Ubuntu Security Notice 3466-1 - Karim Hossen & Thomas Imbert discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop responding, resulting in a denial of service.
15654f7b9bfda368625350be74ee70e10914df21ae1590e6c0adaa651fe09731Bomgar Remote Support suffers from a local privilege escalation vulnerability. Versions affected include 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4.
628baf055f0972c1c6fa79f1adf972440b7c5ee8c14fec41ee37efb1bf1f599eUbuntu Security Notice 3465-1 - Brian Carpenter discovered that Irssi incorrectly handled messages with invalid time stamps. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. Brian Carpenter discovered that Irssi incorrectly handled the internal nick list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. Joseph Bisch discovered that Irssi incorrectly removed destroyed channels from the query list. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. Various other issues were also addressed.
5c34e3c728888e5bb51ce6fb31a8c69e09c89e18bf7c2c9c340b2b4830202fe0Red Hat Security Advisory 2017-3075-01 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: A stack-based and a heap-based buffer overflow flaws were found in wget when processing chunked encoded HTTP responses. By tricking an unsuspecting user into connecting to a malicious HTTP server, an attacker could exploit these flaws to potentially execute arbitrary code.
902f3f20b7a3e90d479fc1b3fd04bacf4050c8b64fac72cde48820817e759dfcUbuntu Security Notice 3464-1 - Antti Levomaki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this issue to cause Wget to crash, resulting in a denial of service, or possibly execute arbitrary code. Dawid Golunski discovered that Wget incorrectly handled recursive or mirroring mode. A remote attacker could possibly use this issue to bypass intended access list restrictions. Various other issues were also addressed.
25ac05cd4bd4147a63b1bd247d8cfad5fce3534a6793e49418e3508809cb3effRed Hat Security Advisory 2017-3071-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: Two vulnerabilities were discovered in the NTP server's parsing of configuration directives. A remote, authenticated attacker could cause ntpd to crash by sending a crafted message.
83d626d761ac5b1571348346a206a3346fbe4cc8a141d14a89a1ac2a9aad2203HitmanPro version 3.7.15 Build 281 kernel pool overflow exploit.
408bf8b107019c5f2a85c3f424fae90139e0c7cc821429e9f874f8e28211b69dPHPMailer versions 5.2.21 and below suffer from a file disclosure vulnerability.
eeaeefcdff3722b2ec1cf3d9459357dc5de426bb7f1c9fb2f39b503acf3a27d4Ubuntu Security Notice 3463-1 - It was discovered that Werkzeug did not properly handle certain web scripts. A remote attacker could use this to inject arbitrary code via a field that contains an exception message.
8d133b0cb1c8a7c0ca926fa9d77a07bcfff12fefa3f47dc07a668322984d7532Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
da5e7c56de700078c640a0eaaa287e9643cb97d56dc08a942a48fbd3fe8700f1Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
7df6298860a59f410ff8829cf7905a50c8b3a9094d51a8553603b401e4b5b1a1Mura CMS versions prior to 6.2 suffer from server-side request forgery and XML external entity injection vulnerabilities.
c741fa594f6ecdac9c58e2a524f6ef11f7b20005c381775459dc8b4332c6578dFS Shutter Stock Clone suffers from a remote SQL injection vulnerability.
b03d0d2ae4dbffe3e2a8581d0d8cfe905b13a447a0b904b2b58e281444538f34FS Thumbtack Clone suffers from a remote SQL injection vulnerability.
4676e679078b5d30f8b727ef735fa41aa70c4e777df264bc33615df5b55ff764FS Trademe Clone suffers from a remote SQL injection vulnerability.
2c7628a451f7e42509025ee13ccb7d4cab819c455ff2513dacc9b5a2ba24788aFS Monster Clone suffers from a remote SQL injection vulnerability.
ee5a6e1e75975e5578c4906c309a34c30b53ea2ecf3c72b2cc19e80b87d4e1daFS Care Clone suffers from a remote SQL injection vulnerability.
97cd6706ff38ead6bbb290b2a4228364e62e6c2bdb44699e2f2fee01a5b87303FS Crowdfunding Script suffers from a remote SQL injection vulnerability.
2fcfe6b3957e9208e9d07c8d948a930167e2a1720cc80433b922a6e8ce6fb09bFS Realtor Clone suffers from a remote SQL injection vulnerability.
365b962ed908ebe5642c162c0fd4b3ae512e4c3ec4b6f6560d702adc42a4fe1c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed