Debian Security Advisory 1342-1 - It was discovered that a race condition in the init.d script of the X Font Server allows the modification of file permissions of arbitrary files if the local administrator can be tricked into restarting the X font server.
dcfee0c9d0bf3d013082cf2ace2e6fadiBON 2006 suffers from a memory corruption vulnerability.
5bf6986298d362e15a3704e2726a3ca9Asterisk Project Security Advisory - The IAX2 channel driver in Asterisk is vulnerable to a denial of service attack when configured to allow unauthenticated calls.
f10161aaa11ac16f83b440be2b06f0c7Drupal security advisory - Drupal versions 4.7.x before version 4.7.7 and 5.x versions before version 5.2 suffer from cross site scripting vulnerabilities.
14ed81a89851a22a0c0d2354917b0018Drupal security advisory - Several parts in Drupal core are not protected against cross site request forgeries due to improper use of the Forms API, or by taking action solely on GET requests. Malicious users are able to delete comments and content revisions and disable menu items by enticing a privileged users to visit certain URLs while the victim is logged-in to the targeted site. Drupal versions 5.x below 5.2 are affected.
b734838a39dd108a42a7f302a14031cfTemplate Security has discovered a serious denial of service vulnerability in the BlueCat Networks Adonis DNS/DHCP Appliance. When XHA is configured to place two Adonis servers in an active-passive pair to provide high availability, a remote attacker can transmit a single UDP datagram to crash the heartbeat control process. This can be used for example to create an active/active condition in the cluster pair.
93327c040982d60f65ac09b19795f2e6Gentoo Linux Security Advisory GLSA 200707-14 - mu-b from Digital Labs discovered that the return value of a snprintf() call is not properly checked before being used. This could lead to an integer overflow. Versions less than 3.9.5-r3 are affected.
c0978bd26a6994bc80e14e36548af670Gentoo Linux Security Advisory GLSA 200707-13 - A vulnerability has been discovered in Fail2ban when parsing log files. Versions less than 0.8.0-r1 are affected.
e034057bb09ddf0d761efb27dc37dad0Gentoo Linux Security Advisory GLSA 200707-12 - David Thiel from iSEC Partners Inc. discovered format string errors in various plugins when parsing data. The affected plugins include Vorbis, Theora, CDDA and SAP. Versions less than 0.8.6c are affected.
1e7a2848a581129128432616d7b887fcSecunia Security Advisory - rPath has issued an update for libvorbis. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
4a6cd8f773f0437f933c8b199a01180eSecunia Security Advisory - xssvgamer has discovered a vulnerability in IndexScript, which can be exploited by malicious people to conduct SQL injection attacks.
0f74ec182655d48bdabd387f4e6f2b52Secunia Security Advisory - Trustix has issued an update for multiple packages. This fixes some vulnerabilities and a weakness, which can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to bypass certain security restrictions, gain escalated privileges, poison the DNS cache, cause a DoS (Denial of Service), and potentially compromise a user's system.
73d6f550880f44eb4f0b07ac3c907c9cSecunia Security Advisory - Aria-Security Team has reported a vulnerability in WebStore, which can be exploited by malicious people to conduct SQL injection attacks.
2d6b8e9bbbc7956a819537ea0d37fdceSecunia Security Advisory - Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to conduct session fixation attacks, cross-site scripting attacks or HTTP response splitting attacks.
63785e27f2d0045d88891ea92653c126Secunia Security Advisory - Hamid Ebadi has reported a vulnerability in t1lib, which can be exploited by malicious users to potentially compromise a vulnerable system.
1060062b298b843a25068a9bfba64543Secunia Security Advisory - t0pP8uZz & xprog have discovered a vulnerability in WSN Links, which can be exploited by malicious people to conduct SQL injection attacks.
ff6e15773924bd69ac753c56a4234b0aSecunia Security Advisory - Aria-Security Team has reported a vulnerability in WebEvents, which can be exploited by malicious people to conduct SQL injection attacks.
ee83ca4db977d4fb787be20e067f9832Secunia Security Advisory - Cr@zy_King has discovered a vulnerability in Metyus Forum Portal, which can be exploited by malicious people to conduct SQL injection attacks.
08466d5ba86b363272b4704e2b0ae652Secunia Security Advisory - Fortinet Global Security Research Team has reported a vulnerability in Baidu Soba, which can be exploited by malicious people to compromise a user's system.
4a6077634d4216222ae084e3d15883a9Secunia Security Advisory - EgiX has discovered a vulnerability in LinPHA, which can be exploited by malicious people to conduct SQL injection attacks.
b19840afc36b7bc4517778d1eff4501fSecunia Security Advisory - Yollubunlar has discovered some vulnerabilities in SuskunDuygular
1413fc199172055263557519364af624Secunia Security Advisory - darthballs has discovered a security issue in PHP-Blogger, which can be exploited by malicious people to disclose sensitive information.
69d4d341f138cfef89d8148a6c286f02Secunia Security Advisory - Gentoo has issued an update for tcpdump. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
4fbdbbb8882ddc949945d7fd800b3babSecunia Security Advisory - Aria-Security Team has reported a vulnerability in Real Estate listing website application template, which can be exploited by malicious people to conduct SQL injection attacks.
bb2353db3b204b5e30ed1c3f7f3fdc43Secunia Security Advisory - Gentoo has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
9e74b3903b29be230ee6bb1e80fe441d
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed