accept no compromises
Showing 1 - 25 of 664 RSS Feed

Files

Secunia Security Advisory 27431
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and to compromise a user's system.

tags | advisory, vulnerability, xss
systems | linux, gentoo
MD5 | 65c2d22bff07dd9839cdb8d76e5d26a1
Secunia Security Advisory 26372
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in McAfee E-Business Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 6e01bcd28ab562dae28d61d2aadc134d
Secunia Security Advisory 27421
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the Hitachi Web Server, which can be exploited by malicious people to bypass certain security restrictions or conduct cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
MD5 | 3779c93b89c1caaaa8e4d1cd47a63ddc
Secunia Security Advisory 27423
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Mozilla 1.7 for Sun Solaris, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | solaris
MD5 | 95cac8e0eaf2aeb67674e0ff6e3d9251
Secunia Security Advisory 27434
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, gentoo
MD5 | abd3974ca207fecc715dac3d1c9f4410
Zero Day Initiative Advisory 07-064
Posted Nov 1, 2007
Authored by Tipping Point, uvinc | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell software which utilize the Novell Client Trust. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Novell Client Trust application, clntrust.exe, which listens by default on UDP port 3024 on Novell client machines. During a validation request, the Client Trust process copies a user-supplied Novell tree name until a wide-character backslash or a NULL is encountered. If neither is found within the data, the process will copy excess data which later overflows a static buffer during a call to wsprintfA. BorderManager version 3.8 is affected.

tags | advisory, remote, overflow, arbitrary, udp
advisories | CVE-2007-5767
MD5 | b12384a86483796d2e8e69ed87d769bb
Secunia Security Advisory 27441
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apple has acknowledged some vulnerabilities in Apple Xcode, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | apple
MD5 | d18e5ffdf4cbf990198ea17aaabf05e5
Zero Day Initiative Advisory 07-063
Posted Nov 1, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .ra/.ram file or visit a malicious web site. The specific flaw exists during the parsing of files with improperly defined size field in the RA header. Specifying a large unsigned value data can trigger a heap corruption and further result in arbitrary code execution under the context of the logged in user. RealPlayer version 6.x is affected.

tags | advisory, remote, web, arbitrary, code execution
advisories | CVE-2007-2264
MD5 | eb5b90fccb5533e1ccebb7834eb7d15e
Zero Day Initiative Advisory 07-062
Posted Nov 1, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .pls file or visit a malicious web site. The specific flaw exists during the parsing of corrupted playlist files. Malicious corruption causes RealPlayer to call into a static heap address which can be leveraged by an attacker resulting in arbitrary code execution under the context of the logged in user. RealPlayer version 10.5 is affected.

tags | advisory, remote, web, arbitrary, code execution
advisories | CVE-2007-4599
MD5 | 074f8d8d9055f0f6f4efb9f23aa9e401
Zero Day Initiative Advisory 07-061
Posted Nov 1, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in RealPlayer's parsing of SWF files. The SWF rendering DLL RealPlayer uses fails to properly handle malformed record headers leading to an exploitable overflow. An attacker could exploit this vulnerability using an ActiveX control {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} and embedding the malicious swf file in the page or by convincing an affected user to directly open a SWF file using RealPlayer. RealPlayer version 10.5 is affected.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2007-2263
MD5 | aee68c9f10d9fae163e4bcacb449810e
Zero Day Initiative Advisory 07-060
Posted Nov 1, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to access arbitrary files on systems with vulnerable installations of Hewlett-Packard OpenView Radia Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server bound by default to TCP port 3465. Insufficient checks on URLs containing paths such as '~root' allows attackers to access arbitrary files in the underlying OS. Accessing configuration files that contain LDAP and database credentials can lead to further compromise.

tags | advisory, remote, web, arbitrary, root, tcp
advisories | CVE-2007-5413
MD5 | 081c864866913feed72bad6c5a358666
Zero Day Initiative Advisory 07-059
Posted Nov 1, 2007
Authored by Tipping Point, Eric DETOISIEN | Site zerodayinitiative.com

Several vulnerabilities exist in the popular Verity KeyView SDK used in many enterprise applications like IBM Lotus Notes. When parsing several different file formats a standard stack overflow occurs allowing a malicious user to gain complete control of the affected machine under the rights of the currently logged in user. The problem lies when copying user supplied data to a stack based buffer without any boundary conditions.

tags | advisory, overflow, vulnerability
MD5 | d3b624150690115c6237f1905a92f447
Zero Day Initiative Advisory 07-058
Posted Nov 1, 2007
Authored by Joxean Koret, Tipping Point | Site zerodayinitiative.com

This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of Oracle E-Business Suite. Authentication is not required to exploit this vulnerability. E-Business Suite 11 and 12 are affected.

tags | advisory, remote, arbitrary
advisories | CVE-2007-5766
MD5 | 6a128b61e3baa27426a685bf715462aa
Secunia Security Advisory 27233
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in CUPS, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | b1e37921ad3fcf629f38be5540755646
Secunia Security Advisory 27412
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Symantec Altiris Deployment Solution, which can be exploited by malicious, local users to disclose potentially sensitive information and gain escalated privileges.

tags | advisory, local, vulnerability
MD5 | e294228ee555a8545f5c77130108afe2
Secunia Security Advisory 27451
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple Hitachi products, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | 8892db07888d36af3f8167cc9d274884
Secunia Security Advisory 27459
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
MD5 | de7bedc42edc6f7d25c1f899231fb129
Secunia Security Advisory 27464
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in WebSphere Application Server Community Edition, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 1f62d03b3ca97c1e135ba91171fbb396
Secunia Security Advisory 27465
Posted Nov 1, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in AIX, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
systems | aix
MD5 | d91d5280ee0ac96b679a902ed8c9584f
Secunia Security Advisory 27457
Posted Oct 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - L4teral has discovered some vulnerabilities in ILIAS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 54c02b59b499964d36ebb2532bd063ff
Secunia Security Advisory 27410
Posted Oct 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
MD5 | 501846eedb2b415af1989ac9e0bbd397
Secunia Security Advisory 27448
Posted Oct 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged some vulnerabilities in IBM WebSphere, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
MD5 | 72cda1a4617ca6c29f74828003039ab7
Secunia Security Advisory 27461
Posted Oct 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Skien has reported a vulnerability in AirKiosk, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 34ceaa44cd8f4ff26da342d1fa70364a
iDEFENSE Security Advisory 2007-10-31.2
Posted Oct 31, 2007
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 10.31.07 - Remote exploitation of a directory traversal vulnerability in Symantec's Altiris Deployment Solution products could allow attackers to gain read access to arbitrary files hosted on the Altiris server. iDefense confirmed the existence of this vulnerability in Altiris Deployment Solution for Windows version 6.8. The specific vulnerable executable is pxemtftp.exe version 6.8.8297.48.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2007-3874
MD5 | 69c30592d1e81af223bc206a0d0fbd5f
iDEFENSE Security Advisory 2007-10-31.1
Posted Oct 31, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.31.07 - Remote exploitation of an unsafe method vulnerability in Macrovision InstallShield Update Service allows attackers to execute arbitrary code with the privileges of the currently logged-in user. iDefense has confirmed the existence of this vulnerability in versions 5.01.100.47363, and 6.0.100.60146 of Macrovision InstallShield Update Service. Previous versions are also suspected to be vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2007-5660
MD5 | 3addc6c9d8c0ef03f3685cd0202c1a9b
Page 1 of 27
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
UK TV Drama About North Korea Hit By Hackers
Posted Oct 17, 2017

tags | headline, hacker, government, britain, cyberwar, korea
Russia Tweaks Telegram With Tiny Fine For Decryption Denial
Posted Oct 17, 2017

tags | headline, government, privacy, russia, cryptography
Never Mind The WPA2 Drama... Details Emerge Of TPM Key Fail
Posted Oct 17, 2017

tags | headline, wireless, flaw, cryptography
Millions Of High Security Crypto Keys Crippled By Newly Discovered Flaw
Posted Oct 16, 2017

tags | headline, flaw, cryptography
Pizza Hut Latest To Be Hit In Card Data Breach
Posted Oct 16, 2017

tags | headline, hacker, privacy, bank, cybercrime, data loss, fraud
Artificial Intelligence - Hype, Hope, And Fear
Posted Oct 16, 2017

tags | headline, botnet, cyberwar
KRACK Attacks: Breaking WPA2 By Forcing Nonce Reuse
Posted Oct 16, 2017

tags | headline, privacy, phone, wireless, flaw, cryptography
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close