Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
7915f5ba4ff02af2da4e132cc03472d674c4633ae0e4c0bacad2a58daad5e262Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.
828483a1a6bbf8065e049dfca2a65efa7ca35f2fa4a558adde9549639c05bfb7OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
905106a1505e7d9f7c36ee81408d3aa3d41aac291a9603d0c290c9530c92fc2cUbuntu Security Notice 1335-1 - Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges. Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash. Various other issues were also addressed.
0c7caf48e49174279d1eded16dc85b00dae0d90d73ac400b2fd293a3054adf7eA possible stack buffer overflow in Suhosin extension's transparent cookie encryption that can only be triggered in an uncommon and weakened Suhosin configuration can lead to arbitrary remote code execution, if the FORTIFY_SOURCE compile option was not used when Suhosin was compiled. Versions 0.9.32.1 and below are affected.
7b76245682b97cb024e98bdc990fce1fd1209c0093a98ed46429a4d2ea80c3ecWhen using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
8d3c41b30627a514ca963158a099851a1cb31165bd228c27f1d9b76af12c9189This is a small MySQL cracking tool capable of running login attempts from multiple threads in parallel. It is capable of 1024 concurrent connections.
f146f20998994d92b163d14ad2d638e4e8fe1b472cee16e5eb3e73270024ebabBrand PHP suffers from a remote SQL injection vulnerability.
5202ae7947a4a055dddb182e81350e331df628a89622b1ce210398cc6bde0da3appRain CMF versions 0.1.5 and below suffer from an unrestricted shell upload vulnerability in uploadify.php.
506aabb495e506a158aa2e70e4e9660ae29a6ff831efa1d2287c34419cba6ddaWordPress uCan Post plugin versions 1.0.09 and below suffer from a stored cross site scripting vulnerability.
8fb475a0d2e5e4779f36ff9b345d1258634708bb89aa4a29d9182794886fa1f2The Microsoft Anti-XSS library versions 3.0 and 4.0 suffer from a javascript bypass vulnerability.
9c3724fcd0d3afee3bd1af91d841bc9d029d55edbafef54c733f648ff52a0dc3WebCrafters Design suffers from a remote SQL injection vulnerability.
904ec1a80572fb9651b9e0e1dd92fb557140f8775d231ae04d32b996e8170f7fWOL-E is a suite of tools for the Wake on LAN feature of network attached computers, this is now enabled by default on many Apple computers. These tools include bruteforcing the MAC address to wake up clients, sniffing WOL attempts and passwords, scanning for Apple devices and more.
e28f7b08a572231c36ca10c3933eb5f2549796295fe96083eb66efbad6aaf210Fiche Avion suffers from a remote SQL injection vulnerability.
291bba881c5f7057f16dd8f38ea00b8b4452191a552433881e44352cf82b796aMaDVideO suffers from a remote SQL injection vulnerability.
b2e362f36095fb73fce78a787618db2eb4ea4648aa9a1e0594c71fede035422eVisualizza suffers from a remote SQL injection vulnerability.
1ebb1a7d69adbd547979b9bce35c2eb8826be3b3ff91fe9b38e2ffd9a7541defThis is a short whitepaper that discusses common vulnerabilities in online payment systems.
ad3dfe59b75e6688f6179cb87d6b7b29635301fd6bf32fb409a1cba64bf5ae99The PostNuke pnAddressbook module suffers from a remote SQL injection vulnerability.
f1b0ea692d5ca7446990d64e990500667d0fd90bc9bae0ad6b31d6e250c3130bHP Security Bulletin HPSBMU02736 SSRT100699 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) and Business Service Management (BSM) . The vulnerabilities could be remotely exploited to allow unauthorized access to sensitive information. Revision 1 of this advisory.
45d7176639ffb448154803ed3be918ff4fc106da71fbee37f29f495dd411ac87Secunia Security Advisory - Two vulnerabilities have been reported in XnView, which can be exploited by malicious people to compromise a user's system.
00d29b257ad6d65041e3fa9f5a24a7ad6aa44b6f87ae42fef188f0b2f137bbe9Secunia Security Advisory - A vulnerability has been reported in McAfee GroupShield, which can be exploited by malicious people to compromise a vulnerable system.
876f4bb8ae3bf2f67af7307c58334a25a189210a53cf2affc44a78fef342f852Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious, local users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS (Denial of Service), by malicious users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS, or by malicious people to cause a DoS.
37883ef6606d6e027797aa12f3754e6b1a8bc1f88f3c28db975ace4edd657db7Secunia Security Advisory - A vulnerability has been reported in the Panels module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
17ecb270298f2ff0544eeedc80dda4aa6a50e7e093c81336aab464a35cc4eb2eSecunia Security Advisory - A vulnerability has been reported in the Quick Tabs module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
96057d3835fc857698055a213fc2a2e23a19031ab6700049f814bd1976f747b5Secunia Security Advisory - Gu1 has discovered a weakness in X.Org, which can be exploited by malicious people with physical access to bypass certain security restrictions.
419e8f3789ced2263564fc8fbdb3e0a3a7978fdafc3d4b97b129b8b878c125b3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed