Debian Linux Security Advisory 2831-2 - The fix for puppet that addressed CVE-2013-4969 contained a regression affecting the default file mode if none is specified on a file resource.
d9fa7fd252945f25239673a14edad62d6c60150628dad98e39a4e130ac6e6503Gentoo Linux Security Advisory 201401-8 - NTP can be abused to amplify Denial of Service attack traffic. Versions less than 4.2.6_p5-r10 are affected.
bfee5ca74ecd0b48ef960b4e3d4b82173adcb82f55bd50bb8d7864079c00c3ebHP Security Bulletin HPSBUX02961 SSRT101420 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
5ea964ac8c43cc470c7a273d7cc57ed3149345526175846ee55dbca653979c6eStem Innovation's IZON IP camera has hard-coded passwords that can be leveraged via both telnetd and httpd.
7fc873d3d71731d5736ab631f76a7b61a776a31d2cb74133e26ee6c5b0ed0967Open-Xchange AppSuite versions 7.4.1 and below suffer from script insertion and traversal vulnerabilities.
f64894541784a5965d5e8dd55defafbccab9ab8f246cce119db4b1e2c9d56811Debian Linux Security Advisory 2845-1 - This DSA updates the MySQL 5.1 database to 5.1.73. This fixes multiple unspecified security problems in MySQL.
fa7f40229dc90120ac0e0aa2eb8e2e1325f67ad09b177a5753770abee5251c4fSI6 Networks' IPv6 toolkit is a security assessment and troubleshooting tool for the IPv6 protocols. It can send arbitrary IPv6-based packets.
299af685fad82f9b373ea0fc9daa53ca62c81b717d9ddeb59f7329ffa2ea8212Plone CMS suffers from a URL redirection credential disclosure vulnerability.
c8126f47351b05580931419b3561fe0a88c1f95cf8946c7dcd4656a6d3036dc7Mandriva Linux Security Advisory 2014-010 - Multiple vulnerabilities has been discovered and corrected in memcached. The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr. memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials. Various other issues have also been addressed.
56e23873dfb9810e91b41765d15d9e18cafd0f9578ff6c5806a952a61bf20fc8bloofoxCMS version 0.5.0 suffers from cross site request forgery, local file inclusion, and remote SQL injection vulnerabilities.
668beef15d4f8f90dfb10c1735f36d023ec89384dee1488778317af0eb2ea645Enghouse Interactive IVR Pro (VIP2000) suffers from a remote root authentication bypass vulnerability due to a backdoor private/public ssh key being on the systems.
9a973cc7a8a5306a32bf2e720f7349327145d6bf719e12f5ffffa787228cb573bloofoxCMS version 0.5.0 suffers from a cross site request forgery vulnerability that allows for PHP code injection.
988e6ee3eaf925c583a5a4974787622711445dbe0b89779c4e5cc37dd851f755This is a whitepaper that discusses using heap sprays with vulnerable active-x controls.
182912d0e8bbbc850abf4281ee8356d5767b5cb9c7194c7bbfc2b5eab415ddaeManageEngine EventLog Analyzer version 8.6 suffers from a cross site scripting vulnerability.
fb2b863e3a6c89be1bed5b157e455b433c0efa45b5c8a60e740a73a619b3c3bahaneWIN DNS Server version 1.5.3 suffers from a denial of service vulnerability.
fd11894f27db6ea3d16ce79549c8d30b70900e68f2b0ffdfe964f4db55ce894b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed