ImpressPages CMS version 3.6 suffers from a remote arbitrary file deletion vulnerability.
55f5e488a59a727c9c92aeb95d6419bf6d920f6c808093b6c87d621b4fca8d1fIf Varnish receives a certain illegal request, and the subroutine 'vcl_error{}' restarts the request, the varnishd worker process will crash with an assert. The varnishd management process will restart the worker process, but there will be a brief interruption of service and the cache will be emptied, causing more traffic to go to the backend. Versions 2.0.x, 2.1.x, and 3.0.x are affected.
4dd3ca412788a9fb651556055e5db955a3a0bfa4211fe82cd6b19131b95892b1ImpressPages CMS version 3.6 suffers from multiple SQL injection vulnerabilities that can be leveraged to commit cross site scripting attacks.
c0158b9660a832da42931529dc82169695f27a37b147d2ca11d07463c6ad3622Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
0b9b8133861fd612bc23681afd5cfdecbe1aafae9c0de5e0504f64a25432e301Joomla Joomleague component suffers from a remote shell upload vulnerability due to having Open Flash Chart included.
0f1ae71621285e8b0eb83e4a3f53e542a05b8297d22083756687db822c368fe3Unicorn WB-3300NR router version 1 with firmware 5.07.18_ko_UIS02 suffers from multiple cross site request forgery vulnerabilities.
496e96adcbb5d5029e4f736e58b001b81d66548809c3f0e582abb2d278aee835Ubuntu Security Notice 2010-1 - Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Thunderbird. Jordi Chancel discovered that HTML select elements could display arbitrary content. If a user had scripting enabled, an attacker could potentially exploit this to conduct URL spoofing or clickjacking attacks. Various other issues were also addressed.
0c6808080c7cedb8770ce4507d3e211181be6fbe5089acc561b682ec9cd4352dRed Hat Security Advisory 2013-1490-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way IP packets with an Internet Header Length of zero were processed in the skb_flow_dissect() function in the Linux kernel. A remote attacker could use this flaw to trigger an infinite loop in the kernel, leading to a denial of service. A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.
940f925cc01d5946698f3c8f547317f6ac1c6b045d85b6aabe0408192318c0ecMandriva Linux Security Advisory 2013-264 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. The mozilla firefox packages has been upgraded to the latest ESR version which is unaffected by these security flaws.
2d83524add9483617df11c7c7f0b74ea9124d1053549342cd71184886957c77fDebian Linux Security Advisory 2788-1 - Multiple security issues have been found in iceweasel, Debian's version other implementation errors may lead to the execution of arbitrary code.
a6fb9434789c59d2f49dcdd2676f826a9246d6ecf38d0a3b3eea51e3b8576b56AudioCoder version 0.8.22 SEH buffer overflow exploit that spawns calc.exe.
b4cbb03bdcdbcd5c2dec4f6aed6de902c1e1f8bfca55b28882a5495f981304c1Watermark Master version 2.2.23 suffers from a buffer overflow vulnerability.
6d6388481f96aa5d4cd3dab7c54eedac3a960c2006de898b7e9d865544e64183WordPress WP-Checkout plugin suffers from cross site scripting and remote shell upload vulnerabilities. Note that this advisory has site-specific information.
8b75a731806da2c71e99adf68bf4ec4bcc441e9e2a626f2793e02907deffc994Apache and PHP remote command execution exploit that leverages php5-cgi. Written in Python. Version 2 of this exploit.
4ff30abedfc2e5c88bf249761ca4192667e3ca89365d9bc9e3bbbe21546e6d28
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed