Zero Day Initiative Advisory 11-246 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase Adaptive Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Sybase Backup and Monitor servers handles certain data in the login packets. Malformed packets can cause the service in question to write a NULL byte on the stack which can be leveraged by a remote attacker to execute code under the context of the running service.
8eb50505565fb4ecc43f415dc3384e84Cisco Security Advisory - Cisco TelePresence Recording Server Software Release 1.7.2.0 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. A workaround exists to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.
8f1ca4dad8a6f5c1f1c0f50aaaa28455Zero Day Initiative Advisory 11-245 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase Adaptive Server Enterprise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Sybase Backup and Monitor servers handle certain data in the login packets. Malformed packets can cause the service in question to lookup a function pointer outside a predefined function pointer array. It is possible to set this function pointer to an address where user controlled data exists and this will result in code execution under the rights of the user running the Monitor Server.
378b1e906e020868d43e82e82425f14dWATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.
c66f1eb096b44121eeab17b4237f81dccFTP versions 0.1 r80 and below suffer from a shell upload vulnerability.
937df870641baeb39fb62a78c5fadc07Link Station Pro suffers from cross site scripting and remote SQL injection vulnerabilities. The SQL injection vulnerability allows for authentication bypass.
0f023397b69990e3bfe359ce87ef6956Sitecore CMS versions 6.4 and below suffer from an open redirect vulnerability.
fae49bc63993af7c724ba11b1a713f74Websites by cgCraft LLC suffer from multiple remote SQL injection vulnerabilities in info.php and news_item.php.
f3a4e241773df61719c25b550904b1d0Secunia Security Advisory - A vulnerability has been reported in Lucion FileCenter, which can be exploited by malicious people to compromise a user's system.
b02f566d4db52f1d6891a48b092be7d1Secunia Security Advisory - Multiple vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious users to conduct cross-site scripting attacks and potentially compromise a vulnerable system and by malicious people to disclose potentially sensitive information and potentially compromise a vulnerable system.
6c3b2c46f83acc3819b841f7d8c0b6a7Secunia Security Advisory - A vulnerability has been reported in Godly Forums, which can be exploited by malicious people to conduct SQL injection attacks.
f65631c57c64ea026f6b1c9e2a6fdd72Secunia Security Advisory - A vulnerability has been reported in CobraScripts Jobs & Recruitment Script, which can be exploited by malicious people to conduct SQL injection attacks.
64c3e4460a94056f85fa9f31825c5490Secunia Security Advisory - SUSE has issued an update for icedtea-web. This fixes two security issues, which can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions.
9da6a7d4438554852e552f024c0c1313Secunia Security Advisory - A vulnerability has been reported in Icculus.org Quake 3 Engine, which can be exploited by malicious people to compromise a user's system.
9ffb0767abdab4dd51864d0e33721c21Secunia Security Advisory - Two vulnerabilities have been reported in HP Network Automation, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
572c6e4bc6d314a3033b5c46cb18cf70Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).
c32d6678ab4bb8c8adc0315f23124259Secunia Security Advisory - VMware has acknowledged some vulnerabilities in Console OS (COS), which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to compromise a vulnerable system.
f06716d8172fa471af88c06a717223edSecunia Security Advisory - Multiple vulnerabilities have been discovered in Seo Panel, which can be exploited by malicious people to conduct cross-site scripting attacks.
6b48252651bf0321e477ceb5c666e802Secunia Security Advisory - Red Hat has issued an update for libpng. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
e10581a6e802e1c7139f0e2d19eb61a9Secunia Security Advisory - Red Hat has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
b04d5fb805a4bca3bae7519361df5d76Secunia Security Advisory - Debian has issued an update for libpng. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
91f7669e25f197d7b32b7487d348b362Secunia Security Advisory - Debian has issued an update for libsndfile. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
ca08af18bdc3f36a739da7fe1a44d0a9Secunia Security Advisory - Ubuntu has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
d19a69b1f3f185cfdb9a83ef57204469Secunia Security Advisory - Red Hat has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
55136d8e490f30b63f65f0ad6e2acdd3Secunia Security Advisory - A vulnerability has been discovered in cFTP, which can be exploited by malicious people to bypass certain security restrictions.
0534e4166021d6a26655952a50b2279a
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed