Secunia Security Advisory - Slackware has issued an update for pcre. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
35e17ceebfbd494e25cee644ccde64afSecunia Security Advisory - A vulnerability has been reported in NetWare, which can be exploited by malicious people to cause a DoS (Denial of Service).
343be6182b6772ef329ba0da257d044bSecunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya PDS (Predictive Dialing System), which potentially can be exploited by malicious people to bypass certain security restrictions.
cfe0ae6b8482876eea64af57e2f4f642Secunia Security Advisory - Avaya has acknowledged a vulnerability in openssl included in some products, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
aba2735981e1df8f5717674da7891d37Secunia Security Advisory - Avaya has acknowledged a vulnerability in gzip included in some products, which potentially can be exploited by malicious people to extract files to arbitrary directories on a user's system.
8d09cdd20a88b632d301e7bd8c17a820Helpdesk software Hesk 0.92 suffers from an authentication bypass vulnerability.
b6928293cc4366ec87ea0c2828f1e565Secunia Security Advisory - SUSE has issued an update for pcre. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
39bbb13e7b266322bfa98fe2f9138826Secunia Security Advisory - SUSE has issued updates for php4 and php5. These fix some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
b6abe5db28a3d9394a6f463605714a3bSecunia Security Advisory - Gentoo has issued an update for phpgroupware. This fixes some vulnerabilities, which can be exploited by malicious administrative users to conduct script insertion attacks, or by malicious people to bypass certain security restrictions or compromise a vulnerable system.
848bd5ad6d8e8a3cbe779524020a7ae3Secunia Security Advisory - Gentoo has issued an update for lm_sensors. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
c0e6f276edd4a24ddc789ff534afe277Secunia Security Advisory - Slackware has issued an update for php. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
b8172aa038e1fcdb30cc32554e640b23Secunia Security Advisory - Slackware has issued an update for gaim. This fixes a vulnerability and two weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
067bc2ee9fe645086e4c91e4537fff18Gentoo Linux Security Advisory GLSA 200508-20 - phpGroupWare improperly validates the mid parameter retrieved via a forum post. The current version of phpGroupWare also adds several safeguards to prevent XSS issues, and disables the use of a potentially vulnerable XML-RPC library. Versions less than 0.9.16.008 are affected.
367d6c5737c4d3db5a8020097b34277aGentoo Linux Security Advisory GLSA 200508-19 - Javier Fernandez-Sanguino Pena has discovered that lm_sensors insecurely creates temporary files with predictable filenames when saving configurations. Versions less than 2.9.1-r1 are affected.
ebe73be17e96dc715aee3f3b7265367dDebian Security Advisory DSA 791-1 - Max Vozeler discovered that the lockmail program from maildrop, a simple mail delivery agent with filtering abilities, does not drop group privileges before executing commands given on the commandline, allowing an attacker to execute arbitrary commands under with group mail privileges.
98455bd425d1140497b8ec97cae16435e107 version 0.6 has an input validation flaw in forum_post.php that allows attackers the ability to create topics in non-existing forums.
3fb74b65e4e22e351796852b4c980788iDEFENSE Security Advisory - Local exploitation of a design error in the Symantec AntiVirus 9 Corporate Edition may allow a user to gain elevated privileges. Exploitation can occur when a user chooses the right click Scan for viruses option. The Symantec scan file interface allows the user to launch a help window through the use of a toolbar icon. If the user then right clicks the help window title bar they can choose the Jump to URL menu option, which will then allow them to browse the local file system and execute files as the SYSTEM user.
718d8f2bd46b95cfcf6e803afdcf2bd1iDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which is vulnerable to a symlink attack. The vulnerability specifically exists due to the use of predictable log file names. VCNative uses a format such as VCNative-[pid].log for the filename and stores the file in the current working directory. Attackers can easily predict the created filename and supply user-controlled data via the -host and - port options. A carefully supplied value can cause a crafted log file to be written. Crafted strings written to root-owned files can lead to arbitrary code execution with root privileges.
006c050c25449b61284a0e704ee87d4diDEFENSE Security Advisory - Local exploitation of a design error in Adobe Systems, Inc. Version Cue allows local attackers to gain root privileges. Version Cue includes a setuid root application named VCNative which contains a design error that allows local attackers to gain root privileges. The vulnerability specifically exists due to an unchecked command line option parameter. The -lib command line option allows users to specify library bundles which allows for the introduction of arbitrary code in the context of a root owned process. The init function in a shared library is executed immediately upon loading. By utilizing the -lib argument to load a malicious library, local attackers can execute arbitrary code with root privileges.
12a71c59d4665571e0ee8aacf0fef6d1BFCommand and Control Server Manager are both susceptible to multiple bugs. BFCC versions 1.22_A and below and BFVCC versions 2.14_B and below are susceptible to full anonymous login bypass and various manipulation flaws.
e6f097f36d13b1dac227ce8bc66fc665Debian Security Advisory DSA 788-1 - Several security related problems have been discovered in kismet, a wireless 802.11b monitoring tool.
3b7f391fb5e389483121c8607d54fe91Secunia Security Advisory - Alexander Gerasiov has reported a security issue in phpLDAPadmin, which can be exploited by malicious people to bypass certain security restrictions.
5ba7b17ed5bee258dfb119375f51d94aSecunia Security Advisory - Sowhat has discovered a vulnerability in BNBT EasyTracker, which can be exploited by malicious people to cause a DoS (Denial of Service).
762e72857652c61e3bba42e7d3c13a7eSecunia Security Advisory - vade79 has discovered a vulnerability in Gopher client, which can be exploited by malicious people to compromise a vulnerable system.
e9fa0c5c1e4f635ae60bf7eb2020c261Secunia Security Advisory - Kutbuddin Trunkwala has reported a vulnerability in BlueWhaleCRM, which can be exploited by malicious users to conduct SQL injection attacks.
23e3eea1833afe0f38350ca67f72803a
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed