Slackware Security Advisory - New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues.
4b6f131bd8e719fd8ff262590dbb3da0c22a6604e04ce625b7d0bb362f40453aHP Security Bulletin HPSBMU02815 SSRT100715 5 - Potential security vulnerabilities have been identified with HP SiteScope. The vulnerabilities in SiteScope SOAP features could be remotely exploited to allow disclosure of information or code execution. Revision 5 of this advisory.
b19115c219260989f88dfa13880c0ff84926bc7c50247d3e6bcf84d423b7de28Red Hat Security Advisory 2013-0261-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. An attack technique was found against the W3C XML Encryption Standard when block ciphers were used in cipher-block chaining mode. A remote attacker could use this flaw to conduct chosen-ciphertext attacks, leading to the recovery of the entire plain text of a particular cryptogram by examining the differences between SOAP responses sent from JBoss Web Services.
ddfa5837441b7da3bc16065ca28478905fe604e73e77664405893ddffc44a360Ubuntu Security Notice 1723-1 - Richard J. Moore and Peter Hartmann discovered that Qt allowed redirecting requests from http to file schemes. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS, and Ubuntu 12.10. Stephen Cheng discovered that Qt may report incorrect errors when ssl certificate verification fails. Various other issues were also addressed.
4605f641fa86a28f32d2a30ade5206711c95382ac77712e820d92294787e541bDebian Linux Security Advisory 2623-1 - Kevin Cernekee discovered that a malicious VPN gateway can send crafted responses which trigger stack-based buffer overflows.
27a3a72fe62d36e7672dea91b137377da150a7db6d14c800d0a1f837359f4c97Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analysing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
6d0c3ae3f1c1c82fc02292864c2d515ea8bb0b84e4978f88e74d9798eacfecb0Ultra Light Forum suffers from a persistent cross site scripting vulnerability.
3c929999a19a3a694535233c547f3ae40ddd30a3ca672877ad9e8887a35f58deRaidsonic versions IB-NAS5220 and IB-NAS4220-B suffer from authentication bypass and persistent cross site scripting vulnerabilities.
fe8f5e0eadcb9f646b6f562ce732f7187fcdd832bcb2a1a6a738e78ba597f151Secunia Security Advisory - Core Security has reported two vulnerabilities in SAP NetWeaver, which can be exploited by malicious people to compromise a vulnerable system.
f15da94674d8a590cf737536e6ed1fec37abd2f2224d160792e4e96b85e44472Secunia Security Advisory - Debian has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service) of the application using the library.
2434d093c4e607731df9038e83c8fefddf26a1a416533ec7bb7a45bab6b9b2c2Secunia Security Advisory - Two vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
22fd454180c7a8369b9ffcaa877e41848cd7aff1b1ef91141eaf05dc7904da54Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Application Platform and JBoss Enterprise Web Platform. This fixes a security issue and a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
36f7240001af14fe9801a93c0be224b68592eb4dadb4b6dcfb433429b15cadd1Secunia Security Advisory - A vulnerability has been reported in the nori gem for Ruby, which can be exploited by malicious people to compromise a vulnerable system.
2296ef7fbc2a950485d99279e28e3394db17507dd715a4babde545b7db717244Secunia Security Advisory - Charlie Eriksen has discovered two vulnerabilities in the WP Online Store plugin for WordPress, which can be exploited by malicious people to disclose potentially sensitive information.
313855b42bbc8a69e5f3e0dd675549b1665a6461185292f1fc9211f9c0a73bdeSecunia Security Advisory - Gjoko Krstic has discovered multiple vulnerabilities in AbanteCart, which can be exploited by malicious people to conduct cross-site scripting attacks.
a36488d63285d65b1b7ce471a947384768209114703d4bb5780efc8300982c2bSecunia Security Advisory - CA has acknowledged a security issue in CA ControlMinder, which can be exploited by malicious people to bypass certain security restrictions.
94e29c631a583f7cd43bf836e0602e0eb55b6d86919c70db38f2ac5b107f2c1eSecunia Security Advisory - Multiple vulnerabilities have been reported in Pidgin, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system.
d0e702d618b3af6f61896f6bf4482e779c68ea0fd31eef1448ffecd11a61602bSecunia Security Advisory - Two vulnerabilities have been reported in Symantec Encryption Desktop, which can be exploited by malicious, local users to gain escalated privileges.
e342ec9c966c3c3a09a28080de828afe93a1d1a42ed531af4e52a4a8e0f93d34Secunia Security Advisory - Walied Assar has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to cause a Denial of Service (DoS).
8b2fb7ac337144afad657c4f1294d143a368958def648ba87188667db8a7b910Secunia Security Advisory - A weakness has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
501b2ae3e91b7f9622b0c008a5fbd37de115f49d34294032c8315b4d33592886haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
b377b76811e598b6114771872bd676f47e2c45c3016d93f45ca04c156e494071Secunia Security Advisory - Henrique Montenegro has discovered a weakness in the NextGEN Gallery plugin for WordPress, which can be exploited by malicious people to disclose certain system information.
4d5a20a9963122b30a537bcd8665016290944446ce176017dc0af696539eba94Secunia Security Advisory - Debian has issued an update for polarssl. This fixes a weakness, which can be exploited by malicious people to disclose certain sensitive information.
ebd30a614b9452d9df19556b3223880b313ebfe62e85ca8722193aa6dfffbfb4Secunia Security Advisory - A vulnerability has been discovered in the Editorial Calendar plugin for WordPress, which can be exploited by malicious users to bypass certain security restrictions.
c4d98aa94f2e0a706b07e4e932eb4f7f78658ad9ccceaff0c982df4bc644a2ddSecunia Security Advisory - A vulnerability has been reported in Schneider Electric Ethernet Modules, which can be exploited by malicious people to conduct cross-site request forgery attacks.
db999efb78d6772494df6e3229836558420d52a680388bbfe62c1e4a0eee360c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed