[N]eo [S]ecurity [T]eam [NST] - Advisory 28 - 2006-10-25: PHP-Nuke 7.9 and prior Search module "author" SQL Injection vulnerability.
257e6728bdd3845e4cd214b25c644fc4e45e2d08c387fb6f72f930709e50d1baDebian Security Advisory 1199-1: Several vulnerabilities have been identified in webmin, a web-based administration toolkit.
ac70b52b989b5e6e511c91a54a358c8bfe3178ecec67cc1b40297e10795428beSafebreaker is a demonstration next-generation packet-sniffing backdoor, that doesn't require libpcap. It offers a full terminal support, comes with a tls encryption for the connection, and the authentication parameters are configurable.
f6f72ee772f76cad2c257e301e9e32dd81ea91eb20dff6bdc36e59f08553c705The D-Link DSL-G624T ADSL Router is vulnerable to several security issues including directory traversal, and cross site scripting.
1d7fbd1d6c17b6608ed8f584f7671dca00918403871ae3704eae24c3a3e3ddd6FBF - FTP Brute Forcer: This is a ftp brute force dictionary attacker that can read a list of users or specified user and run a password list attack against them. The brute forcer has a delay option which makes it not clog up the server with to many connections the option is defaulted to 10 seconds but can be changed for longer iterations. Inside the tar is a the fbf.pl, and user and password list.
493b64ffea8b20ec4c603181141174f6b9629306625f54db9b4327f20bd7464cWHM 10.8.0 and cPanel 10.9.0 R50 suffer from multiple cross site scripting vulnerabilities.
856fb04b155bfd25995f833052eacf3fc28c66d4f66dd248b63cc059d66615ffRMSOFT suffers from a cross site scripting vulnerability in images.pgp
5d566ac900822b0d60ccc3633345fbc7685b6011cf1482cf77ee3f0da83014d8Virtual Law Office suffers from a remote file inclusion vulnerability in phpc_root_path.
8ac3373bf1a38ff13ba1946d290788110bb5c7d9182e5275be35eb9838eb1b69Ubuntu Security Notice 368-1: qt-x11-free vulnerability
657aefc9c47d345a3da403fcd29b5515d54ae70ea468d62ec73b63af6ea7b671Ubuntu Security Notice 369-1: postgresql-8.1 vulnerabilities
bb7244ff174a2049c71cfe23a1c7c3369ea7dfe7d883d3692249203f35681942Debian Security Advisory 1198-1: Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
d56ab96f64696ea8e6b7285b6df6f3af450dfc53a1c97734a907dec111343504Debian Security Advisory 1197-1: Benjamin C. Wiley Sittler discovered that the repr() of the Python interpreter allocates insufficient memory when parsing UCS-4 Unicode strings, which might lead to execution of arbitrary code through a buffer overflow.
7c7878995b3bf014ff6370a56959841af07a5ed8ebfa2371a02bade6c04c82f1Gentoo Linux Security Advisory GLSA 200610-12 - Sparfell discovered format string errors in calls to the set_var function in tcl_cmds.c and tcl_core.c. Versions less than 1.0.1 are affected.
2997d6f43ba49810540cc0947efe922dc0f7130a4450c88239f48e93be62aac7Gentoo Linux Security Advisory GLSA 200610-11 - Tavis Ormandy and Will Drewry, both of the Google Security Team, discovered that the SSL_get_shared_ciphers() function contains a buffer overflow vulnerability, and that the SSLv2 client code contains a flaw leading to a crash. Additionally Dr. Stephen N. Henson found that the ASN.1 handler contains two Denial of Service vulnerabilities: while parsing an invalid ASN.1 structure and while handling certain types of public key. Versions less than 0.9.8d are affected.
6eb84f83cecf5e8602848cab7ce13b32b8293f9f3b11438c365eb87466681a8aGentoo Linux Security Advisory GLSA 200610-10 - Damian Put and an anonymous researcher reported a potential heap-based buffer overflow vulnerability in rebuildpe.c responsible for the rebuilding of an unpacked PE file, and a possible crash in chmunpack.c in the CHM unpacker. Versions less than 0.88.5 are affected.
e4ebc3c932347c8d225f6321bd4749d77f35cab5096e3c939a03f8072f0f7305Gentoo Linux Security Advisory GLSA 200610-09 - Luigi Auriemma reported a possible buffer overflow in the MBHttp::Download function of lib/http.cpp as well as several possible buffer overflows in lib/rdfparse.c. Versions less than 2.1.4 are affected.
018baa5be51b5b3733dabe71bcb8bce69a93e0adfb2d636f8bc9bdbf7feb76bbSecunia Security Advisory - xoron has reported a vulnerability in InteliEditor, which can be exploited by malicious people to compromise a vulnerable system.
c42be5c5ab9595dffe8e2d956b9750695fe4777bd7895e8e0c0d0f95c36573acSecunia Security Advisory - Gianni Amato has discovered a weakness in Yahoo! Messenger, which can be exploited by malicious people to cause a DoS (Denial of Service).
185d0e9d467c756252e22e42aa6a58a720cd485f7c9a45c4ea2aac9ac898fd19Secunia Security Advisory - Drago84 has discovered a vulnerability in Net_DNS, which can be exploited by malicious people to compromise a vulnerable system.
0499e6f7dd43f3d90318e3f8f9ccc1ee25bb0a1f4b375a25f4eece23203e7faaSecunia Security Advisory - Jose Ramon Palanco has reported some vulnerabilities in D-Link DSL-G624T, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose certain sensitive information.
f988f88bafcb0936d5a655f3106b26fbd5d6f971210e6ff855ef582f9cccff5eSecunia Security Advisory - Moran Zavdi has discovered a vulnerability in ProgSys, which can be exploited by malicious people to conduct cross-site scripting attacks.
e321eb22b3125e85e9317a6195be0096745eb7d003c714ca301e0fc6e7a998bdSecunia Security Advisory - Greg Linares has discovered a vulnerability in FTPXQ Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
12c3c717b317e7c31dbb7de9ef5582e8b8c2973c29fde9e063873b8e889da1e6Secunia Security Advisory - A weakness has been discovered in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.
5db81d1096ab458d4924a19394c09067ab23b9bc2fdea4a011c3a34b14c76075Secunia Security Advisory - Evgeny Legerov has reported a vulnerability in FreeBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
0e2813aa305ee747a4b65542ac80847fc5ca92ad467859ae5303c685f090b2f2Secunia Security Advisory - GregStar has reported a vulnerability in OTSCMS, which can be exploited by malicious people to compromise a vulnerable system.
e21cc8ff4aa04fb5d438d5dd1068f556800bc0ea65ddb1eb980c4f18fdd4fa4f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed