exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 537 RSS Feed

Files

Mandriva Linux Security Advisory 2007.030
Posted Jan 31, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2007-0493, CVE-2007-0494
SHA-256 | 22104610fef5336817ef5f7591218626c8c9e5e0458b299194943ab75d9d9362
msagent-heap.txt
Posted Jan 31, 2007
Authored by Willow | Site coseinc.com

COSEINC Alert - A security researcher of COSEINC Vulnerability Research Lab has discovered that Microsoft Agent has a heap overflow vulnerability. This vulnerability is triggered when Microsoft Agent parses the malformed character file in its uncompressed state in memory, by having an overly large value in a length field. This will lead to an integer overflow during the allocation of buffer. Subsequently, when data is copied to the buffer, the heap overflow will occur. The result is possible remote code execution.

tags | advisory, remote, overflow, code execution
SHA-256 | c519c6cb74cd3592aa3be74223bb70e4e71cc29f845b8e57a3232f52fef3b460
DRUPAL-SA-2007-005.txt
Posted Jan 31, 2007
Authored by Uwe Hermann | Site drupal.org

Drupal security advisory - Previews on comments were not passed through normal form validation routines, enabling users with the 'post comments' permission and access to more than one input filter to execute arbitrary code. Affected include Drupal 4.7.x versions before Drupal 4.7.6 and Drupal 5.x versions before Drupal 5.1.

tags | advisory, arbitrary
SHA-256 | 2e86ad7cf732e48c2e546b4432795c4809c57b8a13758652be4bc9714527a906
Secunia Security Advisory 23892
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Barroso Berrueta and Alfredo Andres Omella have reported a vulnerability in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | 2fcc511d3d474874902a5e86604a9fbfbfd775b784181b6def0bf854c6f3749c
Secunia Security Advisory 23914
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has discovered two vulnerabilities in GuppY, which can be exploited by malicious people to compromise vulnerable systems.

tags | advisory, vulnerability
SHA-256 | c4dc94d9aed1019347aa5c27fc7c17dc8127cf66ac224874d1da2f6b8baf7eca
Secunia Security Advisory 23928
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hai Nam Luke has discovered a vulnerability in Yahoo Messenger, which potentially can be exploited by malicious users to compromise a user's system.

tags | advisory
SHA-256 | 63cf4ee827317a4f9918136dc392e423a4efe2ffc181b9bc8e01976438d618c6
Secunia Security Advisory 23940
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ralf S. Engelschall has reported a vulnerability in CVSTrac, which can be exploited by malicious users to conduct SQL injection attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, sql injection
SHA-256 | f04bb0a8a6daa469007c4bf3f6f48f0103e5107c47517a02b4a31f2d3e8d8d44
Secunia Security Advisory 23943
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
SHA-256 | b7e60b3ff2bf92643b24b9dc0d4ffa25b849c955f490a8483c72b42a17b436e3
Secunia Security Advisory 23948
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - adex has discovered a vulnerability in MAXdev MD-Pro, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | ffde7b51bb329dc8fe1da5ba97df89a0419cb78a91525c78e70f9bdc8e510f32
Secunia Security Advisory 23960
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Drupal, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 2ea9c2bdd8ed96e174acd44a88ce4b56be0225be5df63b8c5accf629af731246
Secunia Security Advisory 23968
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - GolD_M has discovered a vulnerability in Webfwlog, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 33eb8323cd016df2242cfe981ef5ce65df343eb3d72ea2f8b5e3aefa778f9e9e
Secunia Security Advisory 23974
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | 5ab8ce089cf6a70bd8a262e0035bc088f6c956aa0f6a841a28d81269fcb4aff4
Secunia Security Advisory 23976
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libsoup. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | f4b73dde7fcff3e4150c9411799c258a237bfad375fcaf7e832a91ac436dd8be
Secunia Security Advisory 23979
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun Java System Access Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, java, xss
SHA-256 | e6658ea80341d488604d16c39802545d73c30ab1915509f71a1a4f8e9a100173
Secunia Security Advisory 23990
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in vbDrupal, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | b0ddac3290b8a7127619a936dbc97f8d85af7691bb581af16dc01508a717d50f
Secunia Security Advisory 23991
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a vulnerability and a security issue in Avaya CMS / IR, which can be exploited by malicious, local users to disclose sensitive information or potentially gain escalated privileges.

tags | advisory, local
SHA-256 | b1daa58f31c76545cc14765e06f4510ccf339e98ad2512a412f4aeb03e114b67
Secunia Security Advisory 23992
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - DeltahackingTEAM has discovered a vulnerability in phpIndexPage, which can be exploited by malicious people to compromise vulnerable systems.

tags | advisory
SHA-256 | 9abecfc292f4ac29a96d05415ad94903a4651a2a328ad3e6e2ee74b7ec921864
Secunia Security Advisory 23993
Posted Jan 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in NX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
SHA-256 | 3b40a856a881460d1a87358fa34737ebf74de7e3ca8f98a6f4457c6c475f4086
OpenPKG Security Advisory 2007.8
Posted Jan 30, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - Ralf S. Engelschall from OpenPKG GmbH discovered a Denial of Service (DoS) vulnerability in the CVS/Subversion/Git Version Control System (VCS) frontend CVSTrac, version 2.0.0.

tags | advisory, denial of service
advisories | CVE-2007-0347
SHA-256 | 1db2c81b325a11b28837a0856dc30080a87ebbd7a7462ccc43a328ae1aaabdf4
cvstrac200-dos.txt
Posted Jan 30, 2007
Authored by Ralf S. Engelschall | Site engelschall.com

A denial of service vulnerability exists in CVSTrac version 2.0.0.

tags | advisory, denial of service
advisories | CVE-2007-0347
SHA-256 | c3e819ccb3c01d6ba451eb4cc93f2bda4fecfbbdbff2faf373697b773a92b7c7
phorum-xss.txt
Posted Jan 30, 2007
Authored by DoZ | Site hackerscenter.com

Phorum version 5.1.18 is susceptible to cross site scripting attacks.

tags | advisory, xss
SHA-256 | d7d2b47d9dbdca9ea9a6793b7db5dbf6d0f4a006257debc2f52d2fc35f2f5eee
OpenPKG Security Advisory 2007.7
Posted Jan 30, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - As confirmed by vendor security advisories, two security issues exist in the DNS server BIND, versions up to 9.3.4. The first issue is a "use after free" vulnerability which allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors that cause BIND to "dereference (read) a freed fetch context". The second issue allows remote attackers to cause a Denial of Service (DoS) via a type "*" (ANY) DNS query response that contains multiple resource record (RR) sets in the answer section, which triggers an assertion error. To be vulnerable you need to have enabled DNSSEC validation in the configuration by specifying "trusted-keys".

tags | advisory, remote, denial of service
advisories | CVE-2007-0493, CVE-2007-0494
SHA-256 | efdefa323f0250b7bbccf97b1808ac633e806735791adbf26f360bd1575549c6
Debian Linux Security Advisory 1254-1
Posted Jan 30, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1254-1 - It was discovered that the Bind name server daemon is vulnerable to denial of service by triggering an assertion through a crafted DNS query. This only affects installations which use the DNSSEC extensions. Please note that the CVE listed in this advisory is incorrect.

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 6cd0b28f7a592d03c87e7a76555f16a04e17f15468171c11f59095f9b4adf432
Gentoo Linux Security Advisory 200701-25
Posted Jan 29, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-25 - Multiple memory corruption vulnerabilities have been found in the ProcDbeGetVisualInfo() and the ProcDbeSwapBuffers() of the DBE extension, and ProcRenderAddGlyphs() in the Render extension. Versions less than 1.1.1-r4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | 3fadaad7ec9d1fb7eac7fa1a9be6db52dde726e16a943a5cfc90ae29ac43e978
Debian Linux Security Advisory 1253-1
Posted Jan 29, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1253-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. Several vulnerabilities in the JavaScript engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. A bug in the js_dtoa function allows remote attackers to cause a denial of service. "shutdown" discovered a vulnerability that allows remote attackers to gain privileges and install malicious code via the watch JavaScript function. Steven Michaud discovered a programming bug that allows remote attackers to cause a denial of service. "moz_bug_r_a4" reported that the src attribute of an IMG element could be used to inject JavaScript code.

tags | advisory, remote, denial of service, arbitrary, javascript, vulnerability
systems | linux, debian
advisories | CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503
SHA-256 | 903b8d0b1637e035832fd2e1b4594cbb4040713c207066157a72c19363a420f3
Page 1 of 22
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close