[ GLSA 201201-01 ] phpMyAdmin: Multiple vulnerabilities

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201201-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

Revised IETF I-D: Advice on IPv6 RA-Guard Implementation

Folks, We've published the IETF I-D Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard). It is available at: http://www.ietf.org/id/draft-gont-v6ops-ra-guard-implementation-00.txt This I-D is based on our original I-D draft-gont-v6ops-ra-guard-evasion-01, but now focuses on

HServer webserver - Directory Traversal Vulnerability

Title: HServer webserver - Directory Traversal Vulnerability Software : HServer webserver Software Version : 0.1.1 Vendor: http://www.luizpicanco.com/index.php?s=hserver http://code.google.com/p/hserver/ Vulnerability Published : 2012-01-05 Vulnerability Update Time : Status :

NGS00109 Technical Advisory: Remote Code Execution in ImpressPages CMS

=== Summary === Name: Remote code execution in ImpressPages CMS Release Date: 5 January 2012 Reference: NGS00109 Discoverer: David Middlehurst david.middlehu...@ngssecure.com Vendor: ImpressPages Vendor Reference: Systems Affected: ImpressPages CMS 1.0.12 Risk: High Status: Published

NGS00106 Technical Advisory: Increased exploitation of Oracle GlassFish Server Administration Console Remote Authentication Bypass Vulnerability

=== Summary === Name: Increased exploitation of Oracle GlassFish Server Administration Console Remote Authentication Bypass Vulnerability Release Date: 5 January 2012 Reference: NGS00106 Discoverer: David Spencer david.spen...@ngssecure.com Vendor: Oracle Vendor Reference: Systems

SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2

SEC Consult Vulnerability Lab Security Advisory 20120104-0 === title: Multiple critical vulnerabilities in Apache Struts2 product: Apache Struts2 * OpenSymphony XWork

Ggb Guestbook - XSS Vulnerabilities

Title: Ggb Guestbook - XSS Vulnerabilities Software : Ggb Guestbook Software Version : 0.3.1 Vendor: http://gelin.ru/soft/project/ggb/ http://code.google.com/p/ggbook/ Vulnerability Published : 2012-01-05 Vulnerability Update Time : Status : Impact : Medium Bug Description : Ggb

VLC media player v1.1.11 (.amr) Local Crash PoC

#!/usr/bin/perl ## # Exploit Title: VLC media player v1.1.11 (.amr) Local Crash PoC # Date: 04.01.2012 # Author: Fabi@habsec (hap...@gmail.com) # Software Link: http://sourceforge.net/projects/vlc/files/1.1.11/win32/vlc-1.1.11-win32.exe # Version: 1.1.11 # Tested on: Windows 7 x86 English # #

VertrigoServ 2.25 Cross-Site-Scripting vulnerability

Advisory: VertrigoServ 2.25 Cross-Site-Scripting vulnerability Advisory ID:INFOSERVE-ADV2011-11 Author: Stefan Schurtz Contact:secur...@infoserve.de Affected Software: Successfully tested on VertrigoServ 2.25 Vendor URL:

SQLiteManager 1.2.4 Multiple Cross-Site-Scripting vulnerabilities

Advisory: SQLiteManager 1.2.4 Multiple Cross-Site-Scripting vulnerabilities Advisory ID:INFOSERVE-ADV2011-12 Author: Stefan Schurtz Contact:secur...@infoserve.de Affected Software: Successfully tested on SQLiteManager 1.2.4 Vendor