http://packetstormsecurity.org/ Packet Storm Last 10 Files en-us http://packetstormsecurity.org/filedesc/e107zogo-sql.txt.html The e107 zogo-shop plugin version 1.16 Beta 13 suffers from a SQL injection vulnerability. http://packetstormsecurity.org/filedesc/aih-sql.txt.html Advanced Image Hosting version 2.1 remote SQL injection exploit. http://packetstormsecurity.org/filedesc/e107blog-blindsql.txt.html The e107 BLOG engine plugin version 2.2 suffers from a blind SQL injection vulnerability. http://packetstormsecurity.org/filedesc/ajhyip-sql.txt.html AJ HYIP ACME suffers from a remote SQL injection vulnerability in topic_detail.php. http://packetstormsecurity.org/filedesc/eqdkp-bypass.txt.html EQDKP version 1.3.2f authentication bypass proof of concept exploit. http://packetstormsecurity.org/filedesc/USN-612-2.txt.html Ubuntu Security Notice 612-2 - A weakness has been discovered in the random number generator used by OpenSSL on Debian and Ubuntu systems. As a result of this weakness, certain encryption keys are much more common than they should be, such that an attacker could guess the key through a brute-force attack given minimal knowledge of the system. This particularly affects the use of encryption keys in OpenSSH. This vulnerability only affects operating systems which (like Ubuntu) are based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. We consider this an extremely serious vulnerability, and urge all users to act immediately to secure their systems. http://packetstormsecurity.org/filedesc/dsa-1571-1.txt.html Debian Security Advisory 1571-1 - Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package. As a result, cryptographic key material may be guessable. This is a Debian-specific vulnerability which does not affect other operating systems which are not based on Debian. However, other systems can be indirectly affected if weak keys are imported into them. It is strongly recommended that all cryptographic key material which has been generated by OpenSSL versions starting with 0.9.8c-1 on Debian systems is recreated from scratch. Furthermore, all DSA keys ever used on affected Debian systems for signing or authentication purposes should be considered compromised; the Digital Signature Algorithm relies on a secret random value used during signature generation. http://packetstormsecurity.org/filedesc/articlelive-xss.txt.html Interspire ArticleLive NX is vulnerable to a cross site scripting vulnerability. http://packetstormsecurity.org/filedesc/major_rls52.txt.html Actual Analyzer Server versions 8.37 and below, Gold versions 7.74 and below, Pro versions 6.95 and below, and Lite versions 2.78 and below all suffer from a cross site scripting vulnerability. http://packetstormsecurity.org/filedesc/dsa-1575-1.txt.html Debian Security Advisory 1575-1 - A vulnerability has been discovered in the Linux kernel that may lead to a denial of service. Alexander Viro discovered a race condition in the fcntl code that may permit local users on multi-processor systems to execute parallel code paths that are otherwise prohibited and gain re-ordered access to the descriptor table.