Ubuntu Security Notice 999-1 - Mike Roszkowski discovered that the Kerberos KDC did not correctly validate the contents of certain messages. If an authenticated remote attacker sent specially crafted TGS requests, the KDC service would crash, leading to a denial of service.
5de8b3fb4816aafe3b8e24e0543bd5f4519a3ac80cdb3555bd7c8f5dccf79f6eGentoo Linux Security Advisory 201010-1 - Multiple vulnerabilities in libpng might lead to privilege escalation or a Denial of Service. Versions less than 1.4.3 are affected.
053ed2283e7bc0cc350641770fd5cf189d7743c4b37cb99243aa7582fe434950Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
b19b074e421a326d04c0e311798ab6b4e157d9889a469732c033aaa433452907MIT krb5 Security Advisory 2010-006 - When the MIT krb5 KDC receives certain Kerberos TGS request messages, it may dereference an uninitialized pointer while processing authorization data, causing a crash, or in rare cases, unauthorized information disclosure, ticket modification, or execution of arbitrary code. The crash may be triggered by legitimate requests. This is an implementation vulnerability in MIT krb5, and not a vulnerability in the Kerberos protocol.
f3039556ba2a6b5f444436e40cac97de156ae171ed4baa92a2d04b1d58559192The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file.
91e84d4d8c33fdbfa8e41f39c4f82e45db20959792a1fa9ddfe0c442f33bb47eSquirrelMail Virtual Keyboard plugin versions 0.9.1 and suffer from a cross site scripting vulnerability.
a91bac14350627388057c184ca13072b38a66ed5a1695d547a0e23f34571df23Docebo version 3.6.0.4 suffers from a cross site scripting vulnerability.
200b66412cd6c1270d15fb7f54e4e6a15be9a6dbc2a69fcf07aa11e25b148afcIMF 2011 Call For Papers - The International Conference on IT-Incident Management and IT-Forensics invites submissions for IMF 2011 being held from May 10th through the 12th, 2011 in Stuttgart, Germany.
1d063b6ccaabd1e0ed8c260e135d883efa612c2580eba356dab2a239afced41cThis tool is a proof of concept utility that demonstrates how CleanerSoft's Free Hide Folder is insecure. It uncovers the master password, shows what folders are hidden and can unhide them.
b57fab33a5d38439456d68699ade172233b85c0a1e62fe7cde6dc3117397f4a5SPAW Editor suffers from a local file inclusion vulnerability.
193c00e5b83e0013d1445270052d4a8fd7eb54f2dc1c9e134f5c2ffa7cfc4e66HP Security Bulletin HPSBTU02496 SSRT090245 - A potential security vulnerability has been identified on the HP Tru64 Operating System when running NTP Server. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
e4a5e456a00147c12f6eb69a4a1eb29db1b375101ad124280b982537fa3ec390Elxis CMS version 2009.2 electra rev2631 suffers from SQL injection and cross site scripting vulnerabilities.
8714b5d62c4b20363ae5f16d006b8b45792ee2b2f874bc833698941981ad15b4Cag CMS versions 0.2 and below suffer from cross site scripting and remote blind SQL injection vulnerabilities.
fccf6c3d4056c624b927182c0289f69dfb60b5f911673159639eecf304397f7eGlobal Travel suffers from a remote SQL injection vulnerability.
db9677e795f80295ea8de56cf3b4de3399419736396835dfcdbaf739eb1df364Debian Linux Security Advisory 2117-1 - APR-util is part of the Apache Portable Runtime library which is used by projects such as Apache httpd and Subversion. Jeff Trawick discovered a flaw in the apr_brigade_split_line() function in apr-util. A remote attacker could send crafted http requests to cause a greatly increased memory consumption in Apache httpd, resulting in a denial of service.
67cbe05ab7fb997c5c2fe794fbdf3cf7157f9155c673e328458a27e75c48fbcaDebian Linux Security Advisory 2116-1 - Marc Schoenefeld has found an input stream position error in the way the FreeType font rendering engine processed input file streams. If a user loaded a specially-crafted font file with an application linked against FreeType and relevant font glyphs were subsequently rendered with the X FreeType library (libXft), it could cause the application to crash or, possibly execute arbitrary code.
910f30cacded6a419b51fd3cb37ad51bfa809bcf0020a5c6a230b1cb04e23e2bSecunia Security Advisory - Two vulnerabilities have been discovered in AD-EDIT2, which can be exploited by malicious people to conduct cross-site scripting attacks.
49297f1d9f5d3aea144f0e5379c13055ff5e67107d2167a226c8eee2850ee440Secunia Security Advisory - Debian has issue an update for apr-util. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
f84975f5bacc884ff45fbbe96d33bbd96b273b8b915fee54419638b863882bfeSecunia Security Advisory - A vulnerability has been reported in activeCollab, which can be exploited by malicious users to bypass certain security restrictions.
64cd6acb7081f6f9814511357ace2c6e4a0822c6738230b80bc1a6b9190ddbe0Secunia Security Advisory - David Hoyt has discovered some vulnerabilities in SmarterMail, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
4d67339b385398fee7c113bb1c3fb127aabe37babcc14241b42a968b89875d08Secunia Security Advisory - Fedora has issued an update for mysql. This fixes some security issues, where one has unknown impacts while others can be exploited by malicious users to cause a DoS (Denial of Service).
c5b2e7409caa8b348311e94f6b773e6cfe7004b5abbe2b09d980ff8e103ba779Secunia Security Advisory - A vulnerability has been reported in the JomSocial component for Joomla!, which can be exploited by malicious users to compromise a vulnerable system.
6bd573f839d01debb71eff30f1a9438876a98c70d0217e8bd0ce5b38d92e686a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed