exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 604 RSS Feed

Files

Secunia Security Advisory 31231
Posted Jul 28, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Trac, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2fb300e3d8c715ccd9ddbf0bf7dde6b674555ce574b66cf1163ae528afa9c820
Mandriva Linux Security Advisory 2008-155
Posted Jul 28, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16. This update provides the latest Thunderbird to correct these issues. It also provides Thunderbird 2.x for Corporate 3.0 systems. The previous update provided the incorrect version of the enigmail locale files. This version correctly builds them for Thunderbird 2.0.0.16.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799, CVE-2008-2802, CVE-2008-2803, CVE-2008-2807, CVE-2008-2809, CVE-2008-2811
SHA-256 | dbca2c291e326b6ba9c90f4a0212519e0799cfb0cfa010fc788bf50a34fa8c40
Debian Linux Security Advisory 1621-1
Posted Jul 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1621-1 - Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2008-0304, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799, CVE-2008-2802, CVE-2008-2803, CVE-2008-2807, CVE-2008-2809, CVE-2008-2811
SHA-256 | d9e9b17ae430792b3892c2e8cc7aba7e6dc8661a98936f7ac20724829756f2a5
Debian Linux Security Advisory 1620-1
Posted Jul 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1620-1 - Several vulnerabilities have been discovered in the interpreter for the Python language.

tags | advisory, vulnerability, python
systems | linux, debian
advisories | CVE-2007-2052, CVE-2007-4965, CVE-2008-1679, CVE-2008-1721, CVE-2008-1887
SHA-256 | 6e3e15e9e8b3836df02d4373a1b2c87302d63c013578893c8e1e739ccfe98812
Debian Linux Security Advisory 1619-1
Posted Jul 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1619-1 - Multiple weaknesses have been identified in PyDNS, a DNS client implementation for the Python language. Dan Kaminsky identified a practical vector of DNS response spoofing and cache poisoning, exploiting the limited entropy in a DNS transaction ID and lack of UDP source port randomization in many DNS implementations. Scott Kitterman noted that python-dns is vulnerable to this predictability, as it randomizes neither its transaction ID nor its source port. Taken together, this lack of entropy leaves applications using python-dns to perform DNS queries highly susceptible to response forgery.

tags | advisory, udp, spoof, python
systems | linux, debian
advisories | CVE-2008-1447
SHA-256 | ebe12a113c6df6c042ef47a1dba8bec4c568a74767c16910863035f96e4a9dbf
Debian Linux Security Advisory 1618-1
Posted Jul 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1618-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability, ruby
systems | linux, debian
advisories | CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2376
SHA-256 | 18280e047380ecb31bcbcbd6d8fe8de6559af0e4692a69fa5ec3ea2352e79e79
Debian Linux Security Advisory 1616-2
Posted Jul 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1616-2 - This update corrects a packaging and build error in the packages released in DSA-1616-1. Those packages, while functional, did not actually apply the fix intended. This update restores the fix to the package build; no other changes are introduced. Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.

tags | advisory, virus
systems | linux, windows, debian
advisories | CVE-2008-2713
SHA-256 | 51275dc8498a1260ec4a99764c2986c3d3164b4dc36a15ff51cec45f58d14d6a
Mandriva Linux Security Advisory 2008-155
Posted Jul 26, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237, CVE-2008-2785, CVE-2008-2798, CVE-2008-2799, CVE-2008-2802, CVE-2008-2803, CVE-2008-2807, CVE-2008-2809, CVE-2008-2811
SHA-256 | 1a1feb90c9988e61bcb518e33f6acd3b11f0f3d648503d3f2efaccfd1b4f80c9
Zero Day Initiative Advisory 08-047
Posted Jul 26, 2008
Authored by Peter Vreugdenhil, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must visit a malicious web site. The specific flaw exists in the rmoc3260 ActiveX control. Specifying malicious values for the 'Controls' or 'Console' properties with a specific timing results in a memory corruption which can lead to code execution under the context of the current user.

tags | advisory, remote, web, code execution, activex
advisories | CVE-2008-1309
SHA-256 | e5a1b62ac9be31af6068765c6d46144550da0621b7283dcfd5d9530cfd5aafe5
Zero Day Initiative Advisory 08-046
Posted Jul 26, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in RealPlayer's rjbdll.dll module when handling the deletion of media library files. An attacker could exploit this vulnerability using an ActiveX control {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} to import a vulnerable file into the user's media library. Upon deletion of this file, an exploitable stack based buffer overflow can be triggered.

tags | advisory, remote, overflow, arbitrary, activex
SHA-256 | 2d8b4f84809b950729bc6aaba33360d9344f34c731fe1bb7bd34b47bc0023848
Zero Day Initiative Advisory 08-045
Posted Jul 26, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the garbage collection of JavaScript document elements in WebCore. When a CSSStyleSheet object of a style element is copied, and the style element is deallocated, a reference to the ownerNode property of the copied CSSStyleSheet object will result in a heap corruption allowing for the execution of arbitrary code.

tags | advisory, remote, arbitrary, javascript
systems | apple
advisories | CVE-2008-2317
SHA-256 | b433b68fb71e6f89bcc303229b44bf4ed20aa5c9d0698e4e7b03178f568dc5e7
realplayer-exec.txt
Posted Jul 26, 2008
Authored by Elazar Broad

RealPlayer suffers from a vulnerability where the WindowName and Controls properties of rmoc3260.dll do not manage heap memory properly resulting in a use after free condition which can overwrite heap management structures resulting in code execution. RealPlayer 11, 10.5, 10, and Enterprise are all affected.

tags | advisory, code execution
SHA-256 | f4a867bf834fd12002bf185f61e63741d9d542b0daa5b3009f9be2f18b59f04c
SECOBJADV-2008-02.txt
Posted Jul 26, 2008
Authored by Derek Callaway | Site security-objectives.com

Security Objectives Advisory - The Cygwin installation and update process can be subverted to a lack of checksum verification. Cygwin setup.exe version 2.573.2.2 is affected.

tags | advisory
SHA-256 | 7cbfe265f4aef5c957f93a0d315cd5334c327902cc77191d1a586a89fab67f7a
Secunia Security Advisory 31177
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mark Janssen has reported some vulnerabilities in Blackboard Academic Suite, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 47b3f4a6da9fb3d92b8f5d41577a9e3cf8a8404a408bfe476a11d83f99251917
Secunia Security Advisory 31205
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mr.SQL has discovered a vulnerability in Atom PhotoBlog, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | d556e6a7d45a557a94d6f1c200a9ff7718ca4a40e4177f0663651c54d55b6a58
Secunia Security Advisory 31213
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - BlueCat Networks has acknowledged a vulnerability in BlueCat Networks Adonis, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
SHA-256 | 4cbddeb039c5677a9505612221d913ee2c6a232b9f4ff2e54b9ae87e5ba64cb6
Secunia Security Advisory 31214
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IRAQI has reported a vulnerability in Live Music Plus, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | d0d7772764d93d29a3151d957e73d23c4fdf4eff703a554393a75e6841f80c81
Secunia Security Advisory 31217
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Lore, which can be exploited by malicious people to conduct cross-site scripting-attacks.

tags | advisory, vulnerability, xss
SHA-256 | 09a47817ac455142da7fc69eaa1b2d9e7f6e1bcab38455cb5396da005d881769
Secunia Security Advisory 31220
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose sensitive information, or potentially compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, ubuntu
SHA-256 | c33555efe554154007f0eec9f3a0e55a7e3c3b8df644758ce5feb1ce9c0cd0d9
Secunia Security Advisory 31222
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, redhat
SHA-256 | da6b3ec3dec5683f929aae4db72211e9eccc86251addf794c1817c33cb159a91
Secunia Security Advisory 31223
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for vsftpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | fa585121dcd4c7727104d9d96e4bd8cd6105572bdb54af299ae45bb6197fe7a2
Secunia Security Advisory 31224
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for rdesktop. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 73a4340870193b1f73a1c86c910656609334555d747cc8da5ee33f18ed4963bb
Secunia Security Advisory 31225
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for coreutils. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
systems | linux, redhat
SHA-256 | 6a5a6467a63e070dc20feca15bf5ea08a77786dd710b0a50a3c92081c39b22db
Secunia Security Advisory 31226
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes some vulnerabilities and security issues, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious users to cause a DoS (Denial of Service) or to bypass certain security restrictions.

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | 87a3390b96d65efa94562d921997bc1b3c5eed17eed8c60866eeea1bf591f756
Secunia Security Advisory 31227
Posted Jul 26, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for nss_ldap. This fixes a security issue, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, redhat
SHA-256 | f43a0e989b3c251ff1d7c5f7c6a26a82bbe028521e191042168c627ef5b31e71
Page 5 of 25
Back34567Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close