Exploit the possiblities
Showing 1 - 25 of 427 RSS Feed

Files

Asterisk Project Security Advisory - AST-2009-010
Posted Dec 1, 2009
Authored by David Vossel | Site asterisk.org

Asterisk Project Security Advisory - An attacker sending a valid RTP comfort noise payload containing a data length of 24 bytes or greater can remotely crash Asterisk.

tags | advisory
advisories | CVE-2009-4055
MD5 | 46dfe4b400772eb8072c28854bcddaa7
Mandriva Linux Security Advisory 2009-307
Posted Dec 1, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-307 - All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code. This advisory fixes this issue. Additionally, all applications embedding the libtool code were patched in order to avoid possible future exploitations of this issue.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2009-3736
MD5 | bf325a30d0f128b47536065760f21eba
pyForum 1.0.3 Backdoor
Posted Dec 1, 2009
Authored by Nam Nguyen | Site bluemoon.com.vn

pyForum version 1.0.3 suffers from a password reset vulnerability.

tags | advisory
advisories | CVE-2009-5025
MD5 | a5e2bf1b0758397eec450c5630ce1dc2
ISC BIND Vulnerable DLLs
Posted Dec 1, 2009
Authored by Stefan Kanthak

ISC released new BIND packages for Windows with vulnerable runtime DLLs. Brilliant.

tags | advisory
systems | windows
MD5 | ea8d337d9520bc0c8c6c22feac86b26f
Debian Linux Security Advisory 1942-1
Posted Nov 30, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1942-1 - Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer, which may lead to the execution of arbitrary code or denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2009-1268, CVE-2008-1829, CVE-2009-2560, CVE-2009-2562, CVE-2009-3241, CVE-2009-3550, CVE-2009-3829
MD5 | 4162f7684bfa0a68c2a65082e4de16fb
Mandriva Linux Security Advisory 2009-306
Posted Nov 30, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-306 - Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself. The updated packages have been patched to correct these issues.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2009-3897
MD5 | 550c89270949f3a0155faaf0a556d003
Mandriva Linux Security Advisory 2009-305
Posted Nov 30, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-305 - PHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, local, php, vulnerability, file inclusion
systems | linux, mandriva
advisories | CVE-2009-4017
MD5 | 5b6f6aea41bb70c90e70a095d509d854
Mandriva Linux Security Advisory 2009-303
Posted Nov 30, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-303 - Some vulnerabilities were discovered and corrected in php-5.2.11.

tags | advisory, php, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3557, CVE-2009-3558, CVE-2009-4017, CVE-2009-4018
MD5 | aa02feb519f9c601ff84488549bbf230
HP Security Bulletin HPSBUX02482 SSRT090249
Posted Nov 30, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX OpenSSL. The vulnerability could be exploited remotely to inject unauthorized data or to create a Denial of Service (DoS).

tags | advisory, denial of service
systems | hpux
advisories | CVE-2009-3555
MD5 | e6193ddf86fc681b3dfb4103579ccc6c
Secunia Security Advisory 37477
Posted Nov 30, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, debian
MD5 | f071a113a8ad873c34d5764b10bd7720
Secunia Security Advisory 37446
Posted Nov 30, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss, ruby
MD5 | 28eec4a60ca12eafd674b9bc826dddba
Secunia Security Advisory 37490
Posted Nov 30, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for tomcat6. This fixes some vulnerabilities, which can be exploited by malicious users to disclose sensitive information or manipulate certain data and by malicious people to cause a DoS (Denial of Service) or disclose sensitive information.

tags | advisory, denial of service, vulnerability
systems | linux, fedora
MD5 | d716c186a63782bf3f0076c36ebd18f3
Secunia Security Advisory 37496
Posted Nov 30, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
systems | linux, fedora
MD5 | 9b2fd24f37c959b02415c4eeb9acdf11
Secunia Security Advisory 37509
Posted Nov 30, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - shinnai has discovered a vulnerability in Haihaisoft Universal Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 340e1e32f6f6b5d82ce528cd4dd251b1
Secunia Security Advisory 37513
Posted Nov 30, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Christophe Devine has reported some vulnerabilities in SumatraPDF, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | a041f25e0018e79bece970889400d39a
Secunia Security Advisory 37494
Posted Nov 30, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Christophe Devine has reported some vulnerabilities in MuPDF, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
MD5 | cf7cb864c71944d7e0a06868ba9dcda7
Ubuntu Security Notice 862-1
Posted Nov 27, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 862-1 - Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dba_replace function. If a script passed untrusted input to the dba_replace function, an attacker could truncate the database. It was discovered that PHP did not properly handle certain malformed images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the tempnam function. An attacker could exploit this issue to bypass safe_mode restrictions. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the posix_mkfifo function. An attacker could exploit this issue to bypass open_basedir restrictions. Bogdan Calin discovered that PHP did not limit the number of temporary files created when handling multipart/form-data POST requests. A remote attacker could exploit this flaw and cause the PHP server to consume all available resources, resulting in a denial of service.

tags | advisory, remote, denial of service, php
systems | linux, osx, ubuntu
advisories | CVE-2008-7068, CVE-2009-3291, CVE-2009-3292, CVE-2009-3557, CVE-2009-3558, CVE-2009-4017, CVE-2009-4018
MD5 | 43d50612434fbd4b8c923a8b6beac063
Mandriva Linux Security Advisory 2009-304
Posted Nov 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-304 - Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO. Additionally BIND has been upgraded to the latest point release or closest supported version by ISC.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2009-4022
MD5 | c8fbf818bbf185917fccf79da8519a38
Gentoo Linux Security Advisory 200911-6
Posted Nov 27, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200911-6 - An input sanitation error in PEAR Net_Traceroute might allow remote attackers to execute arbitrary commands. Pasquale Imperato reported that the $host parameter to the traceroute() function in Traceroute.php is not properly sanitized before being passed to exec(). Versions less than 0.21.2 are affected.

tags | advisory, remote, arbitrary, php
systems | linux, gentoo
advisories | CVE-2009-4025
MD5 | 55f456c6df96434e2cdfce9599d58ccd
Debian Linux Security Advisory 1940-1
Posted Nov 27, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1940-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292
MD5 | b2fb41b3070c564c6d204476172d0ad2
Secunia Security Advisory 37497
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for PEAR-Net_Traceroute. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
MD5 | 141a53809bd87d66954ed25399db738d
Secunia Security Advisory 37478
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in RADIO istek scripti, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | e8937e686b7317a02444366b31d66ae3
Secunia Security Advisory 37476
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the GCalendar component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 836039b4b8890ac1898d83d9d54f4061
Secunia Security Advisory 37498
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for php5. This fixes multiple vulnerabilities, some of which have unknown impact and others that can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | ee44a9d6aaa2b47c6cfaafbe96f94cb5
Secunia Security Advisory 37499
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - kaMtiEz has discovered a vulnerability in the LyftenBloggie component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 58122dba9470a1b1ffaf288857a01d42
Page 1 of 18
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close