ignore security and it'll go away
Showing 1 - 25 of 588 RSS Feed

Files

Trustix Secure Linux Security Advisory 2005.12
Posted Dec 31, 2005
Authored by Nils Ohlmeier

Sony's Instant Video Everywhere Service is susceptible to a replay attack due to passing credentials over an insecure connection.

tags | advisory
MD5 | 73a73cdb4d539c620160117e2ebcd634
Mandriva Linux Security Advisory 2005.239
Posted Dec 31, 2005
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - newbug discovered a local root vulnerability in the mtink binary, which has a buffer overflow in its handling of the HOME environment variable, allowing the possibility for a local user to gain root privileges.

tags | advisory, overflow, local, root
systems | linux, mandriva
MD5 | 845ab970fdf12a8ef90288b402653923
es263-windows-id.txt
Posted Dec 31, 2005
Authored by Daniel Guido, Michael Aiello | Site michaelaiello.com

Electric Sheep version 2.6.3 suffers from a stack overflow in the windows-id parameter. Note that it is not setuid by default.

tags | advisory, overflow
systems | windows
MD5 | 57e8deff38d9e26fbb051249c8a834b2
es263-network.txt
Posted Dec 31, 2005
Authored by Daniel Guido, Michael Aiello | Site michaelaiello.com

Electric Sheep version 2.6.3 suffers from network related vulnerabilities due to libcurl issues.

tags | advisory, vulnerability
advisories | CVE-2005-3185, CVE-2005-4077
MD5 | 714963b5fa97299d7e3ee7e9376b061d
rssh230.txt
Posted Dec 31, 2005
Authored by Derek Martin | Site pizzashack.org

Max Vozeler reported a flaw in the design of rssh_chroot_helper whereby it can be exploited to chroot to arbitrary directories and thereby gain root access. If rssh is installed on a system, and non-trusted users on that system have access which is not protected by rssh (i.e. they have full shell access), then they can use rssh_chroot_helper to chroot to arbitrary locations in the file system, and thereby gain root access. Versions of rssh below 2.3.0 are affected.

tags | advisory, arbitrary, shell, root
MD5 | 11e00cfb76c2ff401be3ade95fd02ce3
secunia-TUGZip.txt
Posted Dec 31, 2005
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in TUGZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling an ARJ archive containing a file with an overly long filename. This can be exploited to cause a stack-based buffer overflow. Successful exploitation allows arbitrary code execution when a malicious ARJ file is opened. The vulnerability has been confirmed in version 3.4.0.0. Other versions may also be affected.

tags | advisory, overflow, arbitrary, code execution
MD5 | 6bcfd9fc3e40b90911825d83324b5172
lotusWMF.txt
Posted Dec 31, 2005
Site nist.org

Lotus Notes uses the same vulnerable shimgvw.dll graphics rendering engine file implicated in the Microsoft WMF file handling vulnerability.

tags | advisory
MD5 | 3ba22068788d9ab491e5ca16b4f771b3
Gentoo Linux Security Advisory 200512-18
Posted Dec 31, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200512-18 - Krzysiek Pawlik of Gentoo Linux discovered that the XnView package for IA32 used the DT_RPATH field insecurely, causing the dynamic loader to search for shared libraries in potentially untrusted directories. Versions less than 1.70-r1 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 3615ebb73087a0fa4ec281872f8b3542
Hardened-PHP Project Security Advisory 2005-26.111
Posted Dec 31, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

Hardened-PHP Project Security Advisory - TinyMCE Compressor versions 1.0.5 and below suffer from an unchecked user input vulnerability that can allow for cross site scripting and disclosure of arbitrary files.

tags | advisory, arbitrary, php, xss
MD5 | 42ec72f2e7ceb6457f3427f819f6eba0
Gentoo Linux Security Advisory 200512-17
Posted Dec 31, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200512-17 - Max Vozeler discovered that the scponlyc command allows users to chroot into arbitrary directories. Furthermore, Pekka Pessi reported that scponly insufficiently validates command-line parameters to a scp or rsync command. Versions less than 4.2 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
MD5 | 533ceb5a68f972d02f90a742b6cf4035
Debian Linux Security Advisory 927-2
Posted Dec 31, 2005
Authored by Debian | Site debian.org

Debian Security Advisory DSA 927-2 - The last update of tkdiff contained a programming error which is fixed by this version. The Debian Security Audit project discovered that tkdiff, a graphical side by side "diff" utility, creates temporary files in an insecure fashion.

tags | advisory
systems | linux, debian
MD5 | 4a29dfe1e923b49ef0ddfe06b3c1e028
Technical Cyber Security Alert 2005-362A
Posted Dec 31, 2005
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA05-362A - Microsoft Windows is vulnerable to remote code execution via an error in handling files using the Windows Metafile image format. Exploit code has been publicly posted and used to successfully attack fully-patched Windows XP SP2 systems. However, other versions of the the Windows operating system may be at risk as well.

tags | advisory, remote, code execution
systems | windows, xp
advisories | CVE-2005-4560
MD5 | 9bb91ded608f90556b0b4b7e37d84d84
Secunia Security Advisory 17086
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in TUGZip, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 440a1f9809283c3724c75db80d0aa241
Secunia Security Advisory 18155
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Lostmon has discovered a vulnerability in GFHost and GmailSite, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | f44db7b306d755777257e120b3224c40
Secunia Security Advisory 18232
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Maciejak has reported a vulnerability in NetScreen Security Manager (NSM) which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 454de7ca180e496c0c022aa62c98c4f1
Secunia Security Advisory 18235
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - nelchael has discovered a vulnerability in XnView / NView, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | 24cf3cf1c9b08098881c204d9029ddc4
Secunia Security Advisory 18236
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for scponly. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, or by malicious users to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | linux, gentoo
MD5 | e08d9762b843f418ea6d29cd1505b0f8
Secunia Security Advisory 18240
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for xnview. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, gentoo
MD5 | 88bd7d8910f1a114a3e62e53bec2f769
Secunia Security Advisory 18241
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r0t has discovered a vulnerability in iPei Guestbook, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 20894948ace91b64c145db1137e783f2
Secunia Security Advisory 18242
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r0t has discovered a vulnerability in OOApp Guestbook, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 63bf9cf247369244807d3600a54b5394
Secunia Security Advisory 18244
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r0t has discovered a vulnerability in AdesGuestbook, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 6907911655c48e84081a164af5c918b9
Secunia Security Advisory 18248
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has discovered two vulnerabilities in phpDocumentor, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | a978d2963f701e7cafbfaa7796682ba6
Secunia Security Advisory 18250
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VMware ESX Server, which has an unknown impact.

tags | advisory
MD5 | 5a2a8adb01c927d7efd18ef032c08542
Secunia Security Advisory 18261
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Florian Weimer has discovered a vulnerability in ImageMagick, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 683dc0e8efef8e69c82dbcb2212118c8
Secunia Security Advisory 18262
Posted Dec 31, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Esser has reported some vulnerabilities in TinyMCE compressor, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
MD5 | ee4102381b8fe9d76f528aa2afaef2b3
Page 1 of 24
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
Child Safety Smartwatches Easy To Hack, Watchdog Says
Posted Oct 18, 2017

tags | headline, privacy, flaw
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Microsoft Never Disclosed 2013 Hack Of Secret Vulnerability Database
Posted Oct 18, 2017

tags | headline, hacker, microsoft, data loss, flaw
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
UK TV Drama About North Korea Hit By Hackers
Posted Oct 17, 2017

tags | headline, hacker, government, britain, cyberwar, korea
Russia Tweaks Telegram With Tiny Fine For Decryption Denial
Posted Oct 17, 2017

tags | headline, government, privacy, russia, cryptography
Never Mind The WPA2 Drama... Details Emerge Of TPM Key Fail
Posted Oct 17, 2017

tags | headline, wireless, flaw, cryptography
Millions Of High Security Crypto Keys Crippled By Newly Discovered Flaw
Posted Oct 16, 2017

tags | headline, flaw, cryptography
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close