Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Live for Speed, which can be exploited by malicious people to compromise a user's system.
c10e825e7c3eda0c91547735a53bae4763a35292332c550e114cdadd4866f0a5Debian Security Advisory 1387-1 - It has been discovered that the original patch for a buffer overflow in svc_auth_gss.c in the RPCSEC_GSS RPC library in MIT Kerberos 5 (DSA-1368-1) was insufficient to protect from arbitrary code execution in some environments.
50340db3d4f805bcb3c5658fae5d3bac545c80c6847e50ed51e7ec67dc91cd72Debian Security Advisory 1386-2 - A problem has been discovered in the processing of chat messages. Overly long messages are truncated by the server to a fixed length, without paying attention to the multibyte characters. This leads to invalid UTF-8 on clients and causes an uncaught exception. Note that both wesnoth and the wesnoth server are affected. Note: This advisory only updates the MD5 sums for the stable distribution.
bbc0f8f90262e406bc26917dc14377d34e058a52017af0a3b625b1ed9fcf69b4Debian Security Advisory 1386-1 - A problem has been discovered in the processing of chat messages. Overly long messages are truncated by the server to a fixed length, without paying attention to the multibyte characters. This leads to invalid UTF-8 on clients and causes an uncaught exception. Note that both wesnoth and the wesnoth server are affected.
ae0e88b50035970076c6a0a1f6dbbe2dc72520c6873815857b747666ddc3c142Symantec Vulnerability Research SYMSA-2007-010 - A vulnerability has been discovered in the mechanism that Microsoft ActiveSync 4.x uses to obfuscate the password when it's sent over the USB network interface between the device and the host machine. This enables malicious software on the host to either impersonate a device in order to obtain the current password or, if in a position to sniff network traffic, obtain the password for trivial decoding.
931bc3ac990fc2a8b1b2680ebd4ae1b48d6b60679fcb0bacfc1609c0b629d79bGentoo Linux Security Advisory GLSA 200710-16 - Aaron Plattner discovered a buffer overflow in the compNewPixmap() function when copying data from a large pixel depth pixmap into a smaller pixel depth pixmap. Versions less than 1.3.0.0-r1 are affected.
a14b6a08e21a87d3885532af7a468f330e6d3f95b6873f23f556df0d96a414a1Gentoo Linux Security Advisory GLSA 200710-15 - Kees Huijgen discovered an error when checking the credentials which can lead to a login without specifying a password. This only occurs when auto login is configured for at least one user and a password is required to shut down the machine. Versions less than 3.5.7-r2 are affected.
e6bc177e9d92d66ab70607d57bf4f3331b6dca6dd6d0981a73fb4dd471b22b02Gentoo Linux Security Advisory GLSA 200710-14 - Daniel B. Cid discovered that DenyHosts used an incomplete regular expression to parse failed login attempts, a different issue than GLSA 200701-01. Versions less than 2.6-r1 are affected.
722a29e2e99349a3274e94f45b1210bb56c76b180c9dbaa7e0e3a90c341b7faaGentoo Linux Security Advisory GLSA 200710-13 - LT discovered that the match parameter in albums.php is not properly sanitized before being processed. The Apache development team also reported an error when handling user sessions. Versions less than 3.3.3.5 are affected.
51e034dfc86c577529b8bcafe6b158ef2edd5920f0e562bfb87fce22c93fc6c1Nssboard, formerly Simple PHP forum, is susceptible to HTML injection vulnerabilities.
52986c0523692f662b2e8272d5b60405acdfa48590b2ac28bded90d0a7b7a170Proof of concept exploit that demonstrates a buffer overflow in Live For Speed versions 0.5X10 and below.
a43710d807ba93688719fd0e71b96a593176b5ba40509957d3edddd07470f237Live For Speed versions 0.5X10 and below suffer from a buffer overflow vulnerability in the client during skin handling.
30d95c8582bfff4f5a140558daab7b411c23e8d143e2ece364c30aaf582ff721Secunia Security Advisory - Gentoo has issued an update for ampache. This fixes some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct session fixation attacks.
cd3436c79405cfd3fd62073a4f53cb3b55d31371c40de614c247ab8ce463004aXcomputer is susceptible to cross site scripting attacks via the LANG parameter.
0497f12ca01d16c2d272433074872cd34afb9afd6a29b92681e6fb902e23bf57The Stringbeans portal code is vulnerable to cross site scripting attacks.
3f46701f040f1151c4996a7aa92ac14eb0c3795a45de06f4852ce624bae3e529InnovaShop suffers from multiple cross site scripting vulnerabilities.
d3a06d6d03ec6e245f55d2c2fdeca44aec63caf4aa6a2dce2f01378694938c0fApache Tomcat WEBDAV remote file disclosure exploit.
457bbb176a21d5dce419c9522a72dc2d4a60fe33fb45bc26dd0437cc22ca667fShellExecuteFisaco - This is a temporary, third-party patch to help mitigate the URL handling issue discovered in Windows XP and Windows Server 2003.
0ff695c1b0c5d9e7f8c0aa50738be627a3c4f7d8d77fd0b2c0b6be7970eab8f2Secunia Security Advisory - A security issue has been reported in OpenSER, which can be exploited by malicious people to hijack user sessions.
2f816901b0c43451eb3c7eca645db287f04c774ed69673b3d51488168451dda9Secunia Security Advisory - SUSE has issued updates for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges, and by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
7a86942f0d2b2cece0304d2426461f279598e3ca0be6b1de8111e3d7dcef3881Secunia Security Advisory - Gentoo has issued an update for t1lib. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system.
0612fdf26db1ea183ec8195a5279f36b06a64a2910199a74b5f1a853c76a9e71Secunia Security Advisory - Debian has issued an update for wesnoth. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
57289379c4bca52e9989dacf87da88ba0edb738131621702a6a8e891dd79e649Secunia Security Advisory - Gentoo has issued an update for skktools. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
5274c418182ee5988ea3487914cfa8d06e3a79880dd85a347168690f02edf0a3Secunia Security Advisory - Gentoo has issued an update for denyhosts. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
8b5f070f2fd4754afa67b40fa6bf45db6fccccd2a77cd13e2cafd45c3121072dThe Netgear SSL312 device suffers from a cross site scripting vulnerability.
d3fb324e34b151c3973416ec331637568a2a849a422ad1349f1605aa994bf574
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed