Sec-1 has identified an exploitable Buffer Overflow within the HTTP management interface of GFI MailSecurity 8.1. By sending large strings within several areas of the HTTP request (such as a large 'Host' or 'Accept' header) critical portions of memory are overwritten. Verification of this vulnerability can be achieved through the use of a HTTP fuzzer, such as @stake webproxy. Successful exploitation could allow an attacker to gain administrative control of the targeted host.
4300d283bb084186da283e56ddae0e40446b1e8a04f555832a86566d3489b5dbSecunia Security Advisory - Debian has issued an update for python-django. This fixes two security issues and a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
fb3927d6bec81d24005c29a06dbc212f764f4d161f9c53d4a1dd8b08da17db26Secunia Security Advisory - Gentoo has issued an update for libgdata. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
d1ed51cac68ce4bfcd0670ca4f7d33fa31a5c9a1fe3f493c7b922d0ec4c88b70Secunia Security Advisory - Gentoo has issued an update for socat. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
abe1ddb41fee41410a12536c8c6588982c55f250ba71a7cc24991a93590aec31Secunia Security Advisory - Gentoo has issued an update for gajim. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to conduct SQL injection attacks and compromise a user's system.
d951308295626921cc2e2a8d184c87ec324a606aed36fd61f54453cfe9f84598Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to disclose system information.
ec1fa84642b28261b751df1866f0e7c1ed612fdc551a003c186ba18e8601c764Secunia Security Advisory - Gentoo has issued an update for chromium. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.
55051d216d1c52fb4c8a6b1e4d9022f53db0c35701d6f79d448d1df63f136909Secunia Security Advisory - A vulnerability has been reported in Condor, which can be exploited by malicious people to bypass certain security restrictions.
ab47a5138a9ce5ec63f1504bcdbb93dadf9de8d03dafd5b0a1ce6cfd83142475HP Security Bulletin HPSBUX02805 SSRT100919 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
849562f0237617b7508b5218fea45645aedcf54cee94899fb36a71e7fbb6f633HP Security Bulletin HPSBMU02803 SSRT100926 - A potential security vulnerability has been identified with HP Service Manager and HP Service Center Web Tier. The vulnerability could be remotely exploited resulting in cross site scripting (XSS). Revision 1 of this advisory.
5f967abf36b11a1450d1bdc34b2e2587d19f67465191db23eaa1aed4ed25dbfeThis bulletin summary lists a re-released Microsoft security bulletin for August, 2012.
1de350bb2520b75dfa3ec3bc239ded133ecd09b6c1f6410fc4e873262d1a6427This bulletin summary lists 9 released Microsoft security bulletins for August, 2012.
1cd148fc9498f008662f4f946c98e9a7eed901cb0eb7aa4b7f0871457c406b3dGentoo Linux Security Advisory 201208-6 - A vulnerability in libgdata could allow remote attackers to perform man-in-the-middle attacks. Versions less than 0.8.1-r2 are affected.
6c9550b2609f2f265e43e99e0791a7773adfb69954890e5f2e3a22021e0ab085Gentoo Linux Security Advisory 201208-5 - An insecure temporary file usage has been reported in the Perl Config-IniFiles module, possibly allowing symlink attacks. Versions below 2.710.0 are affected.
3bcd9906a91e0e60116a8e74a6871bf2c3d7a8bbd8baaef329447255da0a07b9HP Security Bulletin HPSBMU02800 SSRT100921 - A potential security vulnerability has been identified with HP Service Manager and HP Service Center Server. The vulnerability could be remotely exploited resulting in a Denial of Service (DoS). Revision 1 of this advisory.
4ad254c5b89030dfa92dc00ec1f085e885f2d1db130e20182a5f2d7e3cae8aa6HP Security Bulletin HPSBMU02802 SSRT100923 - A potential security vulnerability has been identified with HP Fortify Software Security Center. The vulnerability could be remotely exploited to allow disclosure of privileged information. Revision 1 of this advisory.
b89198f8d8035895450565a76fb38a1af3fd87d8fcc89ef43485ca94649527feHP Security Bulletin HPSBMU02801 SSRT100879 - A potential security vulnerability has been identified with HP Fortify Software Security Center. The vulnerability could be remotely exploited to allow unauthenticated disclosure of information. Revision 1 of this advisory.
5898d749444d507cbdd005d51e64feb010b4f1f5cc9cf4790bc7b7467217d7ffGentoo Linux Security Advisory 201208-4 - Multiple vulnerabilities have been found in Gajim, the worst of which may allow execution of arbitrary code. Versions less than 0.15-r1 are affected.
671a0b3219a4ed58fa722ddbf83b1ae6f5f37fe1b6371f1c987d2f448e285a5bGentoo Linux Security Advisory 201208-3 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 21.0.1180.57 are affected.
0e4ab358111560250603ed9103607bfa7bafe146bbf5da81c989bb38fe4435e1Gentoo Linux Security Advisory 201208-2 - Multiple vulnerabilities have been found in Puppet, the worst of which could lead to execution of arbitrary code. Versions less than 2.7.13 are affected.
34e2e5b7d34db5d93643e67dcebb7c67afd870204a7c4b3718e99acee2ae0d8bGentoo Linux Security Advisory 201208-1 - A buffer overflow in socat might allow remote attackers to execute arbitrary code. Versions less than 1.7.2.1 are affected.
5ba3149b5f1771cf176c32952ee57223f04b09538cb30fff6bad71d6dd9db4d3Ubuntu Security Notice 1539-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. Various other issues were also addressed.
5f1ac3455cca303b5f6aca689847449cc9dd5b0bb1082518a0a561ff16855b85Ubuntu Security Notice 1538-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. Various other issues were also addressed.
b1621261e387c4866383d13410d8707d10ed518cc87e960bb61a013fc5ba3fedSecunia Security Advisory - SUSE has issued an update for MySQL. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information and manipulate certain data, by malicious users to gain knowledge of sensitive information, manipulate certain data, bypass certain security restrictions, and cause a DoS, and by malicious people to bypass certain security restrictions.
126be620f00bdbdbd91e3fad76a7f23ecc19469e794004a02fb50f4e9f2e5d91Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
3921be400542ad8b66f2ad3a5e76763bec88068d4951e85a0d664844d9ce23edSecunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
312c2d9673be9c4269e466183c43c773e722f5516f299990ed56c53da2cd58a2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed