OpenSSL Security Advisory 20071129 - A significant flaw in the PRNG implementation for the OpenSSL FIPS Object Module v1.1.1 has been reported by Geoff Lowe of Secure Computing Corporation.
1c6d80ff4b28bba5c1b355562c19037b83fb6a0a696bebe74ae47f91c3eb5f75Secunia Security Advisory - Avaya has acknowledged some vulnerabilities, security issues, and a weakness in various Avaya products, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and disclose potentially sensitive information, and by malicious users and malicious people to bypass certain security restrictions.
4fd88f4471a7f30584b9d62abcca4bbbbbd860c03e88e2d3e33c7faa4c260f6fSecunia Security Advisory - Red Hat has issued an update for java-1.5.0-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system.
b720803ebc7014e4844f90213451fdc7fd9696296ec9e090d85cbbb011334b8aSecunia Security Advisory - Joshua Morin has reported a vulnerability in Liferay Portal, which can be exploited by malicious people to conduct cross-site scripting attacks.
b4548cf492d9953d66d53135630f2fc81006b2e92b5830e1c0a27763e6a7dde6Secunia Security Advisory - A vulnerability has been reported in PHPDevShell, which can be exploited by malicious users to gain escalated privileges.
826dfeaafd05927843db01d804aa3b518d6ea31a6eec62b1aaa8c6b7575dc0f9Ubuntu Security Notice 548-1 - It was discovered that Pidgin did not correctly handle certain logging events. A remote attacker could send specially crafted messages and cause the application to crash, leading to a denial of service.
a84e35c1a95dec9a9df3f0f81f9f48ecc5f65cc260596703cc27bc5e5f14ba74Mandriva Linux Security Advisory - Buffer overflow in the safer_name_suffix function in GNU cpio has unspecified attack vectors and impact, resulting in a crashing stack. This problem is originally found in tar, but affects cpio too, due to similar code fragments. Directory traversal vulnerability in cpio 2.6 and earlier allows remote attackers to write to arbitrary directories via a .. (dot dot) in a cpio file. This is an old issue, affecting only Mandriva Corporate Server 4 and Mandriva Linux 2007.
e60da58de41a61167889be1fbdba3d6aad13e83dca878b9c731631571b545a6aMandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The minix filesystem code allows local users to cause a denial of service (hang) via a malformed minix file stream. An integer underflow in the Linux kernel prior to 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set.
95307557ba740a805d1b0acc4d29dcdeb264604232a40f7ce8bbf34ba5541191bcoos versions 1.0.10 and below suffer from cross site scripting and SQL injection vulnerabilities.
805c22ff1c53330806b6d13752a311149728862efa15a2649a989073efb5d81aSymantec Backup Exec for Windows Servers (BEWS) may be susceptible to multiple denial of service attacks (DoS) if maliciously formatted packets are passed to the BEWS Job Engine. Versions affected are Symantec Backup Exec for Windows Servers 11d and 11.0.6325.
75d6a82384e222efd7555b332a1c44d90f8ed07aa3967fa81bd4a07f96aefe9fSecunia Research has discovered some vulnerabilities in Symantec Backup Exec for Windows Servers, which can be exploited by malicious people to cause a DoS (Denial of Service). Affected software includes Symantec Backup Exec for Windows Servers version 11d (11.0 rev 7170).
d1321743e30d06255bc3f4a66e51dcf9f7cc713fe0cd1a7460771ec6c3ab5e80Charrays CMS version 0.9.3 suffers from multiple remote file inclusion vulnerabilities.
8522fe34fb8b4ff4ea5a2c953b5e27c61491112bda7fac788bba0eeeaa2ae043EHCP versions 0.22.8 and below suffer from multiple remote file inclusion vulnerabilities.
83fab2b77c909841eeea18b645cca3c219a8cf5b1727a7f2f54b050550cb4edcPHP-CON version 1.3 suffers from a remote file inclusion vulnerability in include.php.
fbe1de639ebef1bd488e62fcc8faef2f0ddcc877ca7285e2d3b45a221ea65685Secunia Security Advisory - Netscape has acknowledged some vulnerabilities in Netscape Navigator, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks or potentially to compromise a user's system.
3a3b90ea0d26fc27033b5fceb4f4b5e5fcb20bafc3fbcb30b4ccf4af14104f47Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Symantec Backup Exec for Windows Servers, which can be exploited by malicious people to cause a DoS (Denial of Service).
3b85e18de77812d855988b49a96ed55acafb4ae0501b1a6dbbb9765b82206adaSecunia Security Advisory - Gentoo has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
494aaa8d27886922e0f61cdd6a6dd3be6233d89ec838977aaddef65af2930dafSecunia Security Advisory - Slackware has issued an update for libpng. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
518654ead64737ffae2b67a20458be9bacfd2a20d7768e452fedeeff8b206936Secunia Security Advisory - A vulnerability has been reported in Feed2JS, which can be exploited by malicious people to conduct cross-site scripting attacks.
e6a62a31c2a800dc08bf2b1affe6ffe9004da4557c1582ea131c9db997a47c40Secunia Security Advisory - A vulnerability has been reported in FileMaker Pro/Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
36eb8204710cc8ea901828402161d6ca618fa14660a4f4fc54b14a77e71ae4a7Secunia Security Advisory - A vulnerability has been reported in IBM Director, which can be exploited by malicious people to cause a DoS (Denial of Service).
1da03a6895f846b27c86c740c1db8862f5627d53677eadc18f8b1c9b56576f37Secunia Security Advisory - Some vulnerabilities have been reported in Wesnoth, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise a vulnerable system.
6d787e5af3201254c0fda6281b4112ace3d84d779e02bddf1ca3d3d6e2128055Secunia Security Advisory - Debian has issued an update for tk8.4. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
6024ebdd8759512caa291c3f6594a481e9c386b2e33ee9b305113fbb468fb510Secunia Security Advisory - Debian has issued an update for tk8.3. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
5234940ff955ce4064b39add5d0ae64626b541b38ac702970d80b1210094333bSecunia Security Advisory - Crackers_Child has reported a vulnerability in vBTube, which can be exploited by malicious people to conduct cross-site scripting attacks.
aeba6df03cc39b71c358ecdf93617971723bbc9d59a82f670f6f7881d8bb3fa0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed