Comtrend Router CT-5624 remote root / support password disclosure and change exploit.
f88bd04a8b099f31b8c798590cd329225fab81697add7757cef9329447167836Zero Day Initiative Advisory 11-320 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy iFix HMI/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ihDataArchiver.exe process which listens by default on TCP port 14000. The code within this module trusts a value supplied over the network and uses it as a length when copying user-supplied data to a stack buffer. By providing a large enough value, this buffer can be overflowed leading to arbitrary code execution under the context of the user running the service.
8b0df192d4ad1c7db571fa01fea558766e51aa0528dc006fe013249532207c65Cisco CUCM environment and the IP Phone CP-7975G suffer from a directory traversal, have a reversible obfuscation algorithm, security issues related to SCCP, CTFTP, and Voice VLAN separation. Versions 7.0 and 8.0(2) are affected.
17aa1f350cac49473ed6962ed0fc3ece5a0474aa8fa99f6df2c4f4751b652bc7Ubuntu Security Notice 1252-1 - It was discovered that Tomcat incorrectly implemented HTTP DIGEST authentication. An attacker could use this flaw to perform a variety of authentication attacks. Polina Genova discovered that Tomcat incorrectly created log entries with passwords when encountering errors during JMX user creation. A local attacker could possibly use this flaw to obtain sensitive information. This issue only affected Ubuntu 10.04 LTS, 10.10 and 11.04. Various other issues were also addressed.
28aee79644857554f6d36467480b95031c6ebb092461df659ce6ae0eff7d548aRed Hat Security Advisory 2011-1434-01 - This update fixes multiple security flaws in Adobe Reader. A PDF file with an embedded, specially-crafted SWF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. A flaw in Adobe Flash Player could allow an attacker to conduct cross-site scripting (XSS) attacks if a victim were tricked into visiting a specially-crafted web page. Various other issues were also addressed.
2ab97f1016cbda6e49f44636cc860840e76e68c11cd88e2da121b54f11d94324The Lexmark X656de multifunction printer suffers from a remote password disclosure vulnerability.
6f0b0ae716eef7a6fc0485b242d176d9a146bd109f1d952e0a3ecc8b624fb444These are the slides from a presentation called Results of a Security Assessment of the Internet Protocol version 6 (IPv6). It was presented at H2HC 2011.
235e5a42446174bb0aaca07903e927bd0aa9ebe1831174aade73cd8274fb93b3Debian Linux Security Advisory 2340-1 - magnum discovered that the blowfish password hashing used amongst others in PostgreSQL contained a weakness that would give passwords with 8 bit characters the same hash as weaker equivalents.
812e797426abfa1a33e1bdf7cb86b6ef49a42fc8e041694f24b50ef02c0b9f9dDebian Linux Security Advisory 2336-1 - Multiple vulnerabilities were found in the ffmpeg, a multimedia player, server and encoder.
dc2b9970d45982b86e871fc5634a2d87ae725f935f5d8caeb23644a0f8a8994dFacebook A+ Academy suffers from a remote SQL injection vulnerability.
00181d6cd709814063c9de08d37c59956a971a4025105147f42767427f12d3a8iGuard Biometric Access Control suffers from multiple input validation vulnerabilities that can allow for cross site scripting.
74523d19a1d84fe05e4678503b1d3643a36da019ed5c9839e2563d179e167269Secunia Security Advisory - Two vulnerabilities have been reported in Barracuda Link Balancer, which can be exploited by malicious people to conduct cross-site scripting attacks.
a81aa169c44e7d560e415a3f337c4ca4757fdcff2e08706117ce0428a5890cd8Secunia Security Advisory - Gentoo has issued an update for sun-jre-bin, emul-linux-x86-java, and sun-jdk. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, by malicious users to disclose certain information, and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, hijack a user's session, manipulate certain data, conduct DNS cache poisoning attacks, cause a DoS (Denial of Service), and compromise a vulnerable system.
b33b4f83495ea175d67f4fa5a5c759918152a25df09d968252c675b39d8f8b29Secunia Security Advisory - A vulnerability has been reported in UBB.threads, which can be exploited by malicious users to compromise a vulnerable system.
22c3dfbadeb8237d7abc59b4afcd7cf86704873e237fcfa3b47a6b665564f287Secunia Security Advisory - Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
4202a02fb5e56c1325b85d3853bc82f51c7303c7ccba44340a63c1c647c5ddc4Secunia Security Advisory - Mr.PaPaRoSSe has reported a vulnerability in SmartJobBoard, which can be exploited by malicious people to conduct cross-site scripting attacks.
e8a1d35eec749d36233e6d6918cc44ccf61882c1ea3f6baf88db2cf1853025e1Secunia Security Advisory - Multiple vulnerabilities have been reported in Mahara, which can be exploited by malicious users to disclose potentially sensitive information, conduct script insertion attacks, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site request forgery attacks.
39903c0cc6014d83a6236d82859d6dddd2fb9b92691b773b1da18431fa34496aSecunia Security Advisory - Fedora has issued an update for kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
12f135cbd2df51b9c7cf9d4223375c9acc31e7175db6cdf0823ee2fa3e8a8e8eSecunia Security Advisory - Multiple vulnerabilities have been reported in the JEEMA SMS component for Joomla!, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site request forgery attacks.
bfd8fb81dc8993c58c29e01a5b10527f7971b7f79fea8fbf1494d6295d032846Secunia Security Advisory - A vulnerability has been discovered in zenphoto, which can be exploited by malicious people to compromise a vulnerable system.
c7990fc5ad788d4d868247fc6a4b58b058ce8b3fd282aeff43007597f00853ecSecunia Security Advisory - A weakness has been discovered in Apple Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service).
3115109995487857bb5ac49e7cfb02598fbaf76f91014482f19c30143f8ffb6dSecunia Security Advisory - A vulnerability has been reported in Iwate Portal Bar, which can be exploited by malicious people to conduct script insertion attacks.
3e78415b564818418614529ed78a8db381324f35a918c60fbde309878a421b33Secunia Security Advisory - Two vulnerabilities have been reported in the ZTE ZXDSL 831 II modem, which can be exploited by malicious people to conduct cross-site request forgery attacks and to disclose sensitive information.
b7cf4aabea0687bdaa8a7ca61f9c2c8706a71eb41a5961132249781bd082708cSecunia Security Advisory - Hitachi has acknowledged multiple vulnerabilities in Hitachi Cosminexus products, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
4a1fbc20f6efa8bdc03a0dc55803c2275389b4d0b7a8fc4171aadcdcc9aa4361Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
356f06bd51a3dd6d5f2033a9f4583c1b710b7b94af34e64ee9c7c91642ba0eb5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed