Secunia Security Advisory - Ubuntu has issued an update for samba. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
6b713fa92254e5e020bb9034018494205b87399eef9d7b7782672a65c7c54a18Secunia Security Advisory - Some vulnerabilities have been reported in SemanticScuttle, which can be exploited by malicious people to conduct cross-site request forgery attacks.
a9a47f5809fe84d3bc40ae0da653f142f6e69612d50e6be0fa42db6e904b5261Secunia Security Advisory - The_0nur-n0x has discovered a vulnerability in Poll Pro, which can be exploited by malicious people to conduct cross-site request forgery attacks.
58d8f7458116747d84c87c9f698ca539a2bec194c9a84a3a3e8f414a9290c86bSecunia Security Advisory - Ubuntu has issued an update for xterm. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
91042f1ac92119c1163cf1f154658212fff07b7e96a58950041713d3eb2ca674Secunia Security Advisory - Ehsan_Hp200 has reported a vulnerability in SolucionWeb, which can be exploited by malicious people to conduct SQL injection attacks.
a362551fa596e52818e44203ac915ccdec3482d542cba99adc33390b01dc7055Secunia Security Advisory - Some vulnerabilities have been reported in PHPAuctions, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks, and bypass certain security restrictions.
7c26cd2581cd646ff1fd57a0f3a2a5674a53af7a1fedc5e8f2f3716ad99646feSecunia Security Advisory - Tobias Engel has reported a vulnerability in various Nokia phones, which can be exploited by malicious people to cause a DoS (Denial of Service).
3f3aa5e3dd2574d358859013f57bc3db25466679e0426719b783e1e354a76160Secunia Security Advisory - A vulnerability has been reported in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
f4edaeb6796e1815e27acd941ba06be325bde4b28cb252c684ef72e2c43824e1Secunia Security Advisory - Laurent Gaffi
ba55ad8300f86fffb3958599c258ae74cdc02889e45ab9fc7d651e4f3664dd67Ubuntu Security Notice USN-703-1 - Paul Szabo discovered that the DECRQSS escape sequences were not handled correctly by xterm. Additionally, window title operations were also not safely handled. If a user were tricked into viewing a specially crafted series of characters while in xterm, a remote attacker could execute arbitrary commands with user privileges.
e7e6a06f9fe2effdb62bbdfe84ed4ba618aa063ddb21bba5c246c5989dcf40c7Ubuntu Security Notice USN-702-1 - Gunter Hockel discovered that Samba with registry shares enabled did not properly validate share names. An authenticated user could gain access to the root filesystem by using an older version of smbclient and specifying an empty string as a share name. This is only an issue if registry shares are enabled on the server by setting "registry shares = yes", "include = registry", or "config backend = registry", which is not the default.
1f54398ec952d4b39f2110cd81591e592bacac95220038e4c096a6ab8d8ae1baPHP Auction System suffers from an insecure cookie handling vulnerability.
e55bc4dfcdaeb737ed41e61ffaceb513734a56acabf630f23b3e3db1494bd590PHP Auction System suffers from cross site scripting and remote SQL injection vulnerabilities.
50fdfcb7ee92d21752269036b2bb8ba0ec97c9be08b260099322ac58f06adc54Joomla Phoca Documentation remote SQL injection exploit that makes use of index.php.
a3820cbb18ef66da934bd9b9f6c5cefcc0f43a196c81eccc0a8ba0d24f9b70fbLocal / Remote file inclusion scanner that attempts to make use of a c99 shell on a vulnerable host.
3ef3fd5a18405dc440ca9f9b2ee8e623841175bf7d26977dd2f870b8669d6b80Walusoft TFTPServer2000 version 3.6.1 suffers from a directory traversal vulnerability.
f988f5edf493c9f38aea008577ba37cb3ae7f4d55d008a8c4cb00eab865db579The Rat CMS Alpha 2 remote blind SQL injection exploit that leverages viewarticle.php.
f6761088432dd2ba78605fed4ef1c0cee48a1616aaffe92f2e48c8f61e315848Destiny Media Player version 1.61 .lst file local buffer overflow proof of concept exploit that spawns calc.exe.
20241fd6598991808eed0e2b0f4273f920d34c8bc7cffde7366d055d0e36ecfbscreen versions 4.0.3 and below are vulnerable to an authentication bypass vulnerability that allows local attackers to gain system access in the case where screen was locked with a password. Tested on OpenBSD.
5a6a888bcf05d77216b3849e8465eb8daa06ba3c92c524e8aee2d252bc558b41SEaCURE.IT is the first international technical conference ever held in Italy on security related topics, aimed at bringing together the leading experts from all over the world, to create a unique setting for networking and discussion among the speakers and the attendees. The 2009 edition will be held from May 19th to the 22nd in Villasimius, Sardinia.
18a0705c568e7d32d4e7632f11b895ca38ed2c717557e04ec03f4a3a802975acplxAutoReminder version 3.7 suffers from a remote SQL injection vulnerability.
908c639e17663cc5aa2486171669fde62e14d294f186307123f8422c7fe6a280Safari array integer overflow proof of concept exploit.
8d018a338ed08422a4dc3a1d1c8f2bef6a08cd0487577e9ff3d96102ba6ea272Destiny Media Player version 1.61 .lst file local buffer overflow proof of concept exploit that spawns calc.exe.
3aaed140978baa5b59e854d17929770c3d8087583a0c5e7bfbe733fef7502bc3Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.
818dfbd388ef6d1ee56aab0f9a6a36d03180533e9818ceee776672376fe7e830SolucionWeb suffers from a remote SQL injection vulnerability in main.php.
45621ad60b4b27fe7efdcebcc1ba2a28a46de2d070bdf25087e44ec1655a4f24
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed