Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
bd7dbcb882281b5a2bdceed5821c114cUbuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.
d35688e59e6cb186155a63ae04e731e5OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
07ecbe4324f140d157478637d6beccf1Ubuntu Security Notice 1335-1 - Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges. Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash. Various other issues were also addressed.
f1820e005118801463e6d76e84524323A possible stack buffer overflow in Suhosin extension's transparent cookie encryption that can only be triggered in an uncommon and weakened Suhosin configuration can lead to arbitrary remote code execution, if the FORTIFY_SOURCE compile option was not used when Suhosin was compiled. Versions 0.9.32.1 and below are affected.
606156cd50168f1f52ef5ba71487136dWhen using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
f6613eb3493fd001a067ea44bef97cebThis is a small MySQL cracking tool capable of running login attempts from multiple threads in parallel. It is capable of 1024 concurrent connections.
c86b51dfee55c0a71e8fff874ef270d7Brand PHP suffers from a remote SQL injection vulnerability.
d2e4ddee01ca89dd7b8bf6f11f96cecaappRain CMF versions 0.1.5 and below suffer from an unrestricted shell upload vulnerability in uploadify.php.
a37855a3c5afededad945923bdcb253dWordPress uCan Post plugin versions 1.0.09 and below suffer from a stored cross site scripting vulnerability.
c3a7d18f3408a218f51307c8b1b93a4cThe Microsoft Anti-XSS library versions 3.0 and 4.0 suffer from a javascript bypass vulnerability.
a567db148a847772b7a71ca9b993ef69WebCrafters Design suffers from a remote SQL injection vulnerability.
bca70c4777251c947ccd045aab1e4effWOL-E is a suite of tools for the Wake on LAN feature of network attached computers, this is now enabled by default on many Apple computers. These tools include bruteforcing the MAC address to wake up clients, sniffing WOL attempts and passwords, scanning for Apple devices and more.
c13b145872bfba6b1dabb7775f28a8abFiche Avion suffers from a remote SQL injection vulnerability.
69b6cdf4524427d48fc72fe0c92b1cd7MaDVideO suffers from a remote SQL injection vulnerability.
0454469dc53ea4e42af74db3d4f63bb7Visualizza suffers from a remote SQL injection vulnerability.
c410a2b7ed1f2fd5f631da0dc888d2f7This is a short whitepaper that discusses common vulnerabilities in online payment systems.
f4267b132dd0f54dcdfcfb54738eda4eThe PostNuke pnAddressbook module suffers from a remote SQL injection vulnerability.
c6e75f0f75dc00334b2856d768bc8f2dHP Security Bulletin HPSBMU02736 SSRT100699 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) and Business Service Management (BSM) . The vulnerabilities could be remotely exploited to allow unauthorized access to sensitive information. Revision 1 of this advisory.
29b998ace0da9a74489931aee8bdaa5eSecunia Security Advisory - Two vulnerabilities have been reported in XnView, which can be exploited by malicious people to compromise a user's system.
1e7ab3eaebc6fb2848b4d0b6f9dd6196Secunia Security Advisory - A vulnerability has been reported in McAfee GroupShield, which can be exploited by malicious people to compromise a vulnerable system.
55bb0653ff17b7d4eaba081a34004da5Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious, local users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS (Denial of Service), by malicious users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS, or by malicious people to cause a DoS.
d8be4d8d2b4d69322df7a0baefb3e50fSecunia Security Advisory - A vulnerability has been reported in the Panels module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
66f2cc2ecbb5aa49a1cace00ea9fbf9bSecunia Security Advisory - A vulnerability has been reported in the Quick Tabs module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
6e9b7f070abee63b119fa2501ea6175fSecunia Security Advisory - Gu1 has discovered a weakness in X.Org, which can be exploited by malicious people with physical access to bypass certain security restrictions.
78ac4dd7d46049ed9aab1a6a5caf8a80
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed