dBpowerAMP Audio Player version 2 local buffer overflow exploit that generates a malicious .pls file that will bind a shell to port 4444.
7b61fef3bf02e8083f6897916f1b3e757353da051d32f656f85b73fd20ff1a58The Motorola Wimax modem version CPEi300 suffers from directory traversal and cross site scripting vulnerabilities.
c40249b2cc26974cd51cfcdfaae55748fa9d06b6f0d392a4ff8c05c839c7daa2GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
8eae1392acd43f7d9d07b236a59408b6c50e315d6e69db24bc4a371ce2d73f59The Drupal Imagefield module version 5.x-2.2 on Drupal 5.15 suffers file upload and cross site scripting vulnerabilities.
70b7ca51b0395989d6850139e7704f4d0741f5506342259ab3079931a19bdc6fWFTPD Explorer Pro version 1.0 remote heap overflow exploit that spawns calc.exe.
010a0b8b7f9edfb819701abd6dd9bfe4f94c0ed71d131ae44edf94631623aed9HP Security Bulletin - A potential security vulnerability has been identified with MPE/iX running BIND/iX. The vulnerability could be exploited remotely to cause DNS cache poisoning.
4b695913dbebd08e3d6420017c28133a6cc828fb87dc15cf2af4e7a55255859cGLPI version 0.71.3 suffers from multiple remote SQL injection vulnerabilities.
619163e05d96d159e54663d9baedebfb774544a86bcfbcf5fda303dd6eca48ccOracle Forms suffers from multiple cross site scripting vulnerabilities.
c58a5fc94e6d0b9193d6a1d5d65986f320efab52758141cc879a447aca844540Star Articles version 6.0 suffers from a remote contents change vulnerability.
fb087a2a46e4b4469c983a10b3828587f93a9341f69d71c7ae6190748b96b606HP Security Bulletin - A potential security vulnerability has been identified with HP Select Access running on HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to allow cross site scripting (XSS).
66210de36a27f4b8171aac99c74cad04ede10914a017cf7eb43ecfaf20027a05Personal Site Manager versions 0.3 and below remote command execution exploit.
372f8d1b42decdc5082a30a955afc5dc085044cd9257dd8eda866dd06344a8aeCoppermine Photo Gallery version 1.4.19 suffers from a remote PHP file upload vulnerability.
b34c883c7280e4986196f02cc4c43ed2172a37b9cf67b47279be752c4a0556d3The Oracle Application Server Portal 10g suffers from multiple cross site scripting vulnerabilities.
a2058580468d54d3295d3c90c7ede45a38a5eef3a30cfc9c97d7592c7faa7c26Internet Explorer 7 clickjacking exploit code.
1e7ddcd6158a18b1a09957183f6b06152f49104e57d017d77e478253b454d6dcWOW - Web On Windows Active-X control version 2 remote code execution exploit.
8a62e6e8ee1b220696af9d8e99fad8c546353389727e07afaec40abe37633df7Debian Security Advisory 1715 - It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks (CVE-2009-0260). Another cross-site scripting vulnerability was discovered in the antispam feature (CVE-2009-0312).
6c6e3123163f34ab54bb206a191c80426831bbce34684883ea9df7ee7843b706Amaya Web Editor versions 11.0 and below remote buffer overflow proof of concept exploit.
3b33c73eda4691c1ee2f13d78db8f910acfc116cfd3dbca78e2ae3296dbd8dd6Thomson mp3PRO player/encoder denial of service crash exploit that creates a malicious .m3u file.
85516b60f7f668cadd6f353c364e053293a2abb0dbf27a4483fc826d19df8386Ubuntu Security Notice USN-714-1 - A large amount of Linux 2.6 kernel related vulnerabilities have been addressed on Ubuntu.
56507138453c994fba1b52bdf86cf04f97679de73f738d0893e2f9d69cbcff46Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
b2ef5393184af31230d6e794d28c8389b934bee1b0dc928852b586c40e6fcfe5Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in Amaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e3c53c71439ba2e176818f10d81ef6330dfdf6a4d4228df25a4cfc968f1dd010Secunia Security Advisory - Some vulnerabilities have been reported in htmLawed, which can be exploited by malicious people to conduct cross-site scripting attacks.
07e2bd86e30471e14bebcc7434d5fdf57be42837280ed2814a0d62d1b0a39f5aSecunia Security Advisory - Debian has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
e2ef9b004443add50b555ac4b9fe24703315d9ff291e9c2d490a25720edabac3Secunia Security Advisory - Sun has acknowledged a security issue in Sun Java System Application Server, which can be exploited by malicious people to disclose sensitive information.
4e17996a35c1617a2924561359bbfb0fdd7ace295bec07576c74de6cbe304919Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
4901d1dd71d6282649f00498c9ee6c695443283f6d73eb22c02d62603d8a360f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed