Gentoo Linux Security Advisory GLSA 200905-01 - Multiple vulnerabilities have been found in Asterisk allowing for Denial of Service and username disclosure.
8a221aac12797d099e480341a469baefe427ff3bc8ee0f6cb9b7b14595721e9dDebian Security Advisory 1786-1 - It was discovered that acpid, a daemon for delivering ACPI events, is prone to a denial of service attack by opening a large number of UNIX sockets, which are not closed properly.
d8392ecfca012f354dd3cd9542df8b03bd41c24292e62c4e3bdad388dabeb39aDebian Security Advisory 1785-1 - Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to denial of service or the execution of arbitrary code.
3b255c02cc00d98db5dfd4da976b368527b521722843703368f6b15e5fbec7dfMiniTwitter version 0.2-Beta suffers from multiple remote SQL injection vulnerabilities.
00d9d56dcde580db6705020cbf064f4ce46361aef47a3fd40880d09d39c76f90MiniTwitter version 0.2-Beta User Options changer exploit.
d44f9d4e7178502d32ab2fc499eb3ef14ace1155ffabccab2694cf3815dba5a8Mandriva Linux Security Advisory 2009-104 - udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. The updated packages have been patched to prevent this.
e2f778a58e68d599de2ba53ebd615a409c33dca8819654433751264c35a5952cMandriva Linux Security Advisory 2009-103 - Security vulnerabilities have been identified and fixed in udev. udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. The updated packages have been patched to prevent this.
cd2e31bea17b5583908595fc2d863efea69dd947c8453e4883a76468d131c428Mandriva Linux Security Advisory 2009-102 - mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request. This update provides fixes for that vulnerability.
a5a7b231c6a42221cdc1fa8fdcce4e43a477bfbdca5eb1e881627cce83031126RM Downloader universal local stack overflow exploit that creates a malicious .smi file.
8b9942f9aef6012cf9733ca932d7127338b93f308e980ff7f29d7f70cdc0d883RM Downloader local stack overflow exploit that creates a malicious .smi file.
0f83a5ed4f168e59530158b15e7766d61f830311cbbb281627e32d193f865613Pecio CMS version 1.1.5 suffers from a local file inclusion vulnerability in index.php.
fb9754b5bf843b0e480d79ed823afac486d5507be38f577ff6e825ca73fcab7dWhitepaper called Anti-Fraud Image Solutions - The Use Of Distribution Tracing Within Web Content To Identify Counterfeiting Sources.
b9fe2c5926e1fdc309e98785e517a3dfb8ccf9d52c4c01eab58053100d2be83eaudio-entropyd feeds the /dev/random device with entropy data read from an audio device. The audio data is not copied as is, but first 'de-biased' and analyzed to determine how many bits of entropy are in it. This program is useful for systems doing many cryptographic tasks like VPN endpoints or GPG clients; it helps prevent the /dev/random device from being depleted and blocking reads.
29d4350ad8ef26233e1b35ba0e8dd0b1138475c0f840008304677812dbdb2c15Mercury Audio Player version 1.21 local SEH overwrite exploit that creates a malicious .m3u file.
a940782d6df2a2d958db107ec4541984095f764612c6e48a9adf3024edd261c2Addonics NAS Adapter remote FTP server denial of service exploit.
873f1ca01bb0427aae2c7f7b63e103edc4b0e3982b7c4fce18737c13327ee837Beatport Player version 1.0.0.283 local SEH overwrite exploit that creates a malicious .m3u file.
19225c2de1f6403fe9f321b7f3b53d1fe2dea9fdd9711ede4f614c0a96291779Beatport Player version 1.0.0.283 local stack overflow exploit that creates a malicious .m3u file.
7d5925b09e70e314d28c3110103985feda988c81dfacf94852b344638e69f574Beatport Player version 1.0.0.283 local stack overflow exploit that creates a malicious .m3u file.
137b254dc917f43e4f0cbbdc09c52d6c53e45d576f1f0ff054e76e04daff535dBeatport Player version 1.0.0.283 local buffer overflow proof of concept exploit that creates a malicious .m3u file.
1501a59545192f98bc98f911574c769bf3a071a81009976a63c012a3319637eePacket Storm new exploits for April, 2009.
7121ded4c11f7b2540b672fabd936b53283b6675b48f18ee8deef905cb814757Golabi CMS versions 1.0.1 and below suffer from a session poisoning vulnerability.
9263c62d47ffbd972ad872230f45d347d91d79e869666f6be05f7806cc76d36aDebian Security Advisory 1784-1 - Tavis Ormandy discovered several integer overflows in FreeType, a library to process and access font files, resulting in heap- or stack-based buffer overflows leading to application crashes or the execution of arbitrary code via a crafted font file.
23030ae394b9f2eb83a6a820d657a6c311fe75f42de42d3f647c0a1f15db45cb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed