Debian Linux Security Advisory 2384-1 - Several vulnerabilities have been discovered in cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands.
97112ae8aa4be514e6406bc346306ae8f043357bb2bc5dd99ba8f00aab17fbc8Red Hat Security Advisory 2012-0006-01 - This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM Java 1.4.2 SR13-FP11 release. All running instances of IBM Java must be restarted for this update to take effect.
17f7562de05b87b1a1f2c53ed3389559fa6bbee33d0daa3c326cd1eb786381caThe HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root, different from CVE-2008-4419. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques.
bbf0ce50d3dd4baeccc1f6cadb25ebbc0f6568943c21f1edc2430eb89eeed216HP Security Bulletin HPSBPI02733 SSRT100646 - A potential security vulnerability has been identified with certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 1 of this advisory.
8f193cff3feaf772b99d88920c3ec49384f7c8442c29c41e0d9c5501289181b6PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.
9518133a3f1021b40158214497372d472d196b47de6a8109d45d82f46f801c50Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
a2edc67b9136623c3274110d3d2fb937a2a89a14614fc9f94637d0732bad9e9fThe Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
419a31558410996d0ddc10f2db9af168c33801bfb01ae3b243653d5cfaab867eClip Bucket version 2.6 suffers from cross site scripting and remote SQL injection vulnerabilities.
f560fa56449644d6fa13d79ace64425fe5b0e87dd9843a1bdcafa7fc170914fdDreambox DM800 suffers from a directory traversal vulnerability.
3ccbcbaf309a1ca4ffccae6f228d6647HP Security Bulletin HPSBPI02728 SSRT100692 3 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 3 of this advisory.
dd5e56f566ad2ca9b114239aba459968b740fd1b964f71a9074e028284d0c8a1AirTies-4450 suffers from an unauthorized remote reboot vulnerability.
24bbd158e500893c476af676d155912d8555eac877171d84f569ef369e19dde1Enigma2 Webinterface versions 1.5.x, 1.6.x and 1.7.x suffers from a remote file disclosure vulnerability.
fc9bbc6820fa00c3414e7ddd9289efbd8460427518afafafd0bb63131d292e51Paddelberg Topsite Script version 1.2.3 suffers from an authentication bypass vulnerability due to insecure cookie handling.
01a4d20a678fdeeadd7b1e958b70c5cb9c259861d031adfc774c469e7bab3b37Debian Linux Security Advisory 2383-1 - Robert Luberda discovered a buffer overflow in the syslog logging code of Super, a tool to execute scripts (or other commands) as if they were root. The default Debian configuration is not affected.
943c069686b5dc0a065f3bd42c1180381b67663aa09db76a40527eee87e0e0a0This is an advance notification of 7 security bulletins that Microsoft is intending to release on January 10, 2012.
b26002ac326092cb1611e39a7037f254165347f24804aacc6a2bf66c81efd413Gregarius version 0.x.x suffers from cross site scripting and remote SQL injection vulnerabilities.
9054aea688453bef3f43a6d161d88952fdacc2f4af2acd00c089b4951b12cc40Gentoo Linux Security Advisory 201201-3 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 16.0.912.75 are affected.
b0886c59913a1ce7f8669e0fd481d47aa19f0e8b93818fc6ef3a35df2499d55cMarinet CMS, which has been reported multiple times for having remote SQL injection vulnerabilities, appears to still suffer from a few more.
26aa64ebb12aac3418fc76d5453fb515684cf46f88b24a5718c6c301683a1dc8Twoja Witryna CMS suffers from a remote SQL injection vulnerability.
619035c2569dd7baa75d01eb53201863a55804db273f7ce04e62966fe1c68a63Luxun CMS suffers from a remote SQL injection vulnerability.
57ac164aafa399427afb2ce810408cd69cae7ac6bf8ef81d5c885122f82bbd43AiDesign suffers from a remote SQL injection vulnerability.
7eafdb23259045c84ec22e3fe7606b9d8e1e990addd9e8d9fd3f6628b4c8565eThe WordPress Yousaytoo-auto-publishing plugin suffers from a cross site scripting vulnerability.
9faf938437e740a4fa3cd5e61f632fc5e0a284038d0bbc7f6a0a5fc9a9258b25phpMyDirectory version 1.3.3 suffers from a remote SQL injection vulnerability.
affd58c029a3fa3bd13f6458452653483ec3fad7a6b772c755805931cb277a5cDebian Linux Security Advisory 2382-1 - Several problems have been discovered in ecryptfs-utils, a cryptographic filesystem for Linux.
7f3fba9fb2a1cbc606e25d39de03a150254f1845a6b7f75e8a065d1aa8c34661OP5 suffers from poor session management, credential leakage and multiple remote root command execution vulnerabilities.
2da3429a912610984fa7c1f7306b7c0ae2a0a2ae5db72bdf33c2b822f10a3258
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed