| |
|
Packet Storm Security Last 20
Last Downloaded: Tue, 09 Feb 2010 08:34:30 GMT. |
 |
 |
|
| |
HPSBUX02503-SSRT100019.txt HP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, privilege escalation, and Denial of Service (DoS). |
| |
MDVSA-2010-034.txt Mandriva Linux Security Advisory 2010-034 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. Additionally, the Linux kernel was updated to the stable release 2.6.27.45. |
| |
nightdahack2010-cfp.txt Night Da Hack 2010 Call For Proposals - This conference will take place from 4 PM through 7 AM, June 19th through the 20th, 2010 in Paris, France. |
| |
CORELAN-10-010.txt GeFest Web HomeServer version 1.0 suffers from a directory traversal vulnerability. |
| |
wsnguestdb-disclose.txt WSN Guest Database appears to suffer from a database disclosure vulnerability. |
| |
bluedove-sql.txt Blue Dove suffers from a remote SQL injection vulnerability. |
| |
synspam_0.4.0-1.tar.gz Synspam uses Netfilter NFQUEUE to catch the source IP address of any machine connecting to your mail server, running multiple tests against it possible, a scoring system is used. If the source IP address is believed to be a spammer IP address, the connection can be dropped. There is a dry run mode if you just want to test it, which is the default. |
| |
as3flexdb-sqldisclose.txt AS3FlexDB suffer from remote database login information disclosure and remote SQL execution vulnerabilities. |
| |
HPSBMA02487-SSRT100024.txt HP Security Bulletin - A potential vulnerability has been identified with HP Operations Agent running on Solaris 10. The vulnerability could be exploited remotely to gain unauthorized access. |
| |
jdownloader-exec.txt JDownloader versions below 2010-01-25 with Click n Load 2 support suffer from a code execution vulnerability. Proof of concept included. |
| |
DSECRG-09-065.txt TVUPlayer version 2.4.9beta build 1797 suffers from an Active-X insecure method vulnerability. |
| |
sapone_fc.tar.bz2 Remote exploit for SAP MaxDB versions 7.6.03 build 007 and below which suffer from a pre-authentication remote code execution vulnerability. This version has been updated by FortConsult A/S to use the same byte code as the Nessus plugin. |
| |
sipwitch-0.7.0.tar.gz GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate. |
| |
uigabp-sqlxss.txt Uiga Business Portal suffers from cross site scripting and remote SQL injection vulnerabilities. |
| |
cve-2010-0453.c This is a denial of service (kernel panic) proof of concept exploit for the UCODE_GET_VERSION ioctl NULL pointer dereference vulnerability on Solaris / OpenSolaris. |
| |
exponentcms-sql.txt Exponent CMS version 0.96.3 suffers from a remote SQL injection vulnerability. This really old version has been known vulnerable to various issues since 2005. |
| |
mongoose28-disclose.txt Mongoose version 2.8 seems to suffer from yet another source disclosure vulnerability. |
| |
belkatalog-sql.txt Belkatalog CMS suffers from a remote SQL injection vulnerability. |
| |
zentracking-sql.txt Zen Tracking versions 2.2 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass. |
| |
baalsystems-sql.txt Baal Systems version 3.8 suffers from a remote SQL injection vulnerability that allows for authentication bypass. |
