the original cloud security
Showing 1 - 25 of 591 RSS Feed

Files

Technical Cyber Security Alert 2007-334A
Posted Dec 2, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-334A - Apple QuickTime contains a buffer overflow vulnerability in the way QuickTime processes Real Time Streaming Protocol (RTSP) streams. Exploitation of this vulnerability could allow an attacker to execute arbitrary code.

tags | advisory, overflow, arbitrary, protocol
systems | apple
MD5 | af3a90f973dacfd90526128ee0e21b9e
realpdos.txt
Posted Dec 2, 2007
Authored by Abed Adonis | Site safehack.com

Realplayer 11 suffers from a denial of service condition related to ActiveX.

tags | advisory, denial of service, activex
MD5 | 5602ec9844f03bb434ca6ddf3914db67
Mandriva Linux Security Advisory 2007.224
Posted Nov 30, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service. As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges. This update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572.

tags | advisory, remote, denial of service, overflow, arbitrary, root
systems | linux, mandriva
advisories | CVE-2007-5398, CVE-2007-4572
MD5 | 35c3dfda88c38965355ccbfee1082a66
Ubuntu Security Notice 549-1
Posted Nov 30, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 549-1 - Various integer overflows, arbitrary code execution, and denial of service vulnerabilities have been fixed in PHP 5.

tags | advisory, denial of service, overflow, arbitrary, php, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2007-1285, CVE-2007-2872, CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4670, CVE-2007-5898, CVE-2007-5899
MD5 | 480e0abf31a634a029d87570b870ea34
AST-2007-026.txt
Posted Nov 30, 2007
Authored by Tilghman Lesher | Site asterisk.org

Asterisk Project Security Advisory - A SQL injection vulnerability exists in Asterisk versions prior to 1.4.15. Input buffers were not properly escaped when providing the ANI and DNIS strings to the Call Detail Record Postgres logging engine. An attacker could potentially compromise the administrative database containing users' usernames and passwords used for SIP authentication, among other things.

tags | advisory, sql injection
MD5 | c6c1a7986ed7ead3dab0bea6978ffb05
AST-2007-025.txt
Posted Nov 30, 2007
Authored by P. Chisteas, Tilghman Lesher | Site asterisk.org

Asterisk Project Security Advisory - A SQL injection vulnerability exists in Asterisk versions prior to 1.4.15. Input buffers were not properly escaped when providing lookup data to the Postgres Realtime Engine. An attacker could potentially compromise the administrative database containing users' usernames and passwords used for SIP authentication, among other things.

tags | advisory, sql injection
MD5 | ffa2808110235fd54fffd855e12201bc
FreeBSD-SA-07-10.gtar.txt
Posted Nov 30, 2007
Site security.freebsd.org

FreeBSD Security Advisory - Insufficient sanity checking of paths containing '.' and '..' allows gtar to overwrite arbitrary files on the system.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2007-4131
MD5 | bc93f9ccc2af18609b0279202b3894a1
FreeBSD-SA-07-09.random.txt
Posted Nov 30, 2007
Site security.freebsd.org

FreeBSD Security Advisory - Under certain circumstances, a bug in the internal state tracking on the random and urandom devices can be exploited to allow replaying of data distributed during subsequent reads.

tags | advisory
systems | freebsd
advisories | CVE-2007-6150
MD5 | 1a8e43d82656db1e04719bae42deb95b
Debian Linux Security Advisory 1409-3
Posted Nov 30, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1409-3 - This update fixes all currently known regressions introduced with the previous two revisions of DSA-1409. Several local/remote vulnerabilities have been discovered in samba, a LanManager-like file and printer server for Unix. Alin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges. Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary, local, root, vulnerability
systems | linux, unix, debian
advisories | CVE-2007-5398, CVE-2007-4572
MD5 | 35eb85ee31049d6fb7c6321f9ecc5f02
HP Security Bulletin 2007-14.99
Posted Nov 30, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX Apache. The vulnerability could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary
systems | hpux
advisories | CVE-2007-5135
MD5 | 01a4cbc604d81903355a69b1541136cc
HP Security Bulletin 2007-13.19
Posted Nov 30, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS).

tags | advisory, xss
MD5 | e07411d9a1c25a2867dcd1ccdf2f004b
IRM-tibcodos.txt
Posted Nov 30, 2007
Authored by Varun Uppal, Andy Davis - IRMPLC | Site irmplc.com

The TIBCO Rendezvous RVD daemon is vulnerable to a memory leak, which when remotely triggered, prevents any further RV communication until the daemon is manually restarted.

tags | advisory, denial of service, memory leak
MD5 | 33fa196ab9bb365713d31238582bca13
Gentoo Linux Security Advisory 200711-20
Posted Nov 30, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200711-20:04 - Roland Clobus discovered that the Pioneers server may free sessions objects while they are still in use, resulting in access to invalid memory zones. Bas Wijnen discovered an error when closing connections which can lead to a failed assertion. Versions less than 0.11.3-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5933, CVE-2007-6010
MD5 | 2f449d948a4a3611043470e9b3383b10
Secunia Security Advisory 27808
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IRCRASH (Dr.Crash) has reported some vulnerabilities in Softbiz Freelancers Script, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 01da5745346b55ef8654486ad7475bff
Secunia Security Advisory 27829
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Joffrey Czarney has reported a weakness in Cisco Unified IP Phones, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | cisco
MD5 | 11eb767c7465180e59a17f2196a26045
Secunia Security Advisory 27831
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | solaris
MD5 | b6bb32ad6dc69f573422de83b118344e
Secunia Security Advisory 27832
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | solaris
MD5 | 74b52d69f6104bd5b631fb8f44675b1b
Secunia Security Advisory 27837
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in @Mail, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | b06f85dafd733cfe4fd5df0187aa2679
Secunia Security Advisory 27849
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Autonomy Keyview SDK, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | bbe0b2f853eeef12ab2e066b4c89ba7f
Secunia Security Advisory 27852
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - GoLd_M has reported a vulnerability in PHP_CON, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

tags | advisory
MD5 | dba6c13851e8f48f1089380a386f18dc
Secunia Security Advisory 27854
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MhZ91 has discovered two vulnerabilities in Charray's CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 351f90941c5a218c4f204b8d80271937
Secunia Security Advisory 27855
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks or potentially compromise a user's system.

tags | advisory, vulnerability, xss, csrf
systems | linux, fedora
MD5 | ad89063dcfaa50b1470a8115d8aaff0e
Secunia Security Advisory 27856
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for cups, poppler, and tetex. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | abd5c436bae8c817193d8e2049f54e35
Secunia Security Advisory 27857
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for cpio. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
MD5 | 137fe09ab3f186e003af56cbf7074031
Secunia Security Advisory 27858
Posted Nov 30, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | 2eaae8ad5eaef751b5facf464b498903
Page 1 of 24
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close