Gentoo Linux Security Advisory GLSA 200501-41 - A bug in TikiWiki allows certain users to upload and execute malicious PHP scripts. Versions below 1.8.5 are affected.
58c4c619193606e50602e1de03b307a2SquirrelMail Security Advisory - SquirrelMail 1.4.4 has been released to resolve a number of security issues. Manoel Zaninetti reported an issue in src/webmail.php which would allow a crafted URL to include a remote web page. A possible cross site scripting issue exists in src/webmail.php that is only accessible when the PHP installation is running with register_globals set to On.
d50ddba473b07afa67e3aa48d2c1422fGentoo Linux Security Advisory GLSA 200501-40 - ngIRCd is vulnerable to a buffer overflow that can be used to crash the daemon and possibly execute arbitrary code. Versions below 0.8.2 are affected.
eba99e68b205838fe0b1e1eb532b3483Secunia Security Advisory - Tem has reported a vulnerability in phpPgAds, which can be exploited by malicious people to conduct cross-site scripting attacks.
520c6e2252ba87d46aa291822e38e95dSecunia Security Advisory - A vulnerability has been reported in PEiD, which potentially can be exploited by malicious people to compromise a user's system.
b1d468dec1ea5bd5bf43963ac0d4740bSCO Security Advisory - A vulnerability has been reported in UnixWare, which potentially can be exploited by malicious, local users to hijack local sockets.
4abd2b51788657d0ad064c192b71f269Secunia Security Advisory - muts has reported a vulnerability in SnugServer, which can be exploited by malicious users to disclose sensitive information.
124bf07a77e6139e4b9b6bdb79d4bba1Secunia Security Advisory - benjilenoob has reported some vulnerabilities in CoolForum, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.
827cd000b6032ddb2886e3a6b35f0c08Secunia Security Advisory - A vulnerability has been reported in University of Washington IMAP server, which can be exploited by malicious people to bypass the user authentication.
c2feccdf69f2cd4814e75f97c80360dfSecunia Security Advisory - MC.Iglo has discovered a vulnerability in War FTP Daemon, which can be exploited by malicious users to cause a DoS (Denial of Service).
fece717226cc2fbe01842af962acd578OpenPKG Security Advisory - A setuid and setgid application vulnerability was found in the Cyrus SASL library. At application startup, libsasl2 attempts to build a list of all available SASL plugins which are available on the system. To do so, the library searches for and attempts to load every shared library found within the plugin directory. This location can be set with the SASL_PATH environment variable.
10222e0d761e12c4eb7eab2f2ac3e2a6Secunia Security Advisory - Victor Ashik has reported a vulnerability in less in Red Hat Enterprise Linux 3, which potentially can be exploited by malicious people to compromise a user's system.
f7ddb0de05e3b8c56be34e2d4835a950Secunia Security Advisory - SmOk3 has reported some vulnerabilities in eCommerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
ed13afbd4bced791d4338795563f9d67Multiple vulnerabilities were found in Magic Winmail's Webmail, IMAP, and FTP services. Arbitrary file upload/download, cross site scripting, and directory traversal flaws all exist, along with the ability to access other user's mail. It really IS magic.
a02ed3fa4559a98519eebd485afcde92Secunia Security Advisory - A security issue has been reported in ginp, which can be exploited by malicious people to bypass certain security restrictions.
7ce8ecfbcea2effbd6c83516d9f1113dSun Security Advisory - A system panic may occur on systems that open and close several UDP end points.
4807006415f05ee5c2384b238b189aefDebian Security Advisory 661-1 - The Debian Security Audit project discovered that f2c and fc, which are both part of the f2c package, a fortran 77 to C/C++ translator, open temporary files insecurely and are hence vulnerable to a symlink attack.
7ee5a025dc4466e490f107b92db25f26Multiple vulnerabilities in Uebimiau WebMail versions 2.7.2 and below allow for the hijacking of session files and other information.
a2e1758874cef1e8e29fc78bd9153c20When a PPTP user is disabled in Ingate Firewall versions 4.1.3 and below, any tunnel created by them is not automatically disabled.
f0a0e78753ed6bf5b39ba90c9da0258eNSFOCUS Security Advisory(SA2005-01) - NSFocus Security Team has found a buffer overflow vulnerability in the plug-in by which WinAMP plays CD. An attacker can construct a malicious playlist file that is embedded in a HTML page. If a user is persuaded to click it, then the attacker can gain complete control over the user's system. All versions below 5.08c are affected.
22d47dab1a0c8238060b802240ead145Secunia Security Advisory - A vulnerability has been reported in JUNOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
74752047ee5602e1a6fe6d8f18f0dcfbSecunia Security Advisory - A security issue has been reported in Novell iChain, which potentially can be exploited by malicious people to bypass certain security restrictions.
967a59baacf17ed311483a908a97bfefTechnical Cyber Security Alert TA05-026A - Several denial-of-service vulnerabilities have been discovered in Cisco's Internet Operating System (IOS). A remote attacker may be able to cause an affected device to reload the operating system.
39577d25159ef7f0cf72da9c95028697iDEFENSE Security Advisory 01.26.05 - Remote exploitation of a stack based buffer overflow vulnerability in Xelerance Corp.'s Openswan version 2.2.0 could allow attackers to execute arbitrary code.
4f0ca1f17e6b69b3c25b1838015ce4d6Debian Security Advisory 660-1 - The KDE screensaver can crash under certain local circumstances and can be exploited by an attacker with physical access to the workstation to take over the desktop session.
9852f0f73523d677542d7234caeba4e5
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed