A flaw in phpBB 2.x allows a malicious user the ability to alter how posts are aligned due to mishandling of quotes in posts.
70f56094bb313dcfcd45d1f37379dbf6cf24d348bfcc8878251a398c4ba3275dGore proof of concept exploit that makes use of a buffer overflow in the Gamespy cd-key validation SDK toolkit.
cf5355e7973ad61b6d04183277de237d366a6deab61adfbb1cf102903a1b7d3eGamespy cd-key validation SDK toolkit suffers from an in-game buffer overflow vulnerability.
77bedf1aa6487dec667bf59d02065c3be1789f19425ad5beefa3652de81af41aRemote root exploit for Citadel/UX versions 6.27 and below that makes use of a format string vulnerability. Tested against Slackware 10.0.
67940d624ed15be6a8a2ef3aa01c6a2a06b90ceb459471a189933677b5d6e4b8No System Group Advisory #09 - Citadel/UX versions 6.27 and below suffer from a format string vulnerability that allows for remote root exploitation.
4696971823e199337cff698d475784868739e6f9e92bff094b13b9b3806b7141Web Audit Library (Wal) is a python module that provides a powerful and easy API for writing web applications assessment tools, similar to what Libwhisker does for Perl. Wal comes from the need of such a library for python. Writing web security tools using Wal is very straightforward. Wal provides the following features: send/receive/analyze HTTP 0.9/1.0/1.1, HTML parser, cookie support, anti-IDS, decoders/encoders, and much more. Requires python 2.3 or later.
4c007ed432547ea5109613d7dd67c1b585a5d6f9051f0726e337aeffa360788cSCMorphism is a shellcode polymorphism tool designed to automatically encode shellcodes using various decoders and techniques.
29a7d7fa8d76082cb40c9cddaf4b04cbdb5c5ccb23f2aa1cea9f32b7ef9c08d9Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to the filename and the Content-Type header not being sufficiently validated before being displayed in the file download dialog. This can be exploited to spoof file types in the download dialog by passing specially crafted Content-Disposition and Content-Type headers containing dots and ASCII character code 160. Successful exploitation may result in users being tricked into executing a malicious file via the download dialog. The vulnerability has been confirmed on Opera 7.54 for Windows. Other versions may also be affected.
3039a1672179b775aa7c491c4d1dd8a33aa4723167c21f1976a34523b34bfe14Gentoo Linux Security Advisory GLSA 200412-06 - PHProjekt contains a vulnerability in the setup procedure allowing remote users without admin rights to change the configuration.
5bae0ab12298a42e2f37917a4093de5d7f8f8de2c9b0664a0462ee955fb6c4b1Secunia Security Advisory - Alexander Fichman has reported a weakness in Microsoft Office SharePoint Portal Server 2003, which may disclose sensitive information to malicious, local users on the system.
b7bf18526610a3fba5b6eba2971cb85fd9f800185d5e7516244680376b8f4d78Secunia Security Advisory - Secunia Research has reported a vulnerability in iCab, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
d776027867d552ada252f1f365b9a26b4daaa3b8a91a128d5b220cdfea21ec43Secunia Security Advisory - Secunia Research has reported a vulnerability in OmniWeb, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
203d85b10a492ca1e807802062bb860b92c2e7983a1e4f45a6a06a72bd477232Secunia Security Advisory - Secunia Research has reported a vulnerability in Internet Explorer for Mac, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
e5cbc8d7aa81c3b95cc2c2f32a57456e00f8faff54f0a8daff22fc5fc1a672f9Debian Security Advisory 607-1 - Several developers have discovered a number of problems in the libXpm library which is provided by X.Org, XFree86 and LessTif. These bugs can be exploited by remote and/or local attackers to gain access to the system or to escalate their local privileges, by using a specially crafted XPM image.
92e7bd5b29761513771a1772f54dd0d5024e128275bd7b489004e373a340c1f3Secunia Security Advisory - A vulnerability has been reported in Kerio WinRoute Firewall, which can be exploited by malicious people to poison the DNS cache. The vulnerability is caused due to an unspecified error and can be exploited to insert fake information in the DNS cache. The vulnerability has been reported in version 6.0.8. Prior versions may also be affected.
9470e3ba88264de0947d2cbf1f95c8ccf7561c3ae9e25f96c3b59bcabc37bc98Secunia Security Advisory - A vulnerability has been reported in MIMEsweeper for SMTP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the Security Service when processing PDF files. This can be exploited to crash the Security Service by sending an email containing a specially crafted PDF file as attachment.
847db55edac0b9a1ff35f6e4671b96ac95c986ddaac0a8d11f359cfe0c4fe205PfPro is a Java based GUI for creating OpenBSD PF firewall configurations.
9045f93ccf02dcef027cc8434dea5fd77fb7f8f71a2d4923b79fc9fefd1b4d87TinyCA is a simple GUI written in Perl-Gtk to manage a small certification authority. It works as a frontend to OpenSSL. TinyCA lets you manage x509 certificates. It is possible to export data in PEM or DER format for use with servers, as PKCS#12 for use with clients, or as S/MIME certificates for use with email programs. It is also possible to import your own PKCS#10 requests and generate certificates from them. It also lets you create and manage SubCAs for more complex setups. The most important certificate extensions can be configured with the graphical frontend. English and German translations are included.
8a1bb32cee60240ac5d5a649d5bfa156a97838bf1b1396b7d7711a407c3f3dd2OpenCT is a library for accessing smart card terminals. It provides a rich set of functions for driver writers, protocol drivers for T=0 and T=1, serial and USB functionality, including USB hotplugging. The main user of OpenCT is the OpenSC smart card framework, but OpenCT can of course be used by other applications as well. OpenCT provides a native OpenCT, CT-API and PC/SC Lite IFD interface with an OpenCT ifdhandler resource manager.
1de736e0b87f2f911e12e3783b86a12ed92e9e0c2d6d74bb86e066da0380766farpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
b8955ae8ecdf629bea2a66cf408810c212bf51f264a111e850a2ffccbc273765Secunia Security Advisory - Some vulnerabilities have been reported in PHP Gift Registry, which can be exploited by malicious people to conduct cross-site scripting attacks.
53ed3e34e7259ed51ccd79ed6e7d87cc39ebc98766501b422f625fabdacb624dF-Secure Policy Manager has a path disclosure vulnerability when being fed a malformed URL.
d7607bd9f5edb9970bab1a1ea1cc4f470f0a88d34e627d489fc8f58359c9228cSecunia Security Advisory - Jeremy Fitzhardinge has reported some potential vulnerabilities with an unknown impact in the Linux Kernel.
232afce89926e41a352c93cc15d531d100256a8f7c31199adbf145dfd817246bSecunia Security Advisory - Artur Szostak has reported a vulnerability in Squid, which can be exploited by malicious people to gain knowledge of potentially sensitive information.
3d3fcad20da28cd9a4fb337e05279a5661c6c80df6998e124ed14a4fa04f78a7Secunia Security Advisory - A security issue has been reported in rootsh, which can be exploited by malicious, local users to bypass the logging functionality.
91c7a7a0a456c648804743c33935aa250f41c039a9cca1801b422a899d4450d6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed