Symantec Web Gateway version 5.0.2 remote local file inclusion root exploit.
e1cd70ed9ddc7db0a7bc45a9ac537159Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service.
669bfff032cd2b42bbdf149e5ef06a1dPligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.
7b79d17eacb9df80bafc88ab8fbbdabcUbuntu Security Notice 1453-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
e3d9015d666d8f4b4efc27aeb34e081aUbuntu Security Notice 1452-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
b2abab8c59bf6aa71b07833130a15467Secunia Security Advisory - A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
7fc60c457daee5125db7f563b684dceeYDFramework version 2.0-Beta1 suffers from a local file disclosure vulnerability.
2e0a865b7df93b06e07bffc87eb32d85Symantec End Point Protection version 11.x and Symantec Network Access Control version 11.x local code execution proof of concept exploit.
174fc0f373ce2fdf3dc6f1c8d79bb041Secunia Security Advisory - Dmitry Oleksiuk has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to potentially gain escalated privileges.
9478a3eac768809521e02730c8e86c2dSecunia Security Advisory - A security issue has been reported in mod_auth_openid, which can be exploited by malicious, local users to disclose sensitive information.
594741c2cdb12e29c2e32e958d330bcdAjaxmint Gallery version 1.0 suffers from a local file inclusion vulnerability.
db4ac715f286ea13414831d16f447d95Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
67d005e35334b61cb7b1e0b05ff1e948Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Web Server. This fixes multiple weakness, two security issues, and multiple vulnerabilities, which can be exploited by malicious, local users and malicious people to disclose sensitive information, bypass certain security restrictions, or cause a DoS (Denial of Service).
477975a07667e7f331947305a8295e08Mandriva Linux Security Advisory 2012-079 - A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in the sudoers file or in LDAP. As a result, users authorized to run commands on certain IP networks may be able to run commands on hosts that belong to other networks not explicitly listed in sudoers. The updated packages have been patched to correct this issue.
a82d4f16637b3e9c765adcb020435e6eUbuntu Security Notice 1448-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
64020a7ad9d2524e8a27f3902d2f9482Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e2eb0b9d699616053cac2fb03ef646dcSecunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6dfe185593afd5960bdbcd549f737e02Quarks PwDump is a native Win32 tool to extract credentials from Windows operating systems. It currently extracts local accounts NT/LM hashes and history, domain accounts NT/LM hashes and history, cached domain password, and Bitlocker recovery information.
8f2cf3805445690010dece3116715100Vertrigoserv version 2.27 local privilege escalation exploit.
3e31f92867d9546df9f23ff00c119ee5Ubuntu Security Notice 1445-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.
4680890e5be09de2cf9e803217cda11eSecunia Security Advisory - A vulnerability has been reported in OpenVMS, which can be exploited by malicious, local users to gain escalated privileges.
533e87ec145082c46b32bfa1d3902964Secunia Security Advisory - Ubuntu has issued an update for update-manager. This fixes two security issues, which can potentially be exploited by malicious, local users and malicious people to disclose sensitive information.
fb2e679ec12760db5dc5d76529bede24Cryptographp suffers from local file inclusion and HTTP response splitting vulnerabilities.
60dabe657f693a1c4d9b4bfe6ae9b2f7WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found. After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited.
344eece8b692a4f6c7159ef0b264d1ceMandriva Linux Security Advisory 2012-077 - Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. Various other issues have also been addressed.
fa1ac8dbf0bf748076337278c27ec507
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed