Secunia Security Advisory - A vulnerability has been reported in Network UPS Tools, which can be exploited by malicious people to compromise a vulnerable system.
994fa949fa6b52a0e14620ceb29e647a98a2a325499cdb9ce95b5e54bd44fe8dSecunia Security Advisory - Multiple vulnerabilities have been reported in the Mobile Tools module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
285226714bd31810c5d9db306cbcc9fa57403d5912e9f3e6f1356f783b0bd882Secunia Security Advisory - Francis Provencher has discovered a vulnerability in IrfanView Formats PlugIn, which can be exploited by malicious people to compromise a user's system.
ebea45f930875aa38ecb4607ce1c3ae21622343b3c11f6709af1ffd9e5fefe0eSecunia Security Advisory - A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service).
13d7db805cd9970af77acad695292c77c3c672d90aaafc50485018b3e3992b0fSecunia Security Advisory - Red Hat has issued an update for java-1.4.2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
ca6197afb8a33c747646469a0a4b983fc0647314eb6db70b776a4f3cbe0b7cd7Secunia Security Advisory - A weakness has been reported in FreeBSD, which can be exploited by malicious people to conduct brute force attacks.
096d89e5f8bb66f7e25482daa3d537e6b8f732ea196a69e90fc5267468b4db01Secunia Security Advisory - A weakness has been reported in PostgreSQL, which can be exploited by malicious people to conduct brute force attacks.
e1c5c11955509cbc5a439dbbb257328e1a48143f812710577888104d5d701abfSecunia Security Advisory - SUSE has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) of the application using the library.
1cbf645adf1c41ce824252a3ef2c7616c72a5c827da1ae6ab066fd31b1b6b4aeSecunia Security Advisory - A vulnerability has been reported in the Amadou theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
1a64fc52c5509b115f7a702da66f97ee081c9d090f92af7fc043f84268f6ffa9Secunia Security Advisory - A vulnerability has been reported in the Comment Moderation module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
8615a53f2a2de7cf77277a6779a3226aef27e0515cd62096726ecf5f2cc483cbSecunia Security Advisory - A security issue has been reported in the filedepot module for Drupal, which can be exploited by malicious users to hijack a user's session.
d7121cadfd78c06331627fd5e8ede94f271c6e19cd9cabadfd4236ae6b03dfddSecunia Security Advisory - Mike Arnold has reported a vulnerability in MapServer for Windows, which can be exploited by malicious people to compromise a vulnerable system.
a0d5ef83bb350b5b5503103dc36631a09e4eb6dcf3b75c6f2f00c6283b3f4359Secunia Security Advisory - Two vulnerabilities have been reported in the Planning module for activeCollab, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks.
84704f27fb03f731531bc6789055221ab489baf067769d40a00524837f85085dSecunia Security Advisory - SUSE has issued an update for openssl. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) of an application using the library.
cbc69a73d26d914de7b08673b07e0db475156ccda21d687a4005233283ac485fSecunia Security Advisory - A security issue has been reported in Qemu, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
360baf929eddf3745ff89fd2aefac60e6419969065df9df97f1cbe91443bba75Secunia Security Advisory - SUSE has issued an update for net-snmp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
7696b72fc3ae8763b100e059ac6debb3eda37fa695668bac790092e0088bd091Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP440) and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability.
fff41f08fd976df15727676fbdf3534859a2336101b9fdcdc8160a445d8bf795Drupal Filedepot third party module version 6.x suffers from an access bypass vulnerability.
458f98b4ad4003bf3aa663adf77ce9a113cc04ada72fbb4d272a2a8121becec3.NET versions 1.0 through 4 suffer from a remote code execution vulnerability.
307f395b028ac122304fef534240c7e23084013f6280c7430f0e184b83090603There is a buffer overflow in the script-fu server component of GIMP (the GNU Image Manipulation Program) in all 2.6 versions (Windows and Linux versions) affecting both the script-fu console and the script-fu network server. A crafted msg to the script-fu server overflows a buffer and overwrites several function pointers allowing the attacker to gain control of EIP and potentially execute arbitrary code. Proof of concept code included.
3314be7d12f71ac43757fa38c7b5d582d33d0a31d034dd7a8a87b9037b9edecbPDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
d13f69404e05f1bc9e2a12eaf81d255fbddf0f38495814da6eb3bdc6b731de4aThe purpose of this paper is to make the reader aware of various Hash Cracking Techniques ranging from Basic to Advanced. The intended audience for this paper is those who have a basic understanding of hash cracking and password hashing algorithms.
6c41eb42dce76b95d64a452addb5a968a83f179dde367f0854ad7f166b86b909This Metasploit module exploits a vulnerability found in PHP Volunteer Management System, versions 1.0.2 and prior. This application has an upload feature that allows an authenticated user to upload anything to the 'uploads' directory, which is actually reachable by anyone without a credential. An attacker can easily abuse this upload functionality first by logging in with the default credential (admin:volunteer), upload a malicious payload, and then execute it by sending another GET request.
a9247fc86c26d352083bf798cdd011abca8e533b47fe3653ae48f91b1a8c9e3bStyleDesign suffers from multiple remote SQL injection vulnerabilities.
790e2d4f1f19a59fff61876bdcff9494a8ffd67f8b3ba8b412908182e572d1bfDrupal Counter third party module version 6.x suffers from a remote SQL injection vulnerability.
87c480a1491ea81dba9377c160920492eb2eca928e4903a8de1d14e8a56cd325
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed