Slackware Security Advisory - New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.
cd4c4e819b4c3c239ee06046bee62e04089f000fc2faea5c9f5936326037c9c2Snare for Linux suffers from a cross site request forgery vulnerability due to a poor implementation of the ChToken. All versions prior to 1.7.0 are vulnerable.
3323c57eabe51f974cc3c72af83508f476be9dbb70cbfeaeac57694f5e5a56fdSimpleInvoices version 2011.1 suffers from multiple cross site scripting vulnerabilities.
3ecfc994ac4e984591a3608e192e99266ae5c16efedfadf34bdef7ec941368bbSnare for Linux suffers from a cross site scripting vulnerability via log injection. All versions prior to 1.7.0 are vulnerable.
d22ada759dcbc1d17dafab44a19f943b1bb0c438c37fb13503433ad75f387109Nagios Core version 3.4.3 suffers from a stack-based buffer overflow vulnerability in the history.cgi web interface.
88ac488f066319dd1f959b62a5b728615dc7728fccc1e533414c99c5543167e4Slackware Security Advisory - New libssh packages are available for Slackware 14.0, and -current to fix security issues.
366d107dd5b27da03116193c2e98ec3fa00722b8643f6ff8ea0cec9f8181fd79Any.Do sends credentials in the clear along with various other data.
097771e31021ba6e3291ffdcf4a4e49ab93871fda1ba8ce0c7839b78bc07cebdSecunia Security Advisory - A vulnerability has been reported in some Rockwell Automation controllers, which can be exploited by malicious people to cause a DoS (Denial of Service).
7b3077ee4759c2bd0c98e79e3b52582051272c405ecc80c52e79f799f3be7fdeSecunia Security Advisory - A weakness has been reported in Spring Security, which can be exploited by malicious people to determine valid usernames.
d1a8d3f339887763cfe79a7bf1a14abcaaa4506ecf3cd3ad9d670176c942ba5dSecunia Security Advisory - IBM has acknowledged a security issue in IBM Tivoli Directory Server, which can be exploited by malicious people to conduct spoofing attacks.
b28723be1537c148e1170eec636999e7007337e75183d6bc37d9dcac6581fe2cSecunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Rational Service Tester and IBM Rational Performance Tester, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
e46b00b4a954d320121ba2f3f7060940fe77bdd6c801ac06a5b6434c2898b21bSecunia Security Advisory - Some vulnerabilities have been reported in IBM eDiscovery Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
7944a5d671e791c6ee74a5f9096d9ade83a09926613711fc9b12c44c672b3c8bSecunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
e8a1e97fa32b6db6c4e0377405f0dd232361c9666c80af95aaef735f5f4101f8Secunia Security Advisory - Debian has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.
b1b63f10e9b50d42ea51da2eae68dc5856174b87d1f14585e5806e677b259f8dSecunia Security Advisory - Debian has issued an update for iceweasel. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.
7c031cff93418a0c8fbcbcf999d6fe4208d1f13574809498a1e38172f3eb7e35Secunia Security Advisory - Debian has issued an update for iceape. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.
dbaae30a8fbab3bc15dc0c4883a6ae8bc0ea55e462a363df51cc87db8f752f1cSecunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM WebSphere Application Server, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
f09647faece03b22d48c77077e9690556c64bbe548a4c9a899e36f96c4f0c9cdSecunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in ClipBucket, which can be exploited by malicious users and malicious people to conduct SQL injection attacks.
1ec39e2bd6a7bb70e68fab8dc65402f884c6797178c88875f88ceaf5f839ebd0Mandriva Linux Security Advisory 2012-178 - Stack-based buffer overflow in MySQL 5.5.19, 5.1.53, and possibly other versions, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x before 5.3.11, 5.2.x before 5.2.13 and 5.1.x before 5.1.66, allows remote authenticated users to execute arbitrary code via a long argument to the GRANT FILE command. The updated packages have been patched to correct this issue.
19d93ba2d1dce4cbb6f70f19c45b75b0d55296a79641c60eb686d7561a125406Debian Linux Security Advisory 2584-1 - Multiple vulnerabilities have been addressed in the iceape package.
387a692d255b5d16cad1c19419dc950e9005b22009d10581089a2a45d0c59e89Debian Linux Security Advisory 2583-1 - Multiple vulnerabilities have been found in Iceweasel, the Debian web browser based on Mozilla Firefox.
b9e7c95ffc93ae046df7fbebe65e509c1e34e661a2517a79d9a34a524a7f2dacThis archive holds twelves PDFs that hold presentations for Reversing and Malware Analysis Training. The Topics covered are Lab Setup Guide, Introduction to Windows Internals, Windows PE File Format Basics, Assembly Programming Basics, Reverse Engineering Tools Basics, Practical Reversing (I), Unpacking UPX, Malware Memory Forensics, Advanced Malware Analysis, Exploit Development Basics, Exploit Development Advanced, and Rootkit Analysis.
b983588785a2428722c7ff2fffbcea082a97f7f42fa2e24bf0c05b5a82870907Havalite version 1.1.7 suffers from cross site scripting and shell upload vulnerabilities. Some of these are known issues but the author has included a Metasploit module that demonstrates the shell upload vulnerability.
b16f36dc19e8d0743633a1a4d99736d1d3e32acb6b946225ecccce25b7379ade
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed