Secunia Security Advisory - A vulnerability has been reported in Loudblog, which can be exploited by malicious people to conduct cross-site scripting attacks.
a829110c09bc8cd76c94a7af384124e7c1d37596b4894b9b61a1e6d6452f0cccSecunia Security Advisory - Debian has issued an update for kernel-source. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
72a53246ff84f6a6dae80c86d8acb6e60d8854f54adbb761c9f34549aca9563aSecunia Security Advisory - Ubuntu has issued an update for PHP. This fixes some vulnerabilities, which allow malicious, local users to bypass certain security restrictions, or malicious people to gain knowledge of potentially sensitive information, conduct cross-site scripting attacks, or compromise a vulnerable system.
83a288ce7bd7ea7b87e3b7a9b6f730124d70aca649521832952ab1a72e87d5c7Secunia Security Advisory - Debian has issued an update for zope. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.
1b4be9a7124bed267a7aac815fa99962c47cd95b92fc2d8763a07367e3902b01Secunia Security Advisory - Some vulnerabilities have been reported in Solaris, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
7c2e0a7bd8140d32d06e9c118f537fc4a219f129e8c2ce2738b1d659538e1ef8Secunia Security Advisory - r0t has discovered a vulnerability in PhpHostBot, which can be exploited by malicious people to compromise a vulnerable system.
040aa662b2af564ecc94fe58b7d55643a1431846d4fba358d414d323b46ef659FSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.
0ce31699030ee97f6dc3af8de586252113d5edeb3a4af04982059e9dfc1dc265Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
c6ee9283cecc91253ffb98e5d411f6a1cd1dedbe20dce7953708ef4d2ddb3ea5Mandriva Linux Security Advisory MDKSA-2006-128 - A number of vulnerabilities have been discovered in the Wireshark (formerly Ethereal) network analyzer. These issues have been corrected in Wireshark version 0.99.2.
a70e6c883ef037267ed1f7d564acf25d348100eca2cc612cd35405e159068879Mandriva Linux Security Advisory MDKSA-2006-127 - A buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp 2.2.x allows user-complicit attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VECTORS property.
967a800b44fe0c9c4bd16b830b08528320685a407834389b574777cceeea8a06Mandriva Linux Security Advisory MDKSA-2006-126 - Kevin Kofler discovered multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp 0.4.2 that allow remote user-complicit attackers to cause a denial of service (application crash) and possibly execute code via a long Album release date (MBE_ReleaseGetDate), data, or error strings.
673f8a9b6416bb5e961aa26c578d87cb4b320a1f2b21f94f534fdd8f46e154f3Mandriva Linux Security Advisory MDKSA-2006-125 - Webmin before 1.290 and Usermin before 1.220 calls the simplify_path function before decoding HTML, which allows remote attackers to read arbitrary files.
85723e50a322f9644980dda1e3c0934b4ec87396b76850aa21a6ad3a88fac807A buffer overflow exists in ASP.DLL that can be exploited by creating a .asp file containing a parameter for the include SSI command. Software affected include IIS 5.0, 5.1, and 6.0.
15106fae66f1a64dd28018a095af362d82f101972557818a0a6c8f94dfd36787WebScarab is subject to a client side script code injection vulnerability which may allow for cross site scripting attacks against web clients connecting through it.
8743267c238efa13f343583cfea9be6705e16a81ff5da7e32ea95f11aca43cd7The VMWare configuration program may not correctly set file permissions on generated SSL Key files that are used for encrypting traffic for remote administrative connections. Affected software includes VMware Player for Linux, VMware Workstation for Linux, VMware Server for Linux, VMware ESX Server 2.x, and VMware Infrastructure 3. ,
d82254e62414dee03552857930ec0f8a5fd562d618e4973740edfc893ff0c681Debian Security Advisory 1113-1 - It was discovered that the Zope web application server allows read access to arbitrary pages on the server, if a user has the privilege to edit "restructured text" pages.
d8c7f0fa03977a20bd9ad3e69408121a395b88f2f6ee3cc938ad1c21908e7c90Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.DBMS_UPGRADE package.
18c7d147268f4340c1b4b135f96de0783f6f3ec9d81dbf61704fb19e444a06b8Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.DBMS_STATS package.
3a7cab283b50bd36f1df7a0d097581f90730373dc3f861271e3fd452eacc7f17Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.KUPW$WORKER package.
f6324aa9af8254b31f82d5d99a144a429093d3ce534bbaefbedac9033a70dac6Oracle 10g Release 1 is susceptible to SQL injection flaws due to the SYS.DBMS_CDC_IMPDP package.
7aee6cd1fd328ddd01a554087c7fe9ec3a27fddb63bc5df119ead3f784d82aa5This is a huge list of many popular web sites that are susceptible to cross site scripting attacks with links to examples.
dc68f43e7f38423c3b967f1c5acbfbbfb67b59ed2d10ffba0afd65884a01b955HP Security Bulletin - A potential vulnerability has been identified with the HP Tru64 UNIX operating system running NIS ypserv. The vulnerability could be remotely exploited to cause a Denial of Service (DoS).
b84d3ac6242cd6975eeb3ebcdd24d5b9de23f203453f7c7d21c1aa265cc18a88hdweGUEST versions 2.1.1 and below suffer from cross site scripting vulnerabilities.
11ec1bdaa8640916b59357d6e79e3e22f561c9065e8cba1f96b2af056a66d149Mandriva Linux Security Advisory MDKSA-2006-124 - A race condition in the Linux kernel 2.6.17.4 and earlier allows local users to obtain root privileges due to a race condition in the /proc filesystem.
4e9486b0fe5fe1053a44ace328652f50fbf72944c074f926308b708a3c8b98dbPHP-Post version 1.0 suffers from a cookie modification privilege escalation vulnerability.
44ca8a2431b18e5145b50378ea3f3516bce8867f5ff4cb642c4dd4859963e3b2
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed