Secunia Security Advisory - Fedora has issued an update for gd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
93f31d85a23185d05d20bda3fdfff59ac8be4022e809c0cceeaaddee1293f11eSecunia Security Advisory - kcope has reported a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions and gain access to a vulnerable system.
a25b5287a19c945816a677beb6f442689e4fd8197a7e3f64e53694646dec43faMicrosoft Visual C++ version 8.0 suffers from a denial of service condition.
f7fe00818ea85c70a2896433664c42f3b88ce3298aa19b8e8bdf63471623ff38Whitepaper entitled Ambiguity In Ajax Lockdown Framework - Unveiling Some Contradictory Facts.
c72d1fdf0586fb064c35e73407382130www.splinder.com suffers from a cross site scripting flaw.
6c042b9b540a40ea9a4fff8746e2e01d18701d9c89da1d6dbc86aa648cc5d4d3Raditech's Portal Search suffers from URL redirection and cross site scripting flaws.
4e870c54f6163a70cd45f4f54c1408c2ceb18c69c84e3d2741bc5f8e6790d1faMD5 hash brute forcing utility.
33d7e9e56e18e575f25076691fa9321cf18d5d0a1578fbed06bedead098bf7adMiniwebsvr version 0.0.6 appears to be susceptible to a one level directory traversal flaw.
e4a1d7d3b80e79f93838d2c8f59e236705a2a65ce62953485b6d42a12fec6fa1JPortal version 2.3.1 is susceptible to a CSRF vulnerability.
d37661d2e4746acdde98359d7e9ae4800cad9127e118f681fbbe06d753506bb0There is an interesting logic flaw in Mozilla Firefox web browser. The vulnerability allows the attacker to silently redirect focus of selected key press events to an otherwise protected file upload form field.
d6e171034211a73ba7ee2c759671ca5bd17c9e11f2acca63372a0c1b68272997Recently, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (TCP) and similar protocols. The consequences of these attacks range from throughput-reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the four- tuple (Source Address, Destination Address, Source port, Destination Port) that identifies the transport protocol instance to be attacked. This document describes a simple and efficient method for random selection of the client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. Both text and pdf formats of this paper are included.
a3c77823856bb629693170ad41bbf3eb04803b3943bb64a88f319af02d2327dbPHP RRD Browser versions below 0.2.1 suffer from an arbitrary file disclosure vulnerability.
28ed47f78f884651caee9b78a4633b35de6589214231d8d99dc0548005a1ef66OpenPKG Security Advisory - According to a vendor security advisory, a vulnerability exists in the SessionPlugin extension of the Wiki engine TWiki, version up to and including 4.1.0. The vulnerability allows local users to cause TWiki to execute arbitrary Perl code with the privileges of the web server process by creating CGI session files on the local filesystem.
51621d8c871de933a4c4b0ef815d8d632f8d803fcb9b63ba065faf6cc822d1b3phpMyVisites versions prior to 2.2 stable suffer from cross site scripting, HTTP response splitting, and local file inclusion flaws.
34f74cdcafeaf7a2c88c13c040bac637888b5cbfab8d3963056479c384f38e34Qdig version 1.2.9.3 suffers from cross site scripting flaws.
d8a2ee0115af2e59af04ff0ebee1a29cc129671e1a6406819d45a904d2987ffcJBoss Portal appears susceptible to a cross site scripting flaw.
80ca88da31e627e074226b66f4318545634703ca5ab84b9f226790c2972c7d93Ubuntu Security Notice 421-1 - A flaw was discovered in MoinMoin's page name sanitizer which could lead to a cross-site scripting attack. By tricking a user into viewing a crafted MoinMoin page, an attacker could execute arbitrary JavaScript as the current MoinMoin user, possibly exposing the user's authentication information for the domain where MoinMoin was hosted.
33f82ae361d2568cfb06709812eb4b3bdf0af824d2c03d39d5ba97bb8af4b293uTorrent version 1.6 remote heap overflow proof of concept exploit.
2ba9174c60fb90eba407cd033af8b77578bb8cf57ec70f4149416a30774be2b4SunOS 5.10/5.11 in.telnetd remote root exploit. This has to be the easiest remote root ever.. wait.. there was that other SunOS telnetd remote root.
717ba32b723518e0fae9769ba3d757fa95ff039e7d79b97b2e23ab1a16df2c18IP3 NetAccess versions below 4.1.9.6 suffer from a classic directory traversal flaw allowing for arbitrary file disclosure.
310f2d07e19e3ea468a8c1d5cc58ebdd56897b0302b6e3e2addb84979717e77ePhilboard versions 1.14 and below suffer from a SQL injection vulnerability in philboard_forum.asp.
afaae9e0da9f0a8417278c7fa2a71653acc06b67406418dd990557be86c9d11dOpen-CMS Site Protection Plugin suffers from a remote file inclusion flaw.
b00b936a466c7e928f730c2e1bdcc7e3110d59930de2a9be235f38693ece67b5CommunityServer Commercial Edition suffers from a cross site scripting flaw.
d69ee1a0dda3f8ddeb35d3ca0b9a9f67dda8ff93cc0fb2118db36b0b3f4b3d16Mandriva Security Advisory - Vladimir Nadvornik discovered a buffer overflow in GraphicsMagick and ImageMagick allows user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
b06cca870f03e4163f5234dd049d33713a4729c8ba5fca52d537d8097de87718FreeBSD Security Advisory - A remote attacker sending a type * (ANY) query to an authoritative DNS server for a DNSSEC signed zone can cause the named(8) daemon to exit, resulting in a Denial of Service.
8468eb2d18ed5e62f05cc1b12e5a16a332d905bf12993f6630719308f3901887
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed