SDT Cleaner is a small laboratory tool that attempts to restore the pointers installed by Anti-Virus and Firewalls in the SSDT (System Service Descriptor Table).
bba5724287d4dfa2c7b4b791fa7251d9d037e14038c4ba65232fbf9c4a0c464aSecunia Security Advisory - Two vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service) or to conduct DoS attacks.
37add72974023dd57b8867030af0b300238cff6fbe60d371c50871713f69e91fSecunia Security Advisory - Tim Loshak has reported some vulnerabilities in SocialEngine, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to conduct SQL injection attacks and bypass certain security restrictions.
7adc418937e9c2aeae2a568e2929dfc90b51ff60911489820b340afbf369b4e6Debian Security Advisory 1615-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
1293a230aec19d4794ad667b0743ae3a6d411870c09bf514b6c912b80f087494Debian Security Advisory 1614-1 - Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. It was discovered that missing boundary checks on a reference counter for CSS objects can lead to the execution of arbitrary code. Billy Rios discovered that passing an URL containing a pipe symbol to Iceweasel can lead to Chrome privilege escalation.
59ff1e0473a5b291feb220328e663ac8016843d8bd53f10e2bf2127d720e8f71Debian Security Advisory 1540-3 - This update fixes a regression in lighttpd introduced in DSA-1540, causing SSL failures.
700fbcba0948ac083649f503b18b4778a113b2ad544f5d67eeb60962055d0e06Ubuntu Security Notice 628-1 - Over a dozen vulnerabilities in php5 have been addressed in Ubuntu.
3f4762bf322681e8f3484947ebc156f14c168b070b0d2ba92a048e740c8ac08fThis advisory discusses the filetype.vim vulnerability in Vim version 7.2b.10 that allows for arbitrary code execution and also notes that the Vim patch 7.1.300 did not fix the vulnerability.
ce5ac1fb0fa0e4f7d6ca3213e51c52d637564fd39e7c05602f63456e5bd83fcdEMC's Centera Universal Access product version CUA4.0_4735.p4 suffers from a SQL injection vulnerability.
1ba16e3dd1c68e627cd162e7fa847696127238ad7ee62b95a0dfe2d75df736e1Asterisk Project Security Advisory - An attacker may request an Asterisk server to send part of a firmware image. However, as this firmware download protocol does not initiate a handshake, the source address may be spoofed. Therefore, an IAX2 FWDOWNL request for a firmware file may consume as little as 40 bytes, yet produces a 1040 byte response. Coupled with multiple geographically diverse Asterisk servers, an attacker may flood an victim site with unwanted firmware packets.
033fd05fff387ab0474d5a49f0a057699dcb0943d8893658905cf254d19d1aa2Asterisk Project Security Advisory - By flooding an Asterisk server with IAX2 'POKE' requests, an attacker may eat up all call numbers associated with the IAX2 protocol on an Asterisk server and prevent other IAX2 calls from getting through. Due to the nature of the protocol, IAX2 POKE calls will expect an ACK packet in response to the PONG packet sent in response to the POKE. While waiting for this ACK packet, this dialog consumes an IAX2 call number, as the ACK packet must contain the same call number as was allocated and sent in the PONG.
d7ea9284131bcea62f7425642c3db4439b8033df1205a39d88ff0808e5893c71Mandriva Linux Security Advisory - A vulnerability in xemacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by xemacs. The updated packages have been patched to correct this issue.
4f2b86980c8b8649e554d4d774dcb3460ffe1043f38da62b62114074a8c90c01Mandriva Linux Security Advisory - A vulnerability in emacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by emacs. The updated packages have been patched to correct this issue.
40560bc23082187698d3b92addfc7ab5888597b4f0874ed4f353f8ae0421fd12Mandriva Linux Security Advisory - A vulnerability was found in Wireshark, that could cause it to crash while processing malicious packets. This update provides Wireshark 1.0.2, which is not vulnerable to that.
fa99212bacd74579dda5c1a71dffa9e67ea44046c3ef0fbfe9f198ad7864f01fThe Joomla Mamml component suffers from a remote file disclosure vulnerability.
ca73086df4954e539662b61da612ef1dfa520fb43cd594ee634b2912bcf86952Whitepaper discussing techniques for MySQL related SQL injection. Written in Spanish.
ee7e900283cc996a8c28c40c5884ac9c44ab2146723cc1d4733f97b3eed84f6dOutpost Security Suite Pro version 2009 suffers from multiple bypass vulnerabilities when using special characters.
b396180aa65991839dda6612e4c68b4f3a03a102acaa5076ff8c4c4699963ebeMoodle versions 1.7.4 and below suffer from a cross site request forgery vulnerability.
9b672c9891f43e963372288c6214110301eb382e12f52a3d07f345af494e127dMoodle version 1.6.5 is vulnerable to web root disclosure issues.
b7152cf1de201fd0666c3798c71f085ae1c67f8fcd050b3cf71b0174519848b9A cross site scripting vulnerability exists in Moodle versions 1.7.4 and below.
b0fe23900a332e7a187b189caa6b1a774cde02b5151c2953c4ae3181b49714a8SocialEngine versions below 2.83 suffer from an input validation vulnerability that allows for client take over.
efee5ae6331151db8e868532a24b5069c026036c4445d870851b81127c4c0dcbEMC Dantz Retrospect 7 Backup Server version 7.5.508 suffers from a weak password hash arithmetic vulnerability in the authentication module.
1596d2328afec96db809557f05df08025aca83b41d12b5458c7f8ca05bdb92d7Pre Survey Poll suffers from a SQL injection vulnerability in default.asp.
2f95f78977581f1cd39398510713033dd21e1cec9064e7c8fe596331d6159e87EZWebAlbum suffers from an insecure cookie handling vulnerability that allows anyone to be an administrator.
2b4daa4e463ca44a323fb0d3c054525f029f5c280b1fe776bb840583356dad62Minix version 3.1.2a suffers from a tty panic local denial of service vulnerability.
c62bfc6a7420bf5edae1534ed45b7ed9d24b51a164f9bced3dc7394931a1f3e5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed