Secunia Security Advisory - Two vulnerabilities have been reported in Apache OFBiz, which can be exploited by malicious people to conduct cross-site scripting attacks.
969f8963fb7b9e8bc724319c355662ae457c5c32aea1f44bc34846537a94b3a6Secunia Security Advisory - A vulnerability has been reported in Cisco TelePresence Video Communication Server, which can be exploited by malicious people to bypass certain security restrictions.
71777809fad1537aac0d9a54d8490418a8abd187ca4473c4454addd63fba0721Secunia Security Advisory - A vulnerability has been discovered in the Developer Formatter plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.
7aa38cd494840c8084abf0107b9f12a5a477d47b532cc0e884df3c4ce4de3bbbDrupal Search API Sorts third party module version 7.x suffers from a cross site scripting vulnerability.
55f6e522620f4ccc76b79b7c9913b2284fe9358d71922d20db5d5c06b79a25eeLACSEC 2013 Call For Presentations - The 8th Network Security Event for Latin America and the Caribbean will be held in Medellin, Colombia May 5th through the 10th, 2013.
ab447b8953a45542e191f06b241cf3bb01b3520e99663f229516dd93c8aeb955HP Security Bulletin HPSBMU02841 SSRT100724 - A potential security vulnerability has been identified in HP Diagnostic Server. This vulnerability could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
f42b8be56ce7433f2ff6fb666afc102d3e078dc3ab7b4c47c291357c88ae9de0Drupal CurvyCorners third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
1a1d762151c4756996136016bf0c755f7938e68bed1f336b1edffd2e84f88273Cisco Security Advisory - The Cisco Wireless LAN Controller (Cisco WLC) product family is affected by denial of service, unauthorized access, and remote code execution vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
55baf3f86714a6e79be692a8e7ad8474373cc96fd93e5dda53050910ca53ad83Drupal User Relationships third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
691816e35714a033cded201915d7d087ac66e3f79da75280c1026b67abeaf972Drupal Video third party module version 7.x suffers from an arbitrary PHP code execution vulnerability.
0d284b4e7317ea4fbc7424dcc6539dd0c0ad0a8915c808659f46f444933cc9f2Red Hat Security Advisory 2013-0189-01 - Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. A weakness was found in the way IPA clients communicated with IPA servers when initially attempting to join IPA domains. As there was no secure way to provide the IPA server's Certificate Authority certificate to the client during a join, the IPA client enrollment process was susceptible to man-in-the-middle attacks. This flaw could allow an attacker to obtain access to the IPA server using the credentials provided by an IPA client, including administrative access to the entire domain if the join was performed using an administrator's credentials.
917d7f2ad530557b735674dcb05889b77ed0b9ea93fa3211720c5ade790aa37aRed Hat Security Advisory 2013-0188-01 - Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud-based enterprise environments. A weakness was found in the way IPA clients communicated with IPA servers when initially attempting to join IPA domains. As there was no secure way to provide the IPA server's Certificate Authority certificate to the client during a join, the IPA client enrollment process was susceptible to man-in-the-middle attacks. This flaw could allow an attacker to obtain access to the IPA server using the credentials provided by an IPA client, including administrative access to the entire domain if the join was performed using an administrator's credentials.
0c3fa5d5b200370967020975291799f22a82f3a9035f6295e0200b20ea6a2a0aRed Hat Security Advisory 2013-0187-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss ON 3.1.2 release serves as a replacement for JBoss ON 3.1.1, and includes several bug fixes.
f57846f592aae1a8d4a18a1ac1c33f202be70dcdda5ddbb8a1b57d02587207a6Unhide is a forensic tool to find hidden processes and TCP/UDP ports that are hidden via rootkits, LKMs, or other techniques.
fef31017dc0862399c7764ba45ffd5f763317d60a24f3a5c0f5fa6343cf90d3aTwitter apparently fails to zero out and invalidate cookies upon logout, allowing for replay later.
3d43799d9838174b65bdfa37b2cb2adddb40be1cc7d7947d3253b2eafac66181
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed