Debian Linux Security Advisory 2384-1 - Several vulnerabilities have been discovered in cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands.
aca0ed2b190bec8fef2623fd76aa9b08Red Hat Security Advisory 2012-0006-01 - This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM Java 1.4.2 SR13-FP11 release. All running instances of IBM Java must be restarted for this update to take effect.
a2e7bb2e7d25454c54203b6402cd9e43The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root, different from CVE-2008-4419. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques.
7dfe4ca44a797ab0dafbe716e1150c6cHP Security Bulletin HPSBPI02733 SSRT100646 - A potential security vulnerability has been identified with certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 1 of this advisory.
7d25df1bab21f313b8dd11f9bc0e5b09PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
4ddf92ab837e326d0d39b49b2c6d2aa6Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
0a5b0b412b750a4b710118a2166cbd83The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
ab6ab28cf7523469ca537c452f6636b4Clip Bucket version 2.6 suffers from cross site scripting and remote SQL injection vulnerabilities.
2113afe612b8b9e1f6343cf293914d73Dreambox DM800 suffers from a directory traversal vulnerability.
3ccbcbaf309a1ca4ffccae6f228d6647HP Security Bulletin HPSBPI02728 SSRT100692 3 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 3 of this advisory.
0ac3b53c75c6d212e7caaf8b435d8eccAirTies-4450 suffers from an unauthorized remote reboot vulnerability.
0dd344eb4982878d57588b180e89ab0fEnigma2 Webinterface versions 1.5.x, 1.6.x and 1.7.x suffers from a remote file disclosure vulnerability.
2dc760a5eebc64f72ceec6a5012cf877Paddelberg Topsite Script version 1.2.3 suffers from an authentication bypass vulnerability due to insecure cookie handling.
de908ed7f1dbdbeea8ae7d06cbc6e4d0Debian Linux Security Advisory 2383-1 - Robert Luberda discovered a buffer overflow in the syslog logging code of Super, a tool to execute scripts (or other commands) as if they were root. The default Debian configuration is not affected.
c80cef52b82fd0f154ca2e994d84fb25This is an advance notification of 7 security bulletins that Microsoft is intending to release on January 10, 2012.
9a14354d0d0eff572ae57a9f1523f821Gregarius version 0.x.x suffers from cross site scripting and remote SQL injection vulnerabilities.
f8a076b5e4a2e578f407d5be97a76a9eGentoo Linux Security Advisory 201201-3 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 16.0.912.75 are affected.
b88eac328a94e212f0cc86fa93c2f2baMarinet CMS, which has been reported multiple times for having remote SQL injection vulnerabilities, appears to still suffer from a few more.
da4a31eb2a0b160b13a9f61a95568a47Twoja Witryna CMS suffers from a remote SQL injection vulnerability.
61dae6e6c45c421bf6c0d882f7989357Luxun CMS suffers from a remote SQL injection vulnerability.
3181ba445f584e5697bd07d34d7baf68AiDesign suffers from a remote SQL injection vulnerability.
0ef16a3abb954f9cef2ab2c00794f8c4The WordPress Yousaytoo-auto-publishing plugin suffers from a cross site scripting vulnerability.
25ee6569d99065a79a29e908e83aa9baphpMyDirectory version 1.3.3 suffers from a remote SQL injection vulnerability.
d172ceb90132434ca80472c30b48d9f1Debian Linux Security Advisory 2382-1 - Several problems have been discovered in ecryptfs-utils, a cryptographic filesystem for Linux.
011504f3d0d8bbb1a004366861f5b040OP5 suffers from poor session management, credential leakage and multiple remote root command execution vulnerabilities.
036e614569d9b74c790e04f95141919d
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed