Suricata IDPE 1.4.6
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6...
View ArticleZeroShell Remote Code Execution
This Metasploit module exploits a vulnerability found in ZeroShell 2.0 RC2 and lower. It will leverage an unauthenticated local file inclusion vulnerability in the "/cgi-bin/kerbynet" url. The file...
View ArticleZabbix 2.0.5 Password Leak
Zabbix version 2.0.5 suffers from an issue where it allows for the disclosure of a user's password.
View ArticleCisco Security Advisory 20130925-ipv6vfr
Cisco Security Advisory - A vulnerability in the implementation of the virtual fragmentation reassembly (VFR) feature for IP version 6 (IPv6) in Cisco IOS Software could allow an unauthenticated,...
View ArticleX2CRM 3.4.1 Cross Site Scripting / Local File Inclusion
X2CRM version 3.4.1 suffers from cross site scripting and local file inclusion vulnerabilities.
View ArticleCisco Security Advisory 20130925-nat
Cisco Security Advisory - The Cisco IOS Software implementation of the network address translation (NAT) feature contains three vulnerabilities when translating IP packets that could allow an...
View ArticleHP Security Bulletin HPSBMU02872 SSRT101185 2
HP Security Bulletin HPSBMU02872 SSRT101185 2 - Potential security vulnerabilities have been identified with HP Service Manager Web Tier running on Windows. Service Manager Web Tier is vulnerable to...
View ArticleCisco Security Advisory 20130925-cce
Cisco Security Advisory - A vulnerability in the Zone-Based Firewall (ZBFW) component of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected device to hang or...
View ArticleCisco Security Advisory 20130925-ntp
Cisco Security Advisory - A vulnerability in the implementation of the Network Time Protocol (NTP) feature in Cisco IOS Software could allow an unauthenticated, remote attacker to cause an affected...
View ArticleMandriva Linux Security Advisory 2013-240
Mandriva Linux Security Advisory 2013-240 - Multiple security vulnerabilities exist due to improper sanitation of user input in GLPI versions prior to 0.83.9, 0.83.91, and 0.84.2. This update provides...
View ArticleCisco Security Advisory 20130925-wedge
Cisco Security Advisory - A vulnerability in the T1/E1 driver queue implementation of Cisco IOS Software could allow an unauthenticated, remote attacker to cause an interface wedge condition, which...
View ArticleGentoo Linux Security Advisory 201309-17
Gentoo Linux Security Advisory 201309-17 - Multiple vulnerabilities have been discovered in Monkey HTTP Daemon, the worst of which could result in arbitrary code execution. Versions less than 1.2.2 are...
View ArticleCisco Security Advisory 20130925-dhcp
Cisco Security Advisory - A vulnerability in the DHCP implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS)...
View ArticleNodejs js-yaml load() Code Execution
For node.js applications that parse user-supplied YAML input using the load() function from the 'js-yaml' package versions below 2.0.5, specifying a self-executing function allows us to execute...
View ArticleGentoo Linux Security Advisory 201309-18
Gentoo Linux Security Advisory 201309-18 - Multiple vulnerabilities have been found in libvirt, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than...
View ArticleMandriva Linux Security Advisory 2013-241
Mandriva Linux Security Advisory 2013-241 - The Crypt::DSA module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to...
View ArticleRed Hat Security Advisory 2013-1285-01
Red Hat Security Advisory 2013-1285-01 - The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and...
View ArticleGentoo Linux Security Advisory 201309-19
Gentoo Linux Security Advisory 201309-19 - A vulnerability in TPP might allow a remote attacker to execute arbitrary code. Versions less than 1.3.1-r2 are affected.
View ArticleCisco Security Advisory 20130925-ike
Cisco Security Advisory - A vulnerability in the Internet Key Exchange (IKE) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory...
View ArticleCisco Security Advisory 20130925-rsvp
Cisco Security Advisory - A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger...
View ArticleDebian Security Advisory 2764-1
Debian Linux Security Advisory 2764-1 - Daniel P. Berrange discovered that incorrect memory handling in the remoteDispatchDomainMemoryStats() function could lead to denial of service.
View Article