Exploit the possiblities
Showing 1 - 25 of 537 RSS Feed

Files

Mandriva Linux Security Advisory 2007.030
Posted Jan 31, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2007-0493, CVE-2007-0494
MD5 | d06c0a7f871f388b7272710bf3a0e971
msagent-heap.txt
Posted Jan 31, 2007
Authored by Willow | Site coseinc.com

COSEINC Alert - A security researcher of COSEINC Vulnerability Research Lab has discovered that Microsoft Agent has a heap overflow vulnerability. This vulnerability is triggered when Microsoft Agent parses the malformed character file in its uncompressed state in memory, by having an overly large value in a length field. This will lead to an integer overflow during the allocation of buffer. Subsequently, when data is copied to the buffer, the heap overflow will occur. The result is possible remote code execution.

tags | advisory, remote, overflow, code execution
MD5 | 82458ffea0deef0d6dab6da244ba9b38
DRUPAL-SA-2007-005.txt
Posted Jan 31, 2007
Authored by Uwe Hermann | Site drupal.org

Drupal security advisory - Previews on comments were not passed through normal form validation routines, enabling users with the 'post comments' permission and access to more than one input filter to execute arbitrary code. Affected include Drupal 4.7.x versions before Drupal 4.7.6 and Drupal 5.x versions before Drupal 5.1.

tags | advisory, arbitrary
MD5 | ed1adc7b529116a1736f9a8e799514d0
Secunia Security Advisory 23892
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Barroso Berrueta and Alfredo Andres Omella have reported a vulnerability in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
MD5 | 533b7e96a06c5f68c519ec64819d7c6f
Secunia Security Advisory 23914
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has discovered two vulnerabilities in GuppY, which can be exploited by malicious people to compromise vulnerable systems.

tags | advisory, vulnerability
MD5 | ef91ded2cccc56cbd4a5c0d8a7959dec
Secunia Security Advisory 23928
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hai Nam Luke has discovered a vulnerability in Yahoo Messenger, which potentially can be exploited by malicious users to compromise a user's system.

tags | advisory
MD5 | 86a2d10f323db80fd24ccaeb6e0a16f4
Secunia Security Advisory 23940
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ralf S. Engelschall has reported a vulnerability in CVSTrac, which can be exploited by malicious users to conduct SQL injection attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, sql injection
MD5 | db6e0d260bddd2b0fb2ba124379fb600
Secunia Security Advisory 23943
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
MD5 | 4e84470b7fa14bc18514d0775b13dcda
Secunia Security Advisory 23948
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - adex has discovered a vulnerability in MAXdev MD-Pro, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 1f092143b903d703fec2a421d2ac1fd0
Secunia Security Advisory 23960
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Drupal, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 03b0c53c56b1650f6c16ccdce38c4a7d
Secunia Security Advisory 23968
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - GolD_M has discovered a vulnerability in Webfwlog, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 24a6e4f2e53d9f6e23dcc8ec4f7dae88
Secunia Security Advisory 23974
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
MD5 | fb4dfe93ef7e48a36d923269d3e8012c
Secunia Security Advisory 23976
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libsoup. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
MD5 | af9b801c25a111a9ef3548a78c30858a
Secunia Security Advisory 23979
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun Java System Access Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, java, xss
MD5 | 37247f78537f6e826facb6a136435985
Secunia Security Advisory 23990
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vbDrupal, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 82b11721831bdb8d313db483fd5673ee
Secunia Security Advisory 23991
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a vulnerability and a security issue in Avaya CMS / IR, which can be exploited by malicious, local users to disclose sensitive information or potentially gain escalated privileges.

tags | advisory, local
MD5 | 7ff8bb668475ac79007578209d8fa809
Secunia Security Advisory 23992
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - DeltahackingTEAM has discovered a vulnerability in phpIndexPage, which can be exploited by malicious people to compromise vulnerable systems.

tags | advisory
MD5 | 1512746090ae5cdf1f511b88b38ee148
Secunia Security Advisory 23993
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in NX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | cc4949e46cd23403439a7f429939eff2
OpenPKG Security Advisory 2007.8
Posted Jan 30, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - Ralf S. Engelschall from OpenPKG GmbH discovered a Denial of Service (DoS) vulnerability in the CVS/Subversion/Git Version Control System (VCS) frontend CVSTrac, version 2.0.0.

tags | advisory, denial of service
advisories | CVE-2007-0347
MD5 | 0b5659d03a1c3f75f54ba3f47f82e56d
cvstrac200-dos.txt
Posted Jan 30, 2007
Authored by Ralf S. Engelschall | Site engelschall.com

A denial of service vulnerability exists in CVSTrac version 2.0.0.

tags | advisory, denial of service
advisories | CVE-2007-0347
MD5 | c6c3dbcb035364359371caa0c802a879
phorum-xss.txt
Posted Jan 30, 2007
Authored by DoZ | Site hackerscenter.com

Phorum version 5.1.18 is susceptible to cross site scripting attacks.

tags | advisory, xss
MD5 | aeb6051d17c3c1a7d5baac06583990e5
OpenPKG Security Advisory 2007.7
Posted Jan 30, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - As confirmed by vendor security advisories, two security issues exist in the DNS server BIND, versions up to 9.3.4. The first issue is a "use after free" vulnerability which allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors that cause BIND to "dereference (read) a freed fetch context". The second issue allows remote attackers to cause a Denial of Service (DoS) via a type "*" (ANY) DNS query response that contains multiple resource record (RR) sets in the answer section, which triggers an assertion error. To be vulnerable you need to have enabled DNSSEC validation in the configuration by specifying "trusted-keys".

tags | advisory, remote, denial of service
advisories | CVE-2007-0493, CVE-2007-0494
MD5 | ef98c338e7f5a017b8877bfeaad6e259
Debian Linux Security Advisory 1254-1
Posted Jan 30, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1254-1 - It was discovered that the Bind name server daemon is vulnerable to denial of service by triggering an assertion through a crafted DNS query. This only affects installations which use the DNSSEC extensions. Please note that the CVE listed in this advisory is incorrect.

tags | advisory, denial of service
systems | linux, debian
MD5 | b907768273ac2898bec098b21758ca35
Gentoo Linux Security Advisory 200701-25
Posted Jan 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-25 - Multiple memory corruption vulnerabilities have been found in the ProcDbeGetVisualInfo() and the ProcDbeSwapBuffers() of the DBE extension, and ProcRenderAddGlyphs() in the Render extension. Versions less than 1.1.1-r4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | 7b32d79997096fb64e0c1d9f92b12c2b
Debian Linux Security Advisory 1253-1
Posted Jan 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1253-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. Several vulnerabilities in the JavaScript engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. A bug in the js_dtoa function allows remote attackers to cause a denial of service. "shutdown" discovered a vulnerability that allows remote attackers to gain privileges and install malicious code via the watch JavaScript function. Steven Michaud discovered a programming bug that allows remote attackers to cause a denial of service. "moz_bug_r_a4" reported that the src attribute of an IMG element could be used to inject JavaScript code.

tags | advisory, remote, denial of service, arbitrary, javascript, vulnerability
systems | linux, debian
advisories | CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503
MD5 | 71853013fa9f3eebef5078c94aff5f90
Page 1 of 22
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
FCC Blocks LEA Net Neutrality Comment Investigation
Posted Dec 13, 2017

tags | headline, government, usa, russia, fraud
Starbucks Wi-Fi Makes Computers Mine Cryptocurrency
Posted Dec 13, 2017

tags | headline, hacker, wireless, fraud, cryptography
Put Down The Eggnog, It's Patch Tuesday
Posted Dec 13, 2017

tags | headline, microsoft, flaw, patch
Archive Of 1.4 Billion Creds Found On Dark Web
Posted Dec 12, 2017

tags | headline, hacker, data loss, password
MoneyTaker Steals Millions From US, UK, Russian Banks
Posted Dec 12, 2017

tags | headline, malware, bank, usa, britain, russia, cybercrime, fraud
Web Pioneers Plead To Cancel US Net Vote
Posted Dec 12, 2017

tags | headline, government, usa, fraud
Google Releases Tool To Help iPhone Hackers
Posted Dec 12, 2017

tags | headline, hacker, phone, google, apple
Language Bugs Infest Downstream Software
Posted Dec 11, 2017

tags | headline, flaw
German Spy Agency Warns Of Chinese LinkedIn Espionage
Posted Dec 11, 2017

tags | headline, government, china, cyberwar, germany, spyware, social
Dynamics 365 Sandbox Leaked TLS Certificates
Posted Dec 11, 2017

tags | headline, privacy, microsoft, data loss, flaw, cryptography
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close