Serv-U FTP versions 11.1.0.3 and below suffer from management console access and socket/port consumption vulnerabilities. Proof of concept exploits included.
d66a7c0b6fa771872a9519c0ee4f0b4332f0dbc91fe26559475ec9ee99abff9aSopCast is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. Version 3.4.7.45585 is affected.
1715697722899e506bb604c388d1147e954711b184bb29cf08b590d58ca98864SopCast suffers from a stack-based buffer overflow vulnerability when parsing the user input using the SoP protocol in sopocx.ocx module allowing the attacker to gain system access and execute arbitrary code on the affected machine. Version 3.4.7.45585 is affected.
73b9c3b282ecac706683d6c9e464eb7d08b3fc759d40b3b2187e15038c782c08Elxis CMS version 2009.3 Aphrodite suffers from a cross site scripting vulnerability.
2b7473b579ddcea15d73a3c7e023c99523982c32b11bf13f08a0b4a39ab86ab3ShareCenter D-Link DNS-32- remote reboot/shutdown/reset denial of service exploit.
c0fae690833217b6caeee7764101bc2567c68446ccbd6782a98f3549776d6aabDebian Linux Security Advisory 2358-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform. This combines the two previous openjdk-6 advisories, DSA-2311-1 and DSA-2356-1.
f7d3f574b3aeb01c1ae81bf4b35982364cd7651903cdd3c488747771fe203dfcRed Hat Security Advisory 2011-1780-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. APR as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the Tomcat Native library, which provides support for using APR with Tomcat. This library is not shipped with Red Hat Enterprise Linux 6. This update includes fixes for users who have elected to use APR with Tomcat by taking the Tomcat Native library from a different product. Such a configuration is not supported by Red Hat, however.
592df6d954f425a55dd58c209ed7778584ac1a80af52bc9c7ce6a5ffab5e20feApache MyFaces Core versions 2.0.1 through 2.0.10 and versions 2.1.0 through 2.1.4 suffer from an information disclosure vulnerability.
d5eb3d9ed7651446730a5e35faf0252896a39b6155c7cea7b154e6d8ef44f670The Hackito Ergo Sum 2012 Call For Papers has been announced. It will be held from April 12th to the 14th, 2012.
aa73aa99b0914b9fa81265003135dd5021fe8e9609a11743a455dbff63be8345Amaze Studio Design suffers from a remote SQL injection vulnerability.
feea75b50ac41964d2d1be86059e0e854a222b103105a28d90bf74c6c7ea499eSecunia Security Advisory - A vulnerability has been reported in Apache ActiveMQ, which can be exploited by malicious people to cause a DoS (Denial of Service).
86aba9e068231d715bde9ebf1457eb37678c783ea1c241c734dcb9c4d9bd888cSecunia Security Advisory - Dishix has discovered a vulnerability in xt:Commerce, which can be exploited by malicious people to conduct cross-site request forgery attacks.
a9251a01f3a858f416c5cc9d716a8666a7d915a3b511f9a7aafc644bc18c5618Secunia Security Advisory - Blue Coat has acknowledged a vulnerability in Blue Coat ProxyAV, which can be exploited by malicious people to compromise a vulnerable device.
a1f5ca6a34187f03266a8c3bf002d0ae6e27c9cbb8822afc640019d746ac9622Secunia Security Advisory - A vulnerability has been reported in Iron Mountain Connected Backup, which can be exploited by malicious people to compromise a vulnerable system.
f28ce91197d9e65161639578a37ace2c766fb5410724137bffcf05a3b0460540Secunia Security Advisory - A vulnerability has been reported in the Pretty Link plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
e26ef5528494da73adc3681fa8dc0727df3ce76bd22420eb5d660432aecabd9dSecunia Security Advisory - A vulnerability has been reported in Ctek SkyRouter 4200 and Ctek SkyRouter 4300, which can be exploited by malicious people to compromise a vulnerable device.
c884acec95c4e00eeb8be711662ad3c2f364d1f1f5c13d9b02e6a5886cfd1b76Secunia Security Advisory - A vulnerability has been reported in the Lazyest Backup plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
48f5011959706312cc51700586269b954fb2a9d58fbb818b62640fd2662774e1Secunia Security Advisory - Ubuntu has issued an update for linux. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to cause a DoS.
844e3cdc58419e26e31fd1239dabf9bf4f8f97fcca4da4e92b7ee893ce426bcbSecunia Security Advisory - Debian has issued an update for evince. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
b4c993bad0a9323e89b0b07e8b2e5f0fb7acab4651e68dc198cd3ef9d936def9Secunia Security Advisory - A vulnerability has been discovered in Family Connections, which can be exploited by malicious people to compromise a vulnerable system.
4510f4ef17330bebe0360d8662623b41b995b73db1193e10c5876617c7b722d8Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability and a weakness in Serv-U, which can be exploited by malicious users to cause a DoS (Denial of Service) and bypass certain security restrictions.
ba437db7e49de248a0224288a5f328538b3ed852c40c0fbc736edeccb4ef7825Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Meditate, which can be exploited by malicious people to conduct SQL injection attacks.
d65c038083e9d30a6ad0e81ba9d7f00bcdd637543e16a201d0f7e1239c346c73
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed