europ INNET Web Studio Administration Program version 2.0 suffers from cross site request forgery, cross site scripting, local file inclusion, path disclosure, and remote SQL injection vulnerabilities.
8b945b66041046c68f9608814b1da5af72c0a32cca28ec9997b10974d6f42623
83 bytes small Linux/x86 ASLR deactivation shellcode.
3c4799dd92e003e39ce50560912dd05104d6cce8bc4f1ce4a42be3063c322af2
Mini-Stream RM-MP3 Converter version 3.1.2.1.2010.03.30 buffer overflow exploit with ASLR and DEP bypass.
edfd394763830724256e7884bbcdffd800bc4481aa275a07d6e9009bb6093555
PHP UnZIP version 0.1 suffers from a remote disclosure vulnerability. Note that this finding houses site-specific data.
23a6b6805759f0b8d0a1867fb3e155e4357ccfc59fdb6f110096ef1b359dadac
This Metasploit module exploits a stack-based buffer overflow in Photodex ProShow Producer version 5.0.3256 in the handling of the plugins load list file. An attacker must send the crafted "load" file to victim, who must store it in the installation directory. The vulnerability will be triggered the next time ProShow is opened. The module has been tested successfully on Windows XP SP3 and Windows 7 SP1.
bf2514d474a7b08d3b8119c8f11509c92a1414014f2de791e9a5e94b2b9e0c03
Secunia Security Advisory - muts has reported a vulnerability in Dell SonicWALL Scrutinizer, which can be exploited by malicious people to conduct SQL injection attacks.
f0ccb5e2b55c245c40ea03dc1aecbb75726164ee9f5337b0ea7f906740a46718
Secunia Security Advisory - NetBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
fc2ab73f81d9b37fd7f479a3237004f5c305cadc5ed26b487ef654e65b2fa37c
Secunia Security Advisory - A security issue has been reported in the Location module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.
454541b7a58fc771d7673b623827bb759fe2c702b466c14b246f379f5aa68b04
Secunia Security Advisory - HTTPCS has discovered two vulnerabilities in Thelia, which can be exploited by malicious people to conduct cross-site scripting attacks.
c4b63ea336474287f043f95019e6cd64e843eff7a1f301eb38289f8875c0f047
Secunia Security Advisory - Multiple vulnerabilities have been reported in Adaptive Server Enterprise, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and compromise a vulnerable system.
efb8365869e395dfc8adf202e5f9dafea448cca331bd66abc450b9c2081675b0
Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions in an application using the library.
437136c2b6d4c58de22a78afe4d04237a3da9a57a59713b7363d6b3f84dd6fb3
Secunia Security Advisory - A weakness has been reported in the Secure Login module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.
6a5dcea1138907bac81b8d38c6dc8b0ace4938837cf2debd399056437fb8f8f0
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in multiple Sybase products.
b3b7de1ffcf8045bdc6355426edaf09b1bad8236ebf768a2a6c8c2ed5274f70b
Secunia Security Advisory - A vulnerability has been reported in the Authen::ExternalAuth extension for RT, which can be exploited by malicious people to bypass certain security restrictions.
d3a746eb41a3b0acd05d875969f2d7e618d666f75397e20bab9a14f39a98a595
Secunia Security Advisory - Some Vulnerabilities have been reported in the RTFM extension for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.
70b1f89b1a0ef7f025ea8bc1bab05b8194bfcff04e4bc0ef2ee9025ff2c39d24
Secunia Security Advisory - Some vulnerabilities have been reported in the Extension::MobileUI for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.
ab2e8b6413fe7d80930238df5428ddab75f4e3c2f88f803a8cec8ee50e90deaa
Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
1256b9eabb591bfe6735cfcd5b31fafece6cca0028f6df1894bd805070ba6d45
The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.
369682b2e5a5716a6271a6c5db9a43e3809e91acfb08438c0d3de2fec1284a35
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
b76fc3118d8fe93230f8544a6507609fe103e65bd131ddd246af1ee88c30a1ab
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
933d4fffd3ddffb6eeb8972b47caf3bce6a24d709209a488ab2ddec8e716842c
Red Hat Security Advisory 2012-1114-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.
737ca44d3c22f02002125758603606b3bf1912e7077558158feefff2fb692236
Ubuntu Security Notice 1517-1 - It was discovered that the Mono System.Web library incorrectly filtered certain error messages related to forbidden files. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. It was discovered that the Mono System.Web library incorrectly handled the EnableViewStateMac property. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 10.04 LTS. Various other issues were also addressed.
be0532b5d29f4ce5ef9813a17a2367a5ec386f67370f51d9825d90b7a5f27ec2
Red Hat Security Advisory 2012-1116-01 - Perl DBI is a database access Application Programming Interface for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of perl-DBD-Pg are advised to upgrade to this updated package, which contains a backported patch to fix these issues. Applications using perl-DBD-Pg must be restarted for the update to take effect.
6b9911606556711f6d311f9701a306c24b1afc6085dfd1dde7ad91431c552f38
Ubuntu Security Notice 1516-1 - It was discovered that OpenSSL incorrectly handled the SSL_OP_ALL setting. This resulted in TLS 1.1 and TLS 1.2 being inadvertently disabled for certain server and client applications.
f2262e55a41ba5619c60cd6ba0d89acc3919c82392ab15e2dd986d7c27563ab8