phsBlog version 0.1.1 suffers from multiple remote SQL injection vulnerabilities.
b43407d9972ba902ffa42200aa9b61cdccdf4b0fe1d7d55aa7845a9c611f4be0
Secunia Security Advisory - Chris Evans has reported some vulnerabilities in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
1a9ac05f1512e499b7f599acc8e8bbf17e1a871b6db0cbf9d187b772be362fc1
Secunia Security Advisory - Gentoo has issued an update for vlc. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
b7ae2fd7329767e84b795c26a5aa0be3b7e3bc92010a80d024caf1ced739ba5a
Secunia Security Advisory - A vulnerability has been reported in CA ARCserve Backup for Laptops and Desktops, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
c8c550b7bf59110c27e7b11f935ba696d826a3fe73afef60d4179a8c5c5aed3e
Secunia Security Advisory - Red Hat has issued an update for java-1.5.0-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, or compromise a vulnerable system.
71c6cc791a6c8ac7e240d95c6e0214fd3deaed4ebd1261cdb82dd06b46355549
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Perl in Avaya Communication Manager, which can potentially be exploited by malicious people to compromise a vulnerable system.
6b1a1f0417f6ff55f37b89c3fc32f48e8914882ea6de76c405e42e8347c11dd5
Secunia Security Advisory - Red Hat has acknowledged a vulnerability in RealPlayer, which can be exploited by malicious people to compromise a user's system.
09ec28dce648df9d92da512144dd8be210e6d45fd105b59d9f3e91b71ca258a4
Secunia Security Advisory - Red Hat has issued an update for nfs-utils. This fixes a security issue, which can be exploited by malicious people to potentially bypass certain security restrictions.
6ba693ee1c026bbbea8b02505a732c2b3e4c4d6161d8e2da485682d39b752c67
Secunia Security Advisory - A vulnerability has been reported in MailEnable, which can be exploited by malicious users to cause a DoS (Denial of Service).
a9d9e123b90edb6d2025fc3c2e4e26c4fdcb9283bfaaf639e3488b68a88e3f04
Secunia Security Advisory - NoGe has discovered a vulnerability in LetterIt, which can be exploited by malicious people to disclose sensitive information.
f00ef5288cf0dcb2760c3f2015039d679cb563622e4992ef3386c0dc792a127a
Secunia Security Advisory - CraCkEr has reported a vulnerability in phpMyRealty (PMR), which can be exploited by malicious people to conduct SQL injection attacks.
f347df9ed467a51dad71dae31ff48355a8d0e7cc29b25ad0c44240febee3a3f6
Secunia Security Advisory - Debian has issued an update for libxslt. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
a1ca0f3d13a9f03ee1e308977c1cdcf2f8c76cf8c41371a1ff731a0fc69f2135
Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
13320530858bb6453e4fbddb4dd4db703c4bcde75121ca12988a8095be142c25
Secunia Security Advisory - Red Hat has issued an update for libxslt. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
61fa0113c8d89178164663e9e995bc1a896eb7dd39ca0f23c34255d6e992c752
PuttyHijack is a proof of concept tool that injects a dll into the Putty process to hijack an existing, or soon to be created, connection. This can be useful during penetration tests when a windows box that has been compromised is used to SSH/Telnet into other servers. The injected DLL installs some hooks and creates a socket for a callback connection that is then used for input/output redirection. It does not kill the current connection, and will cleanly uninject if the socket or process is stopped.
76638a2bf29bf449a398893790d01602a562f5a3b12f15a2683f50a4e6412ef4
Secunia Security Advisory - SUSE has issued an update for MozillaFirefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.
a2953591352d03f3fc6c90ab19946e32ddae5e64c481789798ac6d7be0918ae6
Secunia Security Advisory - Knud Erik H
67372112ae88c3fad2c70f2ef5424c57798662718f5a6247086b500e2df51ae6
Mandriva Linux Security Advisory - Chris Evans of the Google Security Team found a vulnerability in the RC4 processing code in libxslt that did not properly handle corrupted key information. A remote attacker able to make an application linked against libxslt process malicious XML input could cause the application to crash or possibly execute arbitrary code with the privileges of the application in question. The updated packages have been patched to correct this issue.
9089398cc45e671c7ec770f0a3763c42365ff672d9dcb1251f16997f946ef7ce
iDefense Security Advisory 07.31.08 - Remote exploitation of an integer overflow vulnerability in Apple Inc.'s Mac OS X could allow an attacker to execute arbitrary code with the privileges of the currently logged in user. This vulnerability exists due to the way PDF files containing Type 1 fonts are handled. When processing a font with an overly large length, integer overflow could occur. This issue leads to heap corruption which can allow for arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Mac OS X version 10.5.2. Previous versions may also be affected.
bd9422a741573a345861eba59adfc7d12e18e349884ec64a39129a4947283475
The DNS Multiple Race Exploiting Tool exploits an inherent bug in the implementation of DNS Cache. The result of this exploitation is cache poisoning/overwriting with new entries.
7a3c264805686bedf06f10fa7536403d679cf69f269b95cb8a11d4f3e1d026e6
A stack buffer overflow vulnerability exists in the CarbonCore framework from Apple, Inc.
8f10731877760081c42f76a582a1e55510222a994f2ae198ea5524a668039206
arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
f50e2f3a2ec6cfe4e4d15a6de0cfb5c707b7e703687800deb35456f914492ee4
eStoreAff version 0.1 suffers from a remote SQL injection vulnerability.
bed9936b0bc24714bb1f590da1c74602f35cc7d4a4442a63363de87d3bebde38
iPost version 1.0.1 from Scripts24 suffers from a remote SQL injection vulnerability.
374f1cd31154c5966c4adad3783005ff5e2d1ad0dca3ce3a6642b474bc3b319d
iTGP version 1.0.4 from Scripts24 suffers from a remote SQL injection vulnerability.
9a9aea1ee96ce6decf1e851acd6d5dd44e15ef387db13679b263a2e3372f8037