KAPDA Advisory #60 - Mambo V4.6.x vulnerabilities including cross site scripting and html/sql injection.
68adf8157b330a4c6eb23279bad3662561c6abed1f3afd904536d8dbcf771fbcPHPLibrary 1.5.3 suffers from a remote file inclusion vulnerability in Description.php.
6b5299bb1486c24dda50691244bc3dcbef5c37732ee22c3c1fc5c056d4358986OpenPKG Security Advisory: OpenPKG-SA-2006.025 - According to vendor security advisories, multiple vulnerabilities exist in the Drupal content management platform.
6be1097032a6adc0d7b51fd034f0bc7be55b15219e7a7238c4caef2666900a01CAID 34693, 34694 - CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.
aab9553c2355bbb2473b67f29de0eca777c8f03660b498ab0279bf3ed1729b5bPHP Classifieds 7.1 suffers from a remote file inclusion vulnerability in functions.php.
ad620f6e45076b05c0365953c4d7cbd5670bf57c88e414aa60efa474ff18d143Kasperksy NDIS-TDI Hooking Engine Drivers Privilege Escalation exploit (KLIN Driver).
2a380707999475ea7fd7d349d5476f942e1f94d0fed5462bd708b00caa6d99d3Kasperksy NDIS-TDI Hooking Engine Drivers Privilege Escalation exploit (KLIN Driver).
cdaef9b3cd212b4968dd175cdb440e960c446201e5ceee496e79c27b1e118cdeiDefense Security Advisory 10.19.06: Local exploitation of a design error vulnerability in Kaspersky Labs Anti-Virus allows an attacker to execute arbitrary code with kernel privileges.
d6eec94bcf743a49b6d90a0f3a45fd295782cb3c5035b7e02e1a0ce27d776681Simplog version 0.9.3.1 and prior are vulnerable to SQL injection in preview.php.
81e3013246dc81c4b8773155c075e1f033b3f0c68bfa5cc55fe04035ce1d615eMandriva Linux Security Advisory MDKSA-2006-186: A vulnerability was discovered in the way that Qt handled pixmap images and the KDE khtml library used Qt in such a way that untrusted parameters could be passed to Qt, resulting in an integer overflow. This flaw could be exploited by a remote attacker in a malicious website that, when viewed by an individual using Konqueror, would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the user.
9f6d4da34fae459c68dab5c764226d2aae4e449beea2b0f573e368436b78b554ATutor versions 1.5.3.2 and prior suffer from multiple remote file inclusion vulnerabilities.
ed984c20951420e9281229b3a644128ad91776098b7b2a7dde32e2c71aa5afd5Simple Machines Forum SMF versions 1.1 RC2 and prior suffer from cross site scripting in index.php.
d21cdd6f99142a203e0c3d007ffb6a6ade1c393c3638bedd39166a69e61dd4a0Hardened-PHP Project Security Advisory - Serendipity Weblog XSS Vulnerabilities: Serendipity failed to correctly sanitize user input on the media manager administration page. The content of GET variables were written into JavaScript strings. By using standard string evasion techniques it was possible to execute arbitrary JavaScript.
977cf29a2f2bd2f3dc39bacca340e2db5b8aa5dbda625f48770408892a0e92c1OpenPKG Security Advisory - OpenPKG-SA-2006.024: According to a vendor security advisory [1], a vulnerability exists in the Asterisk Private Branch Exchange (PBX) software [2]. This vulnerability would enable an attacker to remotely execute code as the user Asterisk is running under. It is not required that the "skinny.conf" file contains any valid phone entries, only that the "chan_skinny" module is loaded and operational (but which is not the default in OpenPKG's default Asterisk configuration).
ad50af74accf0c123d0c691ba53c59fe1bb6624de2a2d66ff30fb4f760097fceDebian Security Advisory 1196-1: Several remote vulnerabilities have been discovered in the ClamAV malware scan engine, which may lead to the execution of arbitrary code
41430b2abec922d0cdee2cb432b7959570472108465e9b7b64c00708bd2c0b59A package containing a simple DTLS client and server designed to demonstrate how to send UDP data over an encrypted channel using OpenSSL DTLSv1 support.
432f81cacef13a97ab5f32e61353bb4b039e97f528a8e5da376049a99fd7b9deSecunia Security Advisory - Tan Chew Keong has reported two vulnerabilities in CruiseWorks, which can be exploited by malicious users to gain knowledge of sensitive information and compromise a vulnerable system.
439072b410e10c1ae3d3fe218ed76d397f810aa4d2261b7c5b3d7908ad98e659Secunia Security Advisory - A vulnerability has been reported in desknet's, which can be exploited by malicious users to compromise a vulnerable system.
695231cfd7c078f9a5d0b48cf4672aeac2837def42623a2eb15bb692a705b349Secunia Security Advisory - Ubuntu has issued an update for Qt. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
a5131197ceb1283190878607cae0cad41359fb5cc5e8405982b62069de440cf1Secunia Security Advisory - Kw3[R]Ln has discovered some vulnerabilities in 2BGal, which can be exploited by malicious people to disclose potentially sensitive information.
4fba1b58f55eac73318b4ffda3015a5ab6a99beca81697af5fd058e3ca1f6e83Secunia Security Advisory - Debian has issued an update for python 2.3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
eb134c79c1662f77668789d9a7b3cee80653779ae0004060e40c8132753b1702Secunia Security Advisory - A vulnerability has been reported in various Symantec products, which can be exploited by malicious, local users to gain escalated privileges.
21351b183e5dcb3507a375a1ccb963a20831511946e02545a639f7d45d7d3ea5Secunia Security Advisory - Drago84 has discovered some vulnerabilities in Der Dirigent, which can be exploited by malicious people to compromise a vulnerable system.
c1bee89295506f4aa3e58f011e81a3e563ae52326e20a36628e4fc70ef25c27eSecunia Security Advisory - the master has discovered some vulnerabilities in Wiclear, which can be exploited by malicious people to compromise a vulnerable system.
fe624e325ac97cc6949d23582a3df6457f7536fd6a4b5feb68fee3a7f625626eSecunia Security Advisory - Raphael HUCK has reported some vulnerabilities in WikiNi, which can be exploited by malicious people to conduct cross-site scripting attacks.
b5da6267431b08c2529eca01c9a1ed4a40faf4e299c63517d8711cdfd5f3d0db
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed