Secunia Security Advisory - Security-Assessment.com has reported some vulnerabilities in Oracle GlassFish Enterprise Server, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
4f3f68b4f5dd34097626387dec51c6ca465a4e2681c060293c7d2adaaf8f9fafSecunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise Portal, which can be exploited by malicious users to manipulate certain data.
f4391e84433e11602388064596f7d0cef7e5ccbcf04b0fb69c58bf5cf497f11dSecunia Security Advisory - A security issue has been reported in Apache HTTP Server, which can be exploited by malicious, local users to gain escalated privileges.
7a5e378fc4e48a8e0183ab08cfa5729081cb1575a35c812bc58b5c9dcc62ed32Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise CRM, which can be exploited by malicious people to manipulate certain data.
f9baa24af1906b6b48ad20e20b4060dcafdb991ba82ee5fca09cdde271130e3fSecunia Security Advisory - Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
39ee297c96638f02db0222933d407b2eec3e937aed6421eafa72c3757fcca78dSecunia Security Advisory - A vulnerability has been reported in Oracle JDeveloper, which can be exploited by malicious people to manipulate certain data.
2c07c9f48bb6a07cb5a43f8a06e902adad771208b5f383632d169c8cb55d4c44Secunia Security Advisory - Debian has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise an application using the library.
79a0f8997d0d7326cd59f049ca32b132a720810797d1e32133ad5a639b77033fSecunia Security Advisory - Two vulnerabilities have been reported in Hitachi JP1/IT Desktop Management, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
e0fdb9f7c33b5703a29340209d510b8b6eead3975c286d792e8c5b0a8a4fe19dSecunia Security Advisory - Ange Albertini has reported a vulnerability in Comodo Internet Security, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
02fa2887423deac80f7906b277f3c1f971ca90d8528acf3f1244bdb6f0187d7fSecunia Security Advisory - A vulnerability has been reported in IBM Rational ClearQuest, which can be exploited by malicious people to compromise a user's system.
13efb18d623d48d8fe0cb5f44579eb71813ab27c469e09931bf0d9edd2dba673Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
82a6476c98a9719e8e3809064c9c4f56f2eeb81749e7b4428547ddff6cba05bcSecunia Security Advisory - A security issue has been reported in RubyGems, which can be exploited by malicious people to conduct spoofing attacks.
3b3a89af66ccd7991e83315b1a0f8662e8292a2b97a4268e32f0141dbc67d8a0Anchor CMS version 0.6 suffers from multiple persistent cross site scripting vulnerabilities.
35ce7fe492082b3f0dbc311bb17b9f683d07a5358cf442db0aced21ca72574b3Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
ef519b483134470f497220bce5bf728dedf78e64c1f12c5efcb00358b9cf865eSecurity-Assessment.com has discovered that components of the Oracle GlassFish Server administrative web interface are vulnerable to both reflected and stored cross site scripting attacks. All pages where cross site scripting vulnerabilities were discovered require authentication. Oracle GlassFish Server version 3.1.1 build 12 is affected.
483308f8a564fa501d764b451f997bd57808a2fe9a67f2ce80beea114ee97f8cIPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform host scanning attacks against IPv6 networks, and therefore IPv6 host scanning attacks have long been considered unfeasible. This document analyzes the IPv6 address configuration policies implemented in most popular IPv6 stacks, and identifies a number of patterns in the resulting addresses lead to a tremendous reduction in the host address search space, thus dismantling the myth that IPv6 host scanning attacks are unfeasible.
3e402c5d8f47be6b853bd514ed35744c8ab3f764907fb96603770a5396359be0HP Security Bulletin HPSBUX02761 SSRT100823 - Potential security vulnerabilities have been identified with HP-UX Running Apache. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to gain a local increase of privilege. Revision 1 of this advisory.
319215a9d1fc376117b39017f2de91098d97f397f16927e876fc23c36ab2c613By creating a specially crafted webdav request that contains an external entity it is possible to read files from Liferay Portal version 6.0.5 ce. Proof of concept code included.
3cd00ba5d2fefa08a9eafaa941c8ee4bdbf23dae39cb2ccf5da00cbf88d064e4By utilizing the json webservices exposed in Liferay Portal version 6.1 you can register a new user with any role in the system, including the built in administrator role. Proof of concept included.
3f6c3c5b9e5e27e968adbe87afc167aa13e200b89a6647cbde10d03c9a021bac
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed