Gentoo Linux Security Advisory GLSA 200807-15 - Pavel Polischouk reported a boundary error in the PartsBatch class when processing .nzb files. Versions less than 0.132-r3 are affected.
873315349fd5e7b65178514757c0bc7eGentoo Linux Security Advisory GLSA 200807-14 - A stack-based buffer overflow has been reported in the audit_log_user_command() function in the file lib/audit_logging.c when processing overly long arguments. Versions less than 1.7.3 are affected.
6b691efd9f16eef42bb7a1ab17aaefacGentoo Linux Security Advisory GLSA 200807-13 - Remi Denis-Courmont reported that VLC loads plugins from the current working directory in an unsafe manner. Versions less than 0.8.6i are affected.
3fbe056b952279bdbc3ed4fda2bf850aSecunia Security Advisory - Travis C Johnson has discovered a security issue in Acronis True Image Echo Server, which can be exploited by malicious people to disclose sensitive information.
7bb69847f19758d1dd23d779155216a9Secunia Security Advisory - R3d.W0rm has discovered a vulnerability in nzFotolog, which can be exploited by malicious people to disclose sensitive information.
8a9b6ed97eeced1f5a7a46a95257d1b6Secunia Security Advisory - A vulnerability has been reported in various Panasonic network cameras, which can be exploited by malicious people to conduct cross-site scripting attacks.
6dc3d2d43559cf78e04f5f49603f22a3Secunia Security Advisory - Debian has issued an update for newsx. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
1cc599b7cb76e9125b7cd1a097abbaf6Secunia Security Advisory - rPath has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
c4425e65cd3e2fc1f05614ab9c11ff3fiDefense Security Advisory 07.30.08 - Local exploitation of an untrusted path vulnerability in the "dbmsrv" program, as distributed with SAP AG's MaxDB, allow attackers to elevate privileges to that of the "sdb" user. When a local user runs the "dbmcli" program, the MaxDB executes a "dbmsrv" process on the user's behalf. The "dbmsrv" process, which is responsible for executing user commands, runs as the user "sdb" with group "sdba". This vulnerability exists due to improper sanitization of the "PATH" environment variable. By prefixing the "PATH" environment variable with a path under the attacker control, one is able to execute arbitrary code iDefense has confirmed the existence of this vulnerability in SAP MaxDB version 7.6.03.15 on Linux. Other versions may also be vulnerable. with "sdb:sdba" privileges.
d187db4d824398f4405de6519303b02fDebian Security Advisory 1624-1 - Chris Evans discovered that a buffer overflow in the RC4 functions of libexslt may lead to the execution of arbitrary code.
f7e4269ba78b527d3e435c79ffc498bbSecunia Security Advisory - dun has reported two vulnerabilities in M
6c95f3f663ecdc3771fce785ab82d0ceDebian Security Advisory 1623-1 - Dan Kaminsky discovered that properties inherent to the DNS protocol lead to practical DNS cache poisoning attacks. Among other things, successful attacks can lead to misdirected web traffic and email rerouting.
6c21c0b2905b253f6123daa1f6688d8dThere exists a buffer overflow vulnerability in the way CA ARCserve Backup for Laptops and Desktops handles incoming messages. The vulnerability is due to an integer underflow in the LGServer service. Affected includes CA ARCserve Backup for Laptops and Desktops version r11.0 through r11.5, CA Desktop Management Suite version 11.1 through 11.2, and CA Protection Suites versions r2, 3.0, and 3.1.
f4eb71f630c2db5a88849787cf146e08Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in K9 Web Protection, which can be exploited by malicious people to compromise a user's system.
bad5f89d52cbab7adc37fd1680d43dbfSecunia Security Advisory - Stack has discovered a vulnerability in PHP Hosting Directory, which can be exploited by malicious people to bypass certain security restrictions.
5cf18390fafcfbc76692ce8cbd55f1dcSecunia Security Advisory - Mr.SQL has reported a vulnerability in fizzMedia, which can be exploited by malicious people to conduct SQL injection attacks.
1286d07f4ecc7ff9dc6ddcf01a9494f9Secunia Security Advisory - A vulnerability with an unknown impact has been reported in ImpressCMS.
9fa2143af0e4891dea4e8f1fb28718dfSecunia Security Advisory - Bboyhacks has reported some vulnerabilities in Axesstel AXW-D800, which can be exploited by malicious people to bypass certain security restrictions.
294e6cbf9f44ff1c02c5f7327f276dbfSecunia Security Advisory - Ghost Hacker has discovered two vulnerabilities in HIOX Browser Statistics, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
d110d1c7ce61353a5e59537ca032a23aSecunia Security Advisory - Ghost Hacker has discovered a vulnerability in HIOX Random Ad, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
9fb26c1f080a529685f0251b98e7dffbSecunia Security Advisory - A vulnerability has been reported in phpFreeChat, which can be exploited by malicious users to conduct hijacking attacks.
d0ded7dbc675953938321c9136e2aa16HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running System Administration Manager (SAM). This vulnerability may allow unintended remote access.
f8f39053a48f84ae814f3dd9a7433f6eThe libexslt library bundled with libxslt is affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is present in the rc4 encryption/decryption functions. Versions 1.1.8 and above and 1.1.24 and below are affected.
ea8f4cce63201c78ac95cd6868a0d632Secunia Research has discovered two vulnerabilities in K9 Web Protection, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by boundary errors in the filter service (k9filter.exe) when handling HTTP version information in responses from a centralized server (sp.cwfservice.net). These can be exploited to cause stack-based buffer overflows via a specially crafted response containing overly long HTTP version information. Successful exploitation allows execution of arbitrary code, but requires that requests to the centralized server can be redirected to a malicious service or otherwise intercepted. Affected is Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.32.
46c811ed43792298725e10b1adfc39e9Secunia Research has discovered a vulnerability in K9 Web Protection, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the filter service (k9filter.exe) during processing of "Referer" headers when the web-based K9 Web Protection Administration interface is accessed. This can be exploited to cause a stack-based buffer overflow via an overly long "Referer:" header. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious web site. Affected is Blue Coat K9 Web Protection 3.2.44 with Filter version 3.2.32.
1c488d0a1b9e5cec52d5d2d53283b420
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed