VBZoom is susceptible to a cross site scripting flaw.
4644051554c7f2e0e1f93618cd0c1e360211a9c7448206e75ca2bdb604c02443Debian Security Advisory 1165-1 - Lionel Elie Mamane discovered a security vulnerability in capi4hylafax, tools for faxing over a CAPI 2.0 device, that allows remote attackers to execute arbitrary commands on the fax receiving system.
a4a6e4654ba007d9ee28b9a0a68cc6f7fc0991964feefb2592b681766f05c4ebTIBCO RendezVous versions 7.4.11 and below local password extractor exploit.
37a8f2470720c05fb268d55580ae48abacf5b06355d3ed795e8b36f4da1109d8TIBCO RendezVous versions 7.4.11 and below remote buffer overflow proof of concept exploit for Win32.
a2acc82193bc944036d11007da642449232210befd672ef7859b1dc487c9713fp0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
6c4d8745f04e59f2ba68d56fd1554551592f08a0497c9fc21b84498f47d1aee0afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
ab50e8a50f97954eed952f5c93f851f9a88391e760a3e05cc987a1cfe56c3de0TorK is a Tor Controller for KDE. It allows you to configure, run, and update Tor. It also allows you to view the Tor network and choose how you would like to interact with the it.
7fa54887de7beb12d32a209a45f9049e59eee198683a398afee9008c9041b23carpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
dc1bd2bb150360cffe93a08bd9a1575697c3f95845e39fa90b2016aa1a1d620fBlackICE PC Protection suffers from a denial of service condition when failing to validate the third argument of NtOpenSection.
ad322b0aa27a0e340d007804e6b45dbbe64dff3993b8fba713250eda73ce27a1Mandriva Linux Security Advisory MDKSA-2006-160 - X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit.
de3beccb7fea8f0f8b08112644987888ac712b70536c525e8d8e4ab520f5677aMandriva Linux Security Advisory MDKSA-2006-159 - Previous sudo updates were made available to sanitize certain environment variables from affecting a sudo call, such as PYTHONINSPECT, PERL5OPT, etc. While those updates were effective in addressing those specific environment variables, other variables that were not blacklisted were being made available.
f86071435472415301e61cdb8b22e129f5252ec85ef47195a520ed43c6fc516aMandriva Linux Security Advisory MDKSA-2006-158 - MySQL before 4.1.13 allows local users to cause a denial of service (persistent replication slave crash) via a query with multiupdate and subselects. There is also a bug in the MySQL-Max (and MySQL) init script where the script was not waiting for the mysqld daemon to fully stop. This impacted the restart behavior during updates, as well as scripted setups that temporarily stopped the server to backup the database files.
1537456b8766f6b3db02097bf35862004ac7ec4a591efc1491307e32c944095d48 byte shellcode for Linux/x86 that performs execve("rm -rf /").
24327527c420ed9ed8d4ba6439251e16b92700e61417c06758f7a081b3a51154Doorman@JUMPERZ.NET is a GUI based local HTTP/HTTPS proxy server tool for manual web application testing.
81565b9819dc2aea8d1d93c6b08eff7629484819a4679cc360b80222fc423a65Membrepass version 1.5 is susceptible to cross site scripting, SQL injection, and php code execution flaws.
8fdfe505d8b8b35aa2c94bd5f71967c9dbcd5b605ad3c40efeae9e113f198f2fDebian Security Advisory 1164-1 - A programming error has been discovered in sendmail, an alternative mail transport agent for Debian, that could allow a remote attacker to crash the sendmail process by sending a specially crafted email message.
b96b17b0d3c4a77b358668969e48fc94d6ed53273c3e36641c0848102b5a2176The Lyris ListManager version 8.95 suffers from an arbitrary administrative user addition flaw.
7517d9769056d7392858c94978a82c7712a1c67f09d2f2ad24b399ceff2a2216Mandriva Linux Security Advisory MDKSA-2006-157 - Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c.
55505444ee2fc39789478d1ac838af1e9a4db348552f6f4ea5ae9d37ad72f4d2Mandriva Linux Security Advisory MDKSA-2006-156 - Moritz Jodeit discovered a vulnerability in sendmail when processing very long header lines that could be exploited to cause a Denial of Service by crashing sendmail.
2a49d02056993b5be097580ca711fc25b0ca3724f34c31a024635fd3c745ac5elearncenter.asp suffers from a cross site scripting flaw.
7627161aa3126a176158153c75d9bbb44c150ba66511e0300ce0f7dc58feb03dThe Feedsplitter script suffers from multiple vulnerabilities including a file inclusion flaw that may allow for code execution.
da9025d8ce899c92d59c418f2a2c06008df9ae7c8cbbeda4f1ba857646837a72Pheap CMS suffers from a remote file inclusion flaw.
f37ff61888611a6c1a751882db00698b540d051fbbf325a1e74031495d000e80ezContents version 2.0.3 suffers from remote file inclusion, SQL injection, and cross site scripting vulnerabilities.
0936f37a1e4dc1a0eddce525419ecd1120d1e93af5308db693169024e031fed7Proof of concept exploit written in PHP for osCommerce versions 2.2 Milestone 2 and below with suffer from a SQL injection vulnerability.
4997afa0f376adee76a61ee7f73488639e215d005d0de7a70f849a296548887dDebian Security Advisory 1163-1 - Michael Gehring discovered several potential out-of-bounds index accesses in gtetrinet, a multiplayer Tetris-like game, which may allow a remove server to execute arbitrary code.
3d7a1d0a428ca44b3adfad3cc9899fa7e8eef0b8bd4dd9962f47da803904ab75
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed