a2cf52ed895cf5427bb2ef4Zero Day Initiative Advisory 11-340 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses font names embedded within an atom. When parsing the font name, the application will treat a length from the file as a signed value when copying font data into a buffer. Due to an unsigned promotion, this can be used to write outside the bounds of a buffer which can lead to code execution under the context of the application.
ffbb90a377f7fda3461c5ed9be6cf21b276f42f9402309e92d8f8fa99e3ce910Ubuntu Security Notice 1289-1 - It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered.
944dc4557f647d8c7e2c3999af2bd590b59c0bcc4f31cd6ab77053fa15ad5b05Red Hat Security Advisory 2011-1794-01 - Red Hat Network Satellite provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows organizations to utilize the benefits of the Red Hat Network without having to provide public Internet access to their servers or other client systems. A cross-site scripting flaw was found in the RHN Satellite web interface. An authenticated RHN Satellite user could use this flaw to perform a cross-site scripting attack against other authenticated users who are using the RHN Satellite web interface.
286a1ca30d9eebb4be69c57c808e9bb7ffcec46221040018550c5a6c050e714dGoogle suffers from an open redirection vulnerability. This may be working as designed, but is still a bad idea.
f7474650d0d2df3b430a067c98ddeef035d67a88cefcac0a961622e82270052cMandriva Linux Security Advisory 2011-181 - Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer. The updated packages have been upgraded to the latest version 1.3.3g which is not vulnerable to this issue.
0be1d40f8f3b58111ad1f44517b3cd8c334da98ee590aaee94305394e4d7a9d6Secunia Security Advisory - SUSE has issued an update for Ruby on Rails. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate certain data, and conduct HTTP response splitting, cross-site scripting, cross-site request forgery, and SQL injection attacks.
bfe7c7d7034c5f981bd3bbc5a78f5d11333245afc7a91893b2a016ab66b6d06dSecunia Security Advisory - Ubuntu has issued an update for linux. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS.
88dfed92bd77ef1ab0bb01538361300ac75327af5a01f9a22b5f463695fba866Secunia Security Advisory - sxkeebler and r@b13$ have discovered a vulnerability in KnowledgeTree, which can be exploited by malicious people to conduct SQL injection attacks.
fa35b9a8793bab6f29a55f683fd3212322c25a58f21790ade01770b3bff30f71Secunia Security Advisory - A vulnerability has been reported in D-Link ShareCenter DNS-320, which can be exploited by malicious people to bypass certain security restrictions.
b1e928d3eb6b296c9cf54144893f785646721391e3d5b3a69b3f17b47f4258bfSecunia Security Advisory - A vulnerability has been reported in CA SiteMinder, which can be exploited by malicious people to conduct cross-site scripting attacks.
f9a2f59abf701f2320d90715d6d209e2a6bd9c5fa69ee322bab7a7110a7e589dSecunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-maverick. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS.
e1a724ccc8ea96c7419f8365d917bbe25c8b80ecc70cf5b2e29a92ad2eb0bbe0Secunia Security Advisory - Darren McDonald has reported some weaknesses and two vulnerabilities in One Click Orgs, which can be exploited by malicious users to potentially cause a DoS (Denial of Service), manipulate certain data, and conduct spoofing and script insertion attacks and by malicious people to disclose sensitive information and conduct spoofing attacks.
46115d6f290c4a29cf5eb2dedde6e676f1b3d8481a0c9e358f4830cc24b007eb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed