IPCop suffers from a cross site scripting vulnerability in proxylog.dat. Version 1.4.1 is affected. Older versions have not been tested.
d238e5bafa11188833b7f516a3580804It seems that the IPB forums has a password reset feature that allows a disabled account to regain access.
59fc071c393e9751ce12c9f79ee61e24Jana server 2 versions 2.4.4 and below are susceptible to denial of service attacks that result in 100% CPU utilization and endless loops.
2042e310f75df545078eb5a48d4a8427Secunia Security Advisory - A vulnerability has been reported in FreeImage, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
f23b4b8b9bc68e1143acc35f37c380aaCuteFTP Professional version 6.0 suffers from a client side overflow.
bc550617d2ad34d33cac6e10c23b6d81An attacker can change hidden fields to any dollar amount and misrepresent purchases for businesses providing products or services using the PayFlow Link system.
3a582e3b889a0f3d8bee282de181ea1dOrbz versions 2.10 and below suffer from a buffer overflow in the password field of the join packet.
2124259b9647e48383879438e07d0551Multiple buffer overflows exist in WS_FTP Server Version 5.03, 2004.10.14. There are four vulnerable commands that can be used to cause these buffer overflows. Three of the vulnerable commands can be used to stop the WS_FTP Server service resulting in a denial of service. The vulnerable commands are SITE, XMKD, MKD, and RNFR.
8965bc3c144815e73d70ee13c356263aDebian Security Advisory 602-1 - Wait.. No.. what is this? Even more potential integer overflows have been found in the GD graphics library which were not covered by security advisory DSA 589 and DSA 601. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine.
bd4903e565324f5a91637cbf70991aeaSecunia Security Advisory - A security issue has been reported in IberAgents, which can be exploited by malicious, local users to gain knowledge of sensitive information.
a1beee20b0b46885930e4db3cb0639caDebian Security Advisory 601-1 - More potential integer overflows have been found in the GD graphics library which were not covered by security advisory DSA 589. They could be exploited by a specially crafted graphic and could lead to the execution of arbitrary code on the victim's machine.
b92367f7fa5587b09e1fe02b15b6e0c5Secunia Security Advisory - Two vulnerabilities have been reported in Groupmax World Wide Web and Groupmax World Wide Web Desktop, which can be exploited to conduct cross-site scripting attacks or access arbitrary HTML files.
d518ebc53d84625b6ad79a0fe0f7f83dBuffer overflows have been discovered in ncplogin and ncpmap in ncpfs.
7afe873a3c2de6c146b55bbaaa492ed3Secunia Security Advisory - XioNoX has reported a vulnerability in Nuked-Klan, which can be exploited by malicious people to conduct script insertion attacks.
f33b4d86cd9e1bd6999c5b4c350c7456The KDE program Konquerer allows for browsing SMB shares comfortably through the GUI. By placing a shortcut to an SMB share on KDE's desktop, an attacker can disclose his victim's password in plaintext.
8508f86470ecc4ddc611025de042ceb9On Double Byte Character Set Locale systems, such as Chinese, Japanese, etc, there exists a spoofing vulnerability within Microsoft Internet Explorer that enables attackers to fake the Address field.
82f813d3991957ef2c7fcbda0f270619The Serious engine for games like Alpha Black Zero and Nitro family fails to limit the amount of new players joining a game, allowing for a denial of service. Only one UDP packet is needed to create a fake player.
955520e43052f03cc7cba58f2fd9dc4fGentoo Linux Security Advisory GLSA 200411-36 - phpMyAdmin is vulnerable to cross-site scripting attacks. Versions below 2.6.0_p3 are susceptible.
0cba9bec4ac429bd0b575fcffd79e403Security research discussing a new vulnerability discovered in WINS that allows for remote unauthenticated system access.
7aea5e2d175d6cd56a47b0a36edd4e25Secunia Security Advisory - A vulnerability has been reported in YaBB, which can be exploited by malicious people to conduct script insertion attacks.
75aec0fe23ae0a75667aa145e816448cSecunia Security Advisory - cyber flash has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to trick users into downloading malicious files.
ee71934cad71cd404d9e96aaa6c4201dphpCMS versions 1.2.1 and below suffer from information disclosure and cross site scripting flaws.
b97ca5a9092ccc5324912daad7467f92Mandrake Linux Security Update Advisory - The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application.
d8e93f86af1b786f0bd3c3d4618007ffDebian Security Advisory 598-1 - Max Vozeler noticed that yardradius, the YARD radius authentication and accounting server, contained a stack overflow similar to the one from radiusd which is referenced as CVE-2001-0534. This could lead to the execution of arbitrary code as root.
f8025faa2445a5de116af73f69f142e4Secunia Security Advisory - Cengiz Aykanat has reported a security issue in eTrust Antivirus, which can be exploited by malicious people to bypass certain security features.
6fe48ecfde519a63fa4a6ceaf9fa1c07
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed