|Advisories | Vulnerabilities | About SecurityWatch||Beta Version -|
06/21/05: GLSA 200506-19 (Low): squirrelmail
SquirrelMail: Several XSS vulnerabilities
06/21/05: GLSA 200506-18 (Low): tor
Tor: Information disclosure
06/21/05: NanoBlogger Plugins Shell Command Injection Vulnerability
A vulnerability has been reported in NanoBlogger, which potentially can be exploited by malicious people to compromise a user's system.
06/21/05: Enterasys Vertical Horizon Switches Two Security Issues
Jacek Lipkowski has reported two security issues in various Enterasys Vertical Horizon switches, which can be exploited by malicious people to gain access to a debugging account, and by malicious users to bypass certain security restrictions.
06/21/05: OpenBSD update for sudo
OpenBSD has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to execute arbitrary commands with escalated privileges.
06/21/05: Fortibus CMS "username" and "ID" SQL Injection Vulnerabilities
Tamer Mohamed Hassan has discovered some vulnerabilities in Fortibus CMS, which can be exploited by malicious people to conduct SQL injection attacks.
06/21/05: Cisco VPN Concentrator Group Name Enumeration Weakness
NTA Monitor has reported a weakness in Cisco VPN 3000 Concentrator, which can be exploited by malicious people to gain knowledge of certain information.
06/21/05: Sudo Arbitrary Command Execution Vulnerability
A vulnerability has been reported in sudo, which can be exploited by malicious, local users to execute arbitrary commands.
06/21/05: i-Gallery "folder" Cross-Site Scripting and Directory Traversal
Seyed Hamid Kashfi has discovered a vulnerability in i-Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose system information.
06/21/05: Novell NetMail File Ownership Security Issue
A security issue has been reported in NetMail, which can be exploited by malicious, local users to delete or replace the NetMail binaries.
06/21/05: Ruby XMLRPC Security Control Flaw May Let Remote Users Execute Arbitrary Commands
06/21/05: Cacti Input Validation Holes Let Remote Users Inject SQL Commands and Execute Arbitrary Commands
06/21/05: Novell NetMail for Linux Access Permissions May Let Local Users Modify the Binaries
06/21/05: Enterasys Vertical Horizon Common Default Password Grants Access to Remote Users
06/21/05: paFAQ Flaws Let Remote Users Download the Database, Inject SQL Commands, Conduct Cross-Site Scripting Attacks, and Execute Arbitrary Code
06/21/05: Novell GroupWise Client Discloses Password to Local Users
06/21/05: Cisco VPN 3000 Lets Remote Users Determine Valid Groupnames
06/21/05: Ublog Reload Input Validation Holes in 'index.asp' Permit SQL Injection and in 'trackback.asp' Permit Cross-Site Scripting Attacks
06/21/05: Heimdal telnetd Buffer Overflow in getterminaltype() Lets Remote Users Execute Arbitrary Code
06/20/05: ATutor subscribe_forum.php us Variable XSS
06/20/05: ATutor tile.php Mutliple Variable XSS
06/20/05: ATutor inbox/index.php view Variable XSS
06/20/05: ATutor send_message.php l Variable XSS
06/20/05: ATutor search.php Multiple Variable XSS
06/20/05: ATutor contact.php subject Variable XSS
06/20/05: ATutor browse.php show_course Variable XSS
06/20/05: ATutor content.php cid Variable XSS
Updated automatically every 10 minutes, 24x7.
SecurityWatch is looking for sponsors in order to help us to maintain and improve the service. Please contact for further information.
SecurityWatch is powered by eBCVG © eBCVG IT Security 2000 - 2005