Zero Day Initiative Advisory 11-350 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Enterasys Netsight. Authentication is not required to exploit this vulnerability. The flaw exists within the nssyslogd.exe component which listens by default on UDP port 514. When parsing a new syslog message the process attempts to copy the PRIO field to an intermediate variable. The process does not properly validate the size of the destination buffer and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
486c953e71cef65cd30d035468fa0961fc349af3a6271f7d414b20d2d573b443Debian Linux Security Advisory 2367-1 - Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit.
c775b80295c3642a135dbde3ae832771f511ca0cfd118f13568781aff541ad60Red Hat Security Advisory 2011-1834-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A buffer overflow flaw was found in the way the libXfont library, used by the X.Org server, handled malformed font files compressed using UNIX compress. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.
0a67c0ae0cd5513a350ee578c94326bc57a4cd7ae396b3099d3505b6bcbcd181The WhatsApp tool suffers from arbitrary user status updating, registration bypass and plaintext protocol vulnerabilities.
0616c7aaaea8c5766787ad6d89a5f5e1a9b8c80dda620060d4f23fe8f25ffa06WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.
8e6fe6a513916c776350b0cbff29427e8719a4d3095dfe4fdd3b4ad34e3bde2eUbuntu Security Notice 1313-1 - Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops.
4435468d54c71dd0bcc743da6fe654def947faedb2fcd749c5c64269c81d3846The SecCommerce SecSigner Java applet version 3.5.0 suffers from a client-side remote arbitrary file upload vulnerability.
5c2fa4abe1884f3a0b572d67e36f2d26b087f7cd52d35a19c40e81c656d3dd40Ubuntu Security Notice 1312-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
3aeab52346bf4f6a1ad62c8d618495f6f4e27104c5519860741dab5b42e4dde7Ubuntu Security Notice 1310-1 - It was discovered that libarchive incorrectly handled certain ISO 9660 image files. If a user were tricked into using a specially crafted ISO 9660 image file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. It was discovered that libarchive incorrectly handled certain tar archive files. If a user were tricked into using a specially crafted tar file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. Various other issues were also addressed.
bdea7bcb5147618f5647a759a8be6b8260b133e417d0c660c11e3f8aef62f6ffDebian Linux Security Advisory 2366-1 - Several problems have been discovered in mediawiki, a website engine for collaborative work.
ccb031f863a8654a0610e5409cb9c19e529fd52f0871028b9a316b81212caeb2Ubuntu Security Notice 1311-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Various other issues were also addressed.
079875549c90e40e46e8b48124d73c56179b8faa866f9696ddfa6d615846973dMandriva Linux Security Advisory 2011-191 - A heap-based buffer overflow flaw was discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.
05dca28376bee3ecaa55fc46d066d8da84282221b9756c854a8ed1f09619d503This is a brief write up discussing time-based NoSQL injection attacks using javascript.
38f29f6bb429406f5f75bcf44692f842d085e1f1bc2d98124da439be4d863cc3The fifth IFIP International Conference on New Technologies, Mobility and Security Call For Papers has been announced. It will take place from May 7th through the 10th, 2012 in Istanbul, Turkey.
25130021c2ea8eb8aa1842b5fe239c462321ca387e930a78502275f10082c334Gold Coast Web Design suffers from a remote SQL injection vulnerability.
db6711970c527db2e9981f731ea5f0e3c00408f918538a1face2bcf27ab2c2a3Free MP3 Player version 1.0 local denial of service exploit that creates a malicious mp3 file.
a8d50ae173920d82786db1c55461ca701b5b672c3a52d83d4da71f924ae15cc9PHP Booking Calendar version 10e suffers from a cross site scripting vulnerability.
482251c8f23fc16eb1e5939226f88efda2fbfdaa271fdaa4fb16a327e01775f1The Joomla Dshop component suffers from a remote SQL injection vulnerability.
6a52e7d893c2665958898ad01d124ce3ebcaf1af7dd716c0efef90a5caeb521aThe Joomla Tsonymf component suffers from a remote SQL injection vulnerability.
edeb2f41317dc25b5a733a6517099fc8d1df11868c3c4e62d35efc4912f98155Mandriva Linux Security Advisory 2011-190 - Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.
a7a2d6dcde530878a690f207cdebdc142e5c05f52a50d1abc8a8f87417506924SASHA version 0.2.0 suffers from multiple cross site scripting vulnerabilities.
8a23db0f5a7f141b2bee4b40873219f743fd2104d3605022a95899f48646cdf6VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
cba9bea32ea67c8da60c966ebfc113a9ade45175f2c308da67602f022e70e159VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
363771ff8fedc0e7c3eb4df5ff9a4fe0bc4f64c4b34e44157b5e85bbbd053e8eVUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows Media Player. The vulnerability is caused by a buffer overflow error in the XDSCodec & Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player when processing certain fields within a DVR-MS (Digital Video Recording) file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page or a malicious ".dvr-ms" media file.
abe71c0175b7a06c7b13a1c8e877a119177040e1b36f365f7231fe6642d78a92VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.
10561391d54ae2a2a00c408b11bdbca9246b41da1060d29b93367e7f6c836d46
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed