THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
9fd3cb8f839767be7185e3c62642366d85bb9fec82fdf34d97d8a593c0b535c4Red Hat Security Advisory 2014-0596-01 - The libtasn1 library provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash.
f836b4e6265be37b61ebbaeb05c7c0654914fc9b847e41d68406944ce2824ce7Red Hat Security Advisory 2014-0593-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
e0af259e59818ab241512a60cb69f15bfc958b2f4f82dba792286e8e46eb78aeRed Hat Security Advisory 2014-0595-01 - The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.
be4ccb2c931432b2046f2813b240d9148cd02af051c850e1537fafb04a55bc68Red Hat Security Advisory 2014-0597-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash.
a93d86f1f5060ac79e0f3de5c45e337415845e6a955bd0933312513c4fbafde0Red Hat Security Advisory 2014-0594-01 - The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security. The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.
5383daf04f0ecec5ab448cbfb42ba4c12d0682950ec05432c8551747b9422d50iScan Online Mobile version 2.0.1 suffers from a command injection vulnerability.
a731c6d4bd6164a27e79d1384464ed90749504d9409a83ee5447f1340dd16584Bluetooth Photo-File Share version 2.1 suffers from local file inclusion and remote file upload vulnerabilities.
ba03a04131ebae4b1334c779e09e8be2223c8aa62629469e3302f05132dc4271Transform Foundation Server versions 4.3.1 and 5.2 suffer from a reflective cross site scripting vulnerability.
891b715a94170fd468abbd07c7655472ee14b471ec028d6a9f769e3fee3dff15F*EX version 20140313-1 suffers from HTTP response splitting and cross site scripting vulnerabilities.
4dc3b01fde7c0d86d616433b95f0ae326f207faf8f3d2b9d094c09535ccd6b6eInfoware MapSuite MapAPI versions prior to 1.0.36 and 1.1.49 suffer from a reflective cross site scripting vulnerability.
a0374d8003ffe3e7290f14bab2cc67a1a285a2970e8d9f52c59bd22a87baf3d6Infoware MapSuite MapAPI versions prior to 1.0.36 and 1.1.49 suffer from a server-side request forgery vulnerability.
f817a9ede9c3d3be1b53a712a7d5ad315b452b0e0d7c0f60418a333f6e823954AllReader version 1.0 suffers from a local file inclusion vulnerability.
86da03a60130cf0ffb26d558ecf466aeb1489c6ecac333130056673e4417827cFCKeditor versions 2.6.10 and below suffer from a cross site scripting vulnerability.
2ec48d54bf9a14cbe9ab85def3491fe17cec2d397f640fcfcf655631a9c67d93TigerCom My Assistant version 1.1 suffers from a local file inclusion vulnerability.
e3522c306b0b47851c2701ae94fc8723ad5c8c10e6648ecb1c2f0fe3d9eaa944Infoware MapSuite MapAPI versions prior to 1.0.36 and 1.1.49 suffer from a directory traversal vulnerability.
f187867cdbb5ab804e0b032eec0f21b90b4d473ca96af7c4a66d270aafc547e5VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an input validation error in the "AcroBroker.exe" component when processing local file paths, which could be exploited by attackers to write malicious files to any location on the disk and bypass Adobe Acrobat's sandbox.
ad3287533d595d02f6981ed86baf9f122df0208c06a04a1ab44a7b0e85c867bePrivacy Pro version 1.2 suffers from a local file inclusion vulnerability.
b54e439d3b968769db819c8c71d8260531546f364025a1e7a0c4ba15c98fb50dPHPBTTracker+ version 2.2 suffers from a remote SQL injection vulnerability.
fa7aba15ea97d81250320431b72f208e37edc68b259942c15690e998aadf30a5RSA Adaptive Authentication (Hosted) contains a security fix for a DOM cross site scripting vulnerability that may potentially be exploited as a result of improper input validation in the rsa_fso.swf file. RSA Adaptive Authentication (Hosted) version 11.0 is affected.
fb519bf1c5552b4299cf24beb800b4273768174db4ff04cd6cffb04d2131eb14Files Desk Pro version 1.4 suffers from a local file inclusion vulnerability.
f8df8c9ba58375e5c89b98fca9f1d0fa6d9c8f5d25291aeb2050ac71859b5754NG WifiTransfer Pro version 1.1 suffers from a local file inclusion vulnerability.
582cb0caa7b800b3eec240541ede7b6b7c23ca1a5e21863808c02a9b6214e277Debian Linux Security Advisory 2941-1 - It was discovered that clean_html() function of lxml (pythonic bindings for the libxml2 and libxslt libraries) performed insufficient sanitisation for some non-printable characters. This could lead to cross-site scripting.
280bdc31468dbbfe79487d5f5d96bff6d2824db0211c840de7cf89cd500e8cadDebian Linux Security Advisory 2943-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
14ceb25eecc0ebf2b0e99e958e18bd4f806ab39310e6a3cccdc09f253ced106dDebian Linux Security Advisory 2939-1 - Several vulnerabilities were discovered in the chromium web browser.
8bd1510fc2baf0432374eb30629721f1fd882feb4c32590debd2523d8935400c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed