what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 387 RSS Feed

Files

My Remote File Server Privilege Escalation
Posted Oct 30, 2009
Authored by Francis Provencher

My Remote File Server suffers from a local privilege escalation vulnerability.

tags | advisory, remote, local
SHA-256 | b0d5863983aebf57733c7be0f0976c34e42a4ed7233c11d0fb111626926f6f12
Windows Media Player Local File Detection
Posted Oct 30, 2009
Authored by Renard Volant | Site lrv.ch.vu

Windows Media Player version 11 suffers from a local file detection vulnerability.

tags | advisory, local
systems | windows
SHA-256 | c38b03608124285e169d1f036ee295d2a369fd363cbb26807ff7712665cd870d
Joomla Jumi Is Backdoored
Posted Oct 30, 2009
Authored by Jan van Niekerk

The Joomla Jumi component is backdoored and apparently sends user passwords to another site.

tags | advisory
SHA-256 | 32834abecdbef0f2d657947c79146fe6fc4c36075aa18b0276288f6581e0ad94
SafeNet SoftRemote Local Buffer Overflow
Posted Oct 30, 2009
Site senseofsecurity.com.au

SafeNet SoftRemote is vulnerable to a local stack based buffer overflow which can lead to the compromise of a vulnerable system. Versions 10.8.5 Build 2 and 10.3.5 Build 6 are verified vulnerable.

tags | advisory, overflow, local
SHA-256 | 56225e9982cc70db07769c44299eba3647755fa089c5db795da3b7b2d5d1a7c8
Debian Linux Security Advisory 1923-1
Posted Oct 30, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1923-1 - A denial of service vulnerability has been found in libhtml-parser-perl, a collection of modules to parse HTML in text documents which is used by several other projects like e.g. SpamAssassin.

tags | advisory, denial of service, perl
systems | linux, debian
advisories | CVE-2009-3627
SHA-256 | 9f1818d3726640fc83c9bc282de4c5ec25b1509a4b848c6a2dd32c8de7c5aaf4
2WIRE Remote Denial Of Service
Posted Oct 30, 2009
Authored by hkm

The remote management interface on tcp/50001 of various 2WIRE devices suffers from a remote denial of service vulnerability.

tags | advisory, remote, denial of service, tcp
SHA-256 | a570b0dd205bdccb99ddb73341fe1654b9625e26ea61d1a590c32f42dec42430
Mandriva Linux Security Advisory 2009-291
Posted Oct 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-291 - Directory traversal vulnerability in the HTTP server in Mort Bay Jetty before 6.1.17, and 7.0.0.M2 and earlier 7.x versions, allows remote attackers to access arbitrary files via directory traversal sequences in the URI. This update fixes this vulnerability.

tags | advisory, remote, web, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1523
SHA-256 | 975a510663d16fdb79677c0b5051b26e3730f207599ece44475fe1e96e018fda
Mandriva Linux Security Advisory 2009-290
Posted Oct 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in Firefox 3.0.x. This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-1563, CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | 81cd4ae6c0e4a6fbd63e6be6811775c38ed6270fdf26efb68f1373d24354eb81
Zero Day Initiative Advisory 09-074
Posted Oct 29, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-074 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC Documentum eRoom, OpenText Hummingbird and OpenText Search Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hummingbird STR service (STRsvc.exe) which listens by default on TCP port 10500. The STRlib.dll module receives network packet data into a static stack buffer. By providing a large enough packet, this buffer can overflow. Exploitation allows remote attackers to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp
SHA-256 | fc40271419bd722e4119d10ab2f0371b516cbb56bf7f8a77328f21cecab80b3d
Secunia Security Advisory 37175
Posted Oct 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 8f0be70af004c87e4501def9c3576c06c68ab005d514afbe61cdff162e1111b6
Secunia Security Advisory 36711
Posted Oct 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, manipulate certain data, or compromise a user's system.

tags | advisory, vulnerability
SHA-256 | b6b6792baa6dabe58eb7a25f3bbf951a023362b2d4e8b94b203585e3408357a4
Secunia Security Advisory 37173
Posted Oct 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to manipulate certain data or compromise a user's system.

tags | advisory, vulnerability
SHA-256 | d03ea9bbabe16f7c220cea2e68ab962d48451256a700569fc60b0f2de6e768bd
Secunia Security Advisory 37143
Posted Oct 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in AOL AIM, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 021e88da437be6ab3b967bfb82a32d702bf8c51c6072f170a01f2e3460a9d244
Debian Linux Security Advisory 1922-1
Posted Oct 28, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1922-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-3274, CVE-2009-3370, CVE-2009-3372, CVE-2009-3373, CVE-2009-3374, CVE-2009-3375, CVE-2009-3376, CVE-2009-3380, CVE-2009-3382
SHA-256 | a220a510e52acdc35e63b91c7fafa29b451ce1d41d75745b324d947eec52a426
iDEFENSE Security Advisory 2009-10-28.1
Posted Oct 28, 2009
Authored by iDefense Labs, regenrecht | Site idefense.com

Remote exploitation of a buffer overflow in the Mozilla Foundation's libpr0n image processing library allows attackers to execute arbitrary code. The libpr0n GIF parser was designed using a state machine which is represented as a series of switch/case statements. One particularly interesting state, 'gif_image_header', is responsible for interpreting a single image/frame description record. A single GIF file may contain many images, each with a different color map associated. The problem lies in the handling of changes to the color map of subsequent images in a multiple-image GIF file. Memory reallocation is not managed correctly and can result in an exploitable heap overflow condition. iDefense confirmed the existence of this vulnerability using Mozilla Firefox versions 3.0.13 and 3.5.2 on 32-bit Windows XP SP3. Other versions, and potentially other applications using libpr0n, are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-3373
SHA-256 | 2586d2a113c390f692bd4a3a7b5d2efa7e97552fe0c5a23297e4dd9eebfa000a
Opera RSS Hijacking
Posted Oct 28, 2009
Authored by Inferno from Secure Thoughts

Small write up called Hijacking Opera's Native Page Using Malicious RSS Payloads.

tags | advisory
SHA-256 | c291ffa51806c7d5f361262a1cb308612da9ac85545f1e4435e49c40c2a46aa1
Secunia Security Advisory 37187
Posted Oct 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | e416cd2107d6cc5d04c7c6a84753cf176f3b581ca1cba77c424819a9ca0a7e15
Secunia Security Advisory 37186
Posted Oct 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VMware Server, VMware ESX, and VMware ESXi, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 702bf68d8c7f421e1a7c5f0c7e1771d9c06c5612914b630d6906097504830fac
Secunia Security Advisory 37177
Posted Oct 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for samba. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious users to bypass certain security restrictions, disclose sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | c575ba580cb8a745ed58f3e616d26ec2a05b237d2c0802e7147b56731e41cdec
Secunia Security Advisory 37184
Posted Oct 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Sun Solaris, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
systems | solaris
SHA-256 | c757b94a87736b0c71c0242786bd03602fc0f770cbf6923f7d8b73c62305ef48
Secunia Security Advisory 37172
Posted Oct 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various VMware products, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

tags | advisory, local
SHA-256 | 81f11416d276e25b00acbba4475236cd29aa9cbd0b389284d68ec84bc766a39f
Secunia Security Advisory 37181
Posted Oct 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Maxim A. Kulakov has discovered a security issue in multiple Rising products, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 9bd11d50dbfbdae6ae0d8fb546765dd63f2a76ebc8226324e09a90d0ad64775d
Secunia Security Advisory 37179
Posted Oct 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some weaknesses have been reported in various McAfee products, which can be exploited by malware to bypass the scanning functionality.

tags | advisory
SHA-256 | 4115b59e09887b8e9124b3a611dee1cc63427cce1dc9a2711e5ab7eeebe9e8c8
Open Source CERT Security Advisory 2009.15
Posted Oct 28, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

KDE suffers from multiple insufficient validation vulnerabilities that can result in the execution of active content. Versions below 4.3.2 are affected.

tags | advisory, vulnerability
SHA-256 | ecdec1474c60e06f8d03ae23981515ca996b2e57443237988e158fc66e77b190
Mozilla Firefox Floating Point Memory Allocation
Posted Oct 28, 2009
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an array indexing error while allocating space for floating point numbers. This can be exploited to trigger a memory corruption when a specially crafted floating point number is processed. Successful exploitation allows execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2009-1563
SHA-256 | 05b17d26fc240e5536f74dc59738ad403661d05c0d57cc1e692e5b1e21dc161c
Page 1 of 16
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close