Mandriva Linux Security Advisory 2009-026 - phpMyAdmin has been updated to mitigate various cross site scripting and cross site request forgery vulnerabilities.
8133881ab97608f592995b3f37b5dc7a0dce87a6f4a875a4915667794f46113eIP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
3dcfb60c6e8a9406cd0854fcce4c59cf3eaf59c17d20738cef9c5804f307cfbbiodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.
ae4d9804fb69bef371e1d0565f7cbcff94e6ddd5e941afca742cbc753d25502dThe Downloads module in PHP-Nuke 8.0 suffers from a blind remote SQL injection vulnerability.
3e14805b2ebdc64ac83971ae339408bbeb46dbe18e41a24ece9d0940babeed06Secunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the CamImage.CamImage.1 ActiveX control (AxisCamControl.ocx) and can be exploited to cause a heap-based buffer overflow by assigning an overly long string to the "image_pan_tilt" property. Successful exploitation allows execution of arbitrary code, but requires that the user is tricked into visiting and clicking a malicious web page. AXIS Camera Control version 2.40.0.0 is affected.
f0b0180856e9a0262f48ee0884649b780536e52f07ec1f178af12b3043c2f323BBSxp versions 5.13 and below suffer from a cross site scripting vulnerability in error.asp.
0fab2353abfe6c2717da62168a95110e4308768a76412a3a7c3f9b6fc1466127EPOLL System password.dat disclosure exploit.
9c58560b93b1ac1393241e73c9b0cc3e6c62f2ad0b19cb3a82ae1129fd1cf7c2ECOUNT System version 2.1 password.dat disclosure exploit.
faf5f40f6a0c4c315c86d1c5b62dc6c43e4981dc909fae0509d85325af41d68dBharat Sanchar Nigam Ltd., a large telecommunications company in India, suffers from a remote SQL injection vulnerability.
0bbb6f52b14cee8ffdf1703e8953128f828aed46d8ddd27acb29e2f72edf36afPicviz is a parallel coordinates plotter which enables easy scripting from various types of input (such as tcpdump, syslog, iptables logs, or Apache logs) to visualize your data and discover interesting results quickly. Its primary goal is to graph data in order to be able to quickly analyze problems and find correlations among variables. With security analysis in mind, the program has been designed to be very flexible, able to graph millions of events.
ac7a691c36d6340aecf105f0d8204f3ca504e00de96ec61855e5b6646ebdfb26Secunia Security Advisory - Secunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system.
da0bf0b95bcb0a86d33582cd035661ec0a7c30f9127079b00ff5591bdca7da76Secunia Security Advisory - A vulnerability has been reported in Ralink Technology Wireless Drivers, which can be exploited to cause a DoS (Denial of Service) or compromise a vulnerable system.
fd1d255c3566d41a8699388dbf00e5b5a01237981dcb75be798897597e21ce64Secunia Security Advisory - Tobias Klein has reported some vulnerabilities in GStreamer Good Plug-ins, which can potentially be exploited by malicious people to compromise a vulnerable system.
2934f9b3e8dbe0a5737cd4af2978539c5b0f79735d4188b09eeeb8c24b3aa3edSecunia Security Advisory - A vulnerability has been reported in Futomi's CGI Cafe Search CGI, which can be exploited by malicious people to bypass certain security restrictions.
05411d3bf3559504b499607311bff4eff9539dcf210927a344add99477ddb6b5Secunia Security Advisory - A vulnerability has been reported in mod-auth-mysql, which can be exploited by malicious people to conduct SQL injection attacks.
cdfeb0af53db708703324769f8b5859fae827504dbf3f8c141ffa51eb91fc01fSecunia Security Advisory - Gjoko 'LiquidWorm' Krstic has discovered a vulnerability in FTPShell Server, which can be exploited by malicious people to compromise a user's system.
aff7f15ed0730268cd967c60d5fe5f47d055574ed7f94f82d5fda6640622a7b6Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to compromise a user's system.
275e804e873d4dba418bab96c34335ffce492ffca53de78593edd280b1dd93f7Technical Cyber Security Alert TA09-022A - Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary code or cause a denial of service.
500fb41903e843e7705b6fa66a58d47cecf01285e9ee54072b5d4e5fb5f2889fGStreamer gst-plugins-good versions below 0.10.12 suffer from heap overflow and array index out of bounds vulnerabilities.
ae5d5f7a93915193f6bbfe67a4de2d6d96a10f53637af659ba372970130ceedeVUPlayer version 2.49 .ASX file local universal buffer overflow exploit.
4fd0b6ead9b12f134d30c401560ea560b492dd0af43e799d5419e14fbdcb798aWhitepaper called Applied Binary Code Obfuscation.
1fac0b61951550b9bd51e0cdcc293f106b49750db201c4f5aa35e1b626540339SUSE Security Announcement - Some months ago a vulnerability in the DNS protocol was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifies the certification chain of a DNSSEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA.
d74f87bbc2b59d50b480b14aef11ea8b5953c91c5ba250a23200d96840fc5172Sad Raven's Guestbook version 1.1 passwd.dat disclosure exploit.
78f2995ef2fb665ccd03d53422e9063d9a99a924ceaf680af30131ff3abf62ceWhitepaper discussing Mem-Jacking, or modifying the memory of an application.
8ea360fe544a5d1b8495473b654e72610edc784f1ddb16944c3c65d10928b54fWhitepaper called Exploiting Buffer Overflows.
9a69e9e81f452ff8ccc1d496d9bcffb176cb16e0b883233d9300060573f2f4e3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed