Section: .. / Last 20 Files /
| /// File Name: | USN-913-1.txt | Description:
| Ubuntu Security Notice 913-1 - It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 8.10 and 9.04. It was discovered that libpng did not properly handle certain excessively compressed PNG images. If a user or automated system were tricked into processing a crafted PNG image, an attacker could possibly use this flaw to consume all available resources, resulting in a denial of service. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 17736 | | Related CVE(s): | CVE-2009-2042, CVE-2010-0205 | | Last Modified: | Mar 16 20:04:21 2010 | | MD5 Checksum: | e34dd3abb0e2d79fb917042a37af2af6 |
|
| /// File Name: | argosoft-traversal.txt | Description:
| ArGoSoft FTP Server .NET version 1.0.2.1 suffers from a directory traversal vulnerability. | | Author: | dmnt | | File Size: | 432 | | Last Modified: | Mar 16 20:01:06 2010 | | MD5 Checksum: | bb8f51d72fd0b584647dd84d190a595a |
|
| /// File Name: | dff-0.5.0-src.tar.gz | Description:
| DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules. | | Author: | Christophe M.,Solal J. | | Homepage: | http://www.digital-forensic.org/ | | Changes: | This release includes several bugfixes and a new API and graphical features: file carving with an enhanced algorithm, a complete rewrite of the hexadecimal viewer, research functions in the API, a new gallery viewer with speed improvements, a partition mapper that allows extended partitions to be added, and automation capabilities based on MIME type for improved GUI navigation. | | File Size: | 2838773 | | Last Modified: | Mar 16 19:57:44 2010 | | MD5 Checksum: | ae8674a3ec7268d1f500bb5eb5a828bc |
|
| /// File Name: | CORE-2009-0803.txt | Description:
| Core Security Technologies Advisory - A vulnerability found in the memory management of the Virtual Machine Monitor makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system. | | Author: | Core Security Technologies,Diego Juarez,Nicolas A. Economou | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 36508 | | Last Modified: | Mar 16 19:53:29 2010 | | MD5 Checksum: | 936c26e59571a54c68f677c92c973253 |
|
| /// File Name: | CORELAN-10-013.txt | Description:
| Windisc version 1.3 suffers from a stack buffer overflow vulnerability. Full exploit code included. | | Author: | Rick | | Homepage: | http://www.corelan.be/ | | File Size: | 11031 | | Last Modified: | Mar 16 19:51:52 2010 | | MD5 Checksum: | ae169a1b3bef09878c6b43b25193a365 |
|
| /// File Name: | fckeditor-shell.txt | Description:
| FCKEditor version 2.0 RC3 suffers from a shell upload vulnerability. | | Author: | Aodrulez | | File Size: | 935 | | Last Modified: | Mar 16 19:48:58 2010 | | MD5 Checksum: | b59c2afa640cc668f579fb57c3dac4e0 |
|
| /// File Name: | USN-912-1.txt | Description:
| Ubuntu Security Notice 912-1 - It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 15508 | | Related CVE(s): | CVE-2008-5824 | | Last Modified: | Mar 16 19:47:32 2010 | | MD5 Checksum: | cea5bb89800954462cbfdec1bfb278eb |
|
| /// File Name: | ZDI-10-032.txt | Description:
| Zero Day Initiative Advisory 10-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP MaxDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serv.exe process which listens by default on TCP port 7210. The process trusts a value from a handshake packet and uses it as a length when copying data to the stack. If provided a malicious value and packet data, this can be leveraged to execute arbitrary code under the context of the SYSTEM user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2648 | | Last Modified: | Mar 16 19:47:16 2010 | | MD5 Checksum: | e2375d89695fe12b1a00cc15adebefb0 |
|
| /// File Name: | clantigercms-xsrf.txt | Description:
| Clan Tiger CMS suffers from a cross site request forgery vulnerability. | | Author: | Pratul Agrawal | | File Size: | 1699 | | Last Modified: | Mar 16 19:46:20 2010 | | MD5 Checksum: | 8ac6d6d229428e13402d0a1955b048ba |
|
| /// File Name: | chillycms-xss.txt | Description:
| Chilly CMS suffers from a persistent cross site scripting vulnerability. | | Author: | Pratul Agrawal | | File Size: | 3159 | | Last Modified: | Mar 16 19:45:12 2010 | | MD5 Checksum: | e97b751f44416cb2cc09edb43df20446 |
|
| /// File Name: | chillycms-xsrf.txt | Description:
| Chilly CMS suffers from a cross site request forgery vulnerability. | | Author: | Pratul Agrawal | | File Size: | 1737 | | Last Modified: | Mar 16 19:44:18 2010 | | MD5 Checksum: | 6f5f88f67ef821bb958d06369419b319 |
|
| /// File Name: | wftpdkill.py.txt | Description:
| WFTPD version 3.3 remote unhandled exception denial of service exploit. | | Author: | dmnt | | File Size: | 1323 | | Last Modified: | Mar 16 19:43:06 2010 | | MD5 Checksum: | 8323be9aa4f257a477d0cf841e451e32 |
|
| /// File Name: | sugarcrm-xss.txt | Description:
| SugarCRM versions prior to 5.5.0a and 5.2.0l suffer from a cross site scripting vulnerability. | | Author: | Jeromie Jackson | | File Size: | 2111 | | Related CVE(s): | CVE-2010-0465 | | Last Modified: | Mar 16 19:41:43 2010 | | MD5 Checksum: | 65028fdd56e01094100a9af2f5680c25 |
|
| /// File Name: | ZDI-10-031.txt | Description:
| Zero Day Initiative Advisory 10-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a failure to unregister a callback pointer during the destruction of a particular type of element when embedded inside a 'blink' container. The application dereferences the original resource which can can be leveraged by an attacker to execute arbitrary code under the context of the current user. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 2910 | | Last Modified: | Mar 16 19:40:43 2010 | | MD5 Checksum: | 43ec94b162ba7d2b0766fafde3e3e294 |
|
| /// File Name: | ossim22-exec.pdf | Description:
| CYBSEC Security Advisory - OSSIM version 2.2 suffers from a remote command execution vulnerability. | | Author: | Nahuel Grisolia | | Homepage: | http://www.cybsec.com/ | | File Size: | 65714 | | Last Modified: | Mar 16 19:33:55 2010 | | MD5 Checksum: | d41bdbe4b05ef8ac976280685a559ab9 |
|
| /// File Name: | ossim22-upload.pdf | Description:
| CYBSEC Security Advisory - OSSIM version 2.2 suffers from an arbitrary file upload vulnerability. | | Author: | Nahuel Grisolia | | Homepage: | http://www.cybsec.com/ | | File Size: | 64759 | | Last Modified: | Mar 16 19:33:50 2010 | | MD5 Checksum: | 0d2575f09ecdeab1d769bcad45a27d0a |
|
| /// File Name: | ossim22-download.pdf | Description:
| CYBSEC Security Advisory - OSSIM version 2.2 suffers from an arbitrary file download vulnerability. | | Author: | Nahuel Grisolia | | Homepage: | http://www.cybsec.com/ | | File Size: | 65669 | | Last Modified: | Mar 16 19:33:44 2010 | | MD5 Checksum: | c1260392b7369292d9f6003b0d6b7963 |
|
| /// File Name: | egroupware-exec.pdf | Description:
| CYBSEC Security Advisory - EGroupware suffers from a remote command execution vulnerability. Versions 1.4.001 / 1.4.002 / 1.6.001 / 1.6.002 and Premium Line versions 9.1 and 9.2 are affected. | | Author: | Nahuel Grisolia | | Homepage: | http://www.cybsec.com/ | | File Size: | 377524 | | Last Modified: | Mar 16 19:34:21 2010 | | MD5 Checksum: | cd3392e71ec7dd6cd61ee3e6df2f1390 |
|
| /// File Name: | egroupware-xss.pdf | Description:
| CYBSEC Security Advisory - EGroupware suffers from a reflected cross site scripting vulnerability. Versions 1.4.001 / 1.4.002 / 1.6.001 / 1.6.002 and Premium Line versions 9.1 and 9.2 are affected. | | Author: | Nahuel Grisolia | | Homepage: | http://www.cybsec.com/ | | File Size: | 377386 | | Last Modified: | Mar 16 19:34:12 2010 | | MD5 Checksum: | edcf883b64ba6f5440633f8c051e01dc |
|
| /// File Name: | occms-sql.txt | Description:
| Online Community CMS By I-net suffers from a remote SQL injection vulnerability. | | Author: | Th3 RDX | | File Size: | 2999 | | Last Modified: | Mar 16 19:32:47 2010 | | MD5 Checksum: | c953d33ead51b48209a45fa2489cdd63 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
