Kingsoft AntiVirus 2012 KisKrnl.sys versions 2011.7.8.913 and below local kernel mode privilege escalation exploit.
9d7b340d71c50c87f2f1c7b9ede1151660b6b9dbb1ac032dcdc173e51908c3b4Mandriva Linux Security Advisory 2011-117 - ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script. The updated packages have been patched to correct this issue.
dab8d6dbdacf847c8857d2b8221f6fa38c0fe250483a7247af2d897992aba61cMandriva Linux Security Advisory 2011-116 - The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
767f06162b545daa7a4c7e9547032580498601a606a596114106c10fe11f863fMyNews version 1.6.5 suffers from a shell upload vulnerability.
a98b8f075769954f984b53f82d91da662fedfccd1a86a2d5a933e0c25ac80d16Several parameters in Joomla! core components suffer from a cross site scripting vulnerability. Joomla! versions 1.7.0-RC and 1.6.x are affected.
f9ada093d3f856e82f16c021882cd913a7299e9a1bcc1cbb7a1543e8aa555943Secunia Security Advisory - Multiple vulnerabilities with an unknown impact have been reported in Free Help Desk.
cb09e80d9f79ecfedfc88d1ccbfe45929a6ab11eeccbad62219237c8f50be8acSecunia Security Advisory - Novell has acknowledged a vulnerability in Novell Teaming, which can be exploited by malicious people to cause a DoS (Denial of Service).
906ced5e4719235fe10b65c0afb114a364cc65ce1900f2dd17f239c4460e33adSecunia Security Advisory - Aung Khant has discovered a vulnerability in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.
c116b7c881b8da02fdb6f917a9060ba25b371283441770c863c980736cd3d206Secunia Security Advisory - Novell has acknowledged a vulnerability in Novell Vibe OnPrem, which can be exploited by malicious people to cause a DoS (Denial of Service).
5ed11aacbc8f18197e6717268105b67a99776008fad9e0e044d286664959804eSecunia Security Advisory - Ubuntu has issued an update for logrotate. This fixes multiple security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges.
fcf56abedd0ccf2490a23c27f0b7253e9fbdd4e16477edbf51d03e6e09b4e654Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in JRockit, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
669f1bd11050637700bded0849de5a9a967ac5e6e2dcdb2d1c17e474226f3681Secunia Security Advisory - Some vulnerabilities have been reported in Sun Integrated Lights Out Manager, which can be exploited by malicious, local users to gain knowledge of sensitive information and malicious people to compromise a vulnerable device.
a09772ff2a024e3d07f7d444434f5f855d661e248772dcc04e03da940857f6d4Secunia Security Advisory - Some vulnerabilities have been reported in MapServer, which can be exploited by malicious people to conduct SQL injection attacks and potentially compromise a vulnerable system.
c73fdab028056470f8b9b6ea0e3774039cb5fa65f55c9b8d23ba845ce83153a2Secunia Security Advisory - Red Hat has issued an update for fuse. This fixes some security issues, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
fd18c421da3c742a87df3bdee72d00a7810c22d2df46d752a115138520f1191bSecunia Security Advisory - A vulnerability has been reported in Oracle Solaris Cluster, which can be exploited by malicious, local users to gain escalated privileges.
1752bfa7ace357f517b4111bada4bbe6068aed3f126c734f55524eaa28d3f430Secunia Security Advisory - A vulnerability has been reported in Oracle Agile PLM, which can be exploited by malicious users to gain knowledge of sensitive information.
ccfc372a44927733d8f1823d64da9209865f9bc592da060b3bb4f11355962a87Secunia Security Advisory - Some vulnerabilities have been reported in Oracle Secure Backup, which can be exploited by malicious people to conduct cross-site scripting attacks, cross-site request forgery attacks, and compromise a vulnerable system.
04caf0f1ac4c12a575d72064dea523d84cf6ad3d5b4eab77409654ada714695fSecunia Security Advisory - Some vulnerabilities have been reported in MapServer, which can be exploited by malicious people to conduct SQL injection attacks.
837a4015f27a37b7b191d7db30818ae74a61194e4750c9c7b59e7a6479d05a36Secunia Security Advisory - Gabor Berczi has reported a vulnerability in PRADO, which can be exploited by malicious people to manipulate certain data or disclose sensitive information.
d16eca667dff2ebfb9463f5bdb8c176fca5389537be070a41a2b19bd90fb9773Secunia Security Advisory - playball2009 has discovered a vulnerability in the AlphaRegistration component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
769701db5f2d2bf2f6aeb65309896b7fd64772bbdaa0cfe0366ef4290f81b373Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya Application Enablement Services, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
71f4280fbfacda0f71ed07e8837a685208f7c7f1d2438af1de55a6e176fd23feSecunia Security Advisory - Red Hat has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
da5546ea5e1e93339f37ebda8584c67057c46c1bbbef8715cadeec28a7a4385aSecunia Security Advisory - Alfredo Arauz has discovered a vulnerability in the Simple Page Options module for Joomla!, which can be exploited by malicious people to disclose sensitive information.
85d97bbafc0b1ee13d0b69f4efca23c7471c75779d608cfcf202828a3efdb017Ubuntu Security Notice 1172-1 - It was discovered that logrotate incorrectly handled the creation of new log files. Local users could possibly read log files if they were opened before permissions were in place. This issue only affected Ubuntu 8.04 LTS. It was discovered that logrotate incorrectly handled certain log file names when used with the shred option. Local attackers able to create log files with specially crafted filenames could use this issue to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, 10.10, and 11.04. Various other issues were also addressed.
eada5edc859cb5636e8793b60962d15ddf0ebab2fd051d849946102d688dc9bcRed Hat Security Advisory 2011-1085-01 - A flaw was found in the way the FreeType font rendering engine processed certain PostScript Type 1 fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The X server must be restarted for this update to take effect.
dbcb59957019948262934a95e6d17915a72a492466ce357bb009560b8031ef27
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed