Gentoo Linux Security Advisory 201206-32 - An error in the verification of SSL certificates in Links might enable remote attackers to conduct man-in-the-middle attacks. Versions less than 2.6 are affected.
2844cba5db93a16c292bda396e0c06a8ae6bcd3c1befdcb1c5b2875a67615f1dGentoo Linux Security Advisory 201206-31 - Multiple vulnerabilities have been found in Linux-PAM, allowing local attackers to possibly gain escalated privileges, cause a Denial of Service, corrupt data, or obtain sensitive information. Versions less than 1.1.5 are affected.
70b66584b8817a240db5a659f9e3fb27abfb44c6a46e9e68c554ca01bafc291fGentoo Linux Security Advisory 201206-30 - An error in the hostname matching in sendmail might enable remote attackers to conduct man-in-the-middle attacks. Versions less than 8.14.4 are affected.
e81c680a240ecc016d13ad4e7e1e4963af6de79ece9e1a280f15e3e3925484acGentoo Linux Security Advisory 201206-29 - Multiple vulnerabilities were found in mount-cifs, the worst of which leading to privilege escalation. Versions less than 3.4.6 are affected.
aec8dbbc16f75047942983e84a3b0014380e54e4ec733595b3b7b9ad80ab33d5Gentoo Linux Security Advisory 201206-28 - Multiple vulnerabilities were found in texlive-core, allowing attackers to execute arbitrary code. Versions less than 2009-r2 are affected.
22c42bb7b7ec6932a92cdb102c3c8795014df13f16038fca30ce11d10a834cbfGentoo Linux Security Advisory 201206-36 - Multiple vulnerabilities were found in logrotate, which could lead to arbitrary system command execution. Versions less than 3.8.0 are affected.
be9fd5a4e003c592a8e519a6693aa11f6ecc9162b5f96b4262f00bd5843d1bdeGentoo Linux Security Advisory 201206-35 - Multiple vulnerabilities were found in nbd, which could lead to remote execution of arbitrary code. Versions less than 2.9.22 are affected.
ba2c3b7ab48e436fc9ebb6afe201e5730246d150155fedd86d2bd9d097c2b5feGentoo Linux Security Advisory 201206-34 - An error in the hostname matching in msmtp might enable remote attackers to conduct man-in-the-middle attacks. Versions less than 1.4.19 are affected.
8ba06fe3d8db6a4789b2a24274ef4e1b78361d031949c77fdecb5c5f0b50d5d1Gentoo Linux Security Advisory 201206-33 - A vulnerability has been found in Postfix, the worst of which possibly allowing remote code execution. Versions less than 2.7.4 are affected.
05e98f47777707c46cf6dde146609306a3f61d80648b0c877d2ed8871983f6f0The Asus iKVM/IPMI implementation stores credentials in the clear, in a text file, and readable by the anonymous user which has a hardcoded password of "anonymous" with no way to change it.
113384f21d7260eda3e28efe8b129c714d9f70b1f537a8ebb70663c9928415dcSecurity Explorations does not agree with Apple's evaluation of a vulnerability they reported. They have decided to release proof of concept code to demonstrate a bypass vulnerability in Apple QuickTime Java extensions.
c2aeee9d3f479037cf3a1177e445be5a6068ad94532c3d4c68af96ada0b39421Apache Roller versions 4.0.0 through 4.0.1 and 5.0 suffer from a cross site request forgery vulnerability.
4763bc6a74cffbb8c4a98ebfd85497d4c135a0229565573c11711bb32366736cApache Roller versions 4.0.0 through 4.0.1 and 5.0 suffer from a cross site scripting vulnerability.
2a3ef283fa2c44950937510f6450a29a58cbf100742cf9efd1a746297da0ed8aKingview Touchview version 6.53 suffers from an EIP direct control vulnerability.
f614238bf00bbff01c4cacb0de5e0d817d19edb0c4b62a906b365aace0a82525Kingview Touchview version 6.53 suffers from multiple heap overflow vulnerabilities.
37f45498f2bff4a854d189b580bf99ea79b9dc21dfa6b458fdc14b0c63e2c8b6Mandriva Linux Security Advisory 2012-100 - An integer signedness error, leading to heap based buffer overflow was found in the way the imfile module of rsyslog, an enhanced system logging and kernel message trapping daemon, processed text files larger than 64 KB. When the imfile rsyslog module was enabled, a local attacker could use this flaw to cause denial of service via specially-crafted message, to be logged. The updated packages have been patched to correct this issue.
613dfcef425f4a5b661ad286cf09803a2aa7044018ac10a963dd2f0b79087e99This whitepaper discusses the insecurity of poorly designed remote file inclusion payloads. This is part two.
357450c73effdc1d8d79eadc0c1966d2cf52597ec2b85ef66ef49ae5a9a554f2Slim PDF Reader version 1.0 suffers from a denial of service vulnerability.
d1ffdeb69b179bf453e9df13d5f38f2ea80e5975170ad4c9dfbaf90077a7117bHashdays 2012 Call For Papers - Hashdays is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks. The event features many international IT security experts sharing their deep technical knowledge in an open environment and takes place October 31st to November 3rd, 2012 in Lucerne.
6e0ac8238a53b8ebe88af5e47d06f685e8e944f0c7bdf03885eef4a921bcec0dThe WD TV Live Streaming Media Player suffers from two implementation flaws that together allow for remote command execution as root.
30e038aaf42732de5c7c31917ec77feb71e99f5a032ca468e8d514c9181e41c1Drupal Drag and Drop third party module version 6.x-1.5 suffers from a remote shell upload vulnerability.
d20be48fb476e6e13f7e457963b8e28ac136039c50a776c45993e46260ecf151Autopagina CMS version 2.8 suffers from a remote SQL injection vulnerability.
a563a2bdda1882cafa89faf3ca21ba53255d47d50c45f1edde7b0866d86b906fUmapresence version 2.6.0 suffers from remote shell upload and file deletion vulnerabilities.
34c100c2e912e0c0e0f50bd32af4870f83873de3311da8742d14b3108c80e283Able2Extract and Able2Extract server version 6.0 suffers from a denial of service vulnerability.
ab32292905312ba912de21c5e6dc97b63078bc9aba3c2d7e2bb0d20ef3ff08fbAble2Doc and Able2Doc Professional version 6.0 suffers from a denial of service vulnerability.
c10a756810f848125bb592c0fffa27ca8b2a9b951b84b8538dac2d376c20130c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed