Secunia Security Advisory - ajann has reported a vulnerability in Active Newsletter, which can be exploited by malicious people to conduct SQL injection attacks.
2a1bb0fba81aea0041d784146ba3fec762b1d6a6aa88e486f70167a4c3e3aa02Secunia Security Advisory - SGI has issued multiple updates for SGI Advanced Linux Environment. These fix some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of potentially sensitive information, cause a DoS (Denial of Service) and potentially compromise a user's system.
7f613ce517ab0413e69c36792717ced61b9cdace710ff74aa2fdca8ab97ddbacSecunia Security Advisory - A vulnerability has been reported in B21Soft's BASP21, which can be exploited by malicious people to send out unsolicited mail.
042a204443cd2818b86d4f22ebce5884212bbe05377cae5ccbe4de966171a7b0Secunia Security Advisory - ajann has reported a vulnerability in eWebquiz, which can be exploited by malicious people to conduct SQL injection attacks.
acc8b7a842e5b85fa1b8b754c95870d75e73da6be59415389347e91a36fcc4f0Secunia Security Advisory - CrYpTiC MauleR has discovered a vulnerability in the Fizzle extension for Firefox, which can be exploited by malicious people to conduct script insertion attacks.
cc30070611647f1acbfaae8d80a71474578bcda7253a4a36402d57dcab9d218eiDefense Security Advisory 03.23.07 - Remote exploitation of a design error vulnerability in Sun Microsystems Inc.'s Java System Directory Server 5.2 may cause a denial of service (DoS) condition. Due to a design error in the clean-up code following certain types of failed queries, it is possible to cause the server to call the free() function on an address obtained from uninitialized memory. This can result in an invalid memory reference leading to denial of service. iDefense has confirmed Sun Java System Directory Server 5.2 Directory Server 5.2 2005Q4 is affected by this vulnerability. Previous versions are also suspected to be vulnerable.
ac099f40ba061feb00a83559d6cf6b62136a18047a4e3275d989b8ac93005f93iDefense Security Advisory 03.23.07 - Remote exploitation of a password bypass vulnerability in DataRescue Inc.'s IDA Pro Remote Debugger Server allows attackers to execute arbitrary code under the context of the user who is running the remote debugger server. iDefense has confirmed the existence of this vulnerability in the remote debugger server for Windows and Linux from IDA Pro versions 5.0 and 5.1. It is suspected that the MacOS X version and earlier versions are also affected.
42f604e14359b9b4a03f0fa1da10b72bf3727d2df3a4fba8fc808d996e1f5c64Fuzzled is a powerful fuzzing framework. Fuzzled includes helper functions, namespaces, factories which allow a wide variety of fuzzing tools to be developed. Fuzzled comes with several example protocols and drivers for them.
756d0936668277d0a6e297852e5b8e31741e59e53616005718f5af29870b22feMetaSploit exploit for the remote buffer overflow issue in dproxy versions 0.5 and below.
93a48384d4123533a4cf4d4b95a8e2faf0006039c1860712e18e3f39485121bcdproxy suffers from a typical buffer overflow condition, which allows an attacker to overwrite the stack. Version 0.5 and below are affected.
105b19b9f636ba774d84d4ddd91b39ff45110d8e236554da8ee19b7dd5e116e5PHP version 5.1.6 is susceptible to a CRLF injection vulnerability via its ftp function.
f3825b2d25c295cf9de3071ddb0bfea280c955c959b67780920ef24227d22cf4The Microsoft Vista Windows mail client is susceptible to a code execution vulnerability when a user clicks on a maliciously prepared link. Vista's mail client will execute any executable file if a folder exists with the same name.
9d93de47a83e7df885f822a52d0a58a108b0400d364a74a1b91a71cba896cba2Debian Security Advisory 1272-1 - Moritz Jodeit discovered an off-by-one buffer overflow in tcpdump, a powerful tool for network monitoring and data acquisition, which allows denial of service.
c8497a12417b48772854183a14c2c44e852095ad18b8e140406184cb5bfef42bA remote file inclusion vulnerability exists in Coppermine Photo Gallery.
984508ca1c5a9e8ca3d2241f98b27bac20aa6ab5016c69af156840cd79f6f35dThe Takebishi Electric DeviceXplorer SYSMAC OPC server has security vulnerabilities, allowing an attacker with access to the OPC interface to arbitrarily read and write the process memory, potentially leading to the execution of attacker-provided code.
51dbc8b41d20e28402e3f86a60d2bb549b073e580e6fbcfd89790242dce2a2caThe Takebishi Electric DeviceXplorer MODBUS OPC server has security vulnerabilities, allowing an attacker with access to the OPC interface to arbitrarily read and write the process memory, potentially leading to the execution of attacker-provided code.
8cb33ba0ad4a128adf09db399a145e6e72c12a1b7920968c282f9e760c06697dThe Takebishi Electric DeviceXplorer FA-M3 OPC server has security vulnerabilities, allowing an attacker with access to the OPC interface to arbitrarily read and write the process memory, potentially leading to the execution of attacker-provided code.
52af4b4375b268850339d5b6df527f40e730e7722cacafcf9729cd0917d237b3The Takebishi Electric DeviceXplorer MELSEC OPC server has security vulnerabilities, allowing an attacker with access to the OPC interface to arbitrarily read and write the process memory, potentially leading to the execution of attacker-provided code.
7af1ceb7670494e47ccb84c3bcb86b5dbed005eb143f1fd8bfb4d891ea6ba6d1The Takebishi Electric DeviceXplorer HIDIC OPC server has security vulnerabilities, allowing an attacker with access to the OPC interface to arbitrarily read and write the process memory, potentially leading to the execution of attacker-provided code.
2daa115b0cc754c5e67f369025f7c8c0005d004b429f3a2174e65293cf1605e5The NetxEIB OPC server has security vulnerabilities, allowing an attacker with access to the OPC interface to arbitrarily read and write the process memory, potentially leading to the execution of attacker-provided code.
cc5e3497ad3b9ec1cd94870fa3bd4f9ddecf05dc27580164d21b98968bfffa6dTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
cd2e7e5ea479d50982b08334b1f4477a6620e6b45bc79ab55ddd07b128c64611Mandriva Linux Security Advisory - Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs.
4f62b3eb1cb4026205e69534e90bbacb7ac28fc6d2861ee53df14c830e1f91a7Mandriva Linux Security Advisory - Due to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method. This problem allows any client trusted to use the service to perform a denial of service attack on the Squid service.
462ae1a336df1deaf247df7072ada040b0c6d14b56480b78c4739e9e3625a08aMandriva Linux Security Advisory - Jean-Sebastien Guay-Leroux discovered an integer underflow in the file_printf() function in file prior to 4.20 that allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
73404ee6b9cfa61253385a98da5075f54bc1d529bf4bec08ee9a5925329ba5c3Exploiting Microsoft DNS dynamic updates for fun and profit.
c5ab6320f2c6c4fb706f554131fc0d9e5bb76c5ef5653d4c5995ddca09bf0050
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed