seeing is believing
Showing 1 - 25 of 684 RSS Feed

Files

Ubuntu Security Notice USN-1202-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Various other issues were also addressed.

tags | exploit, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4081, CVE-2010-3296, CVE-2010-3297, CVE-2010-3858, CVE-2010-3859, CVE-2010-3874, CVE-2010-3880, CVE-2010-4073, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4169, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4248, CVE-2010-4256, CVE-2010-4565, CVE-2010-4649, CVE-2010-4655
MD5 | 2daff38dec5e5b4254f2f5b46b1f6f9e
Month Of Abysssec Undisclosed Bugs - Microsoft Unicode Scripts Processor
Posted Oct 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Microsoft unicode scripts processor suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2010-2738
MD5 | 9483d4cd1c3443828f7a3a772fc8c077
Month Of Abysssec Undisclosed Bugs - ASPMass Shopping Cart
Posted Oct 1, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - ASPMass Shopping Cart suffers from a file upload cross site request forgery vulnerability.

tags | advisory, file upload, csrf
MD5 | cb668643220bc419123a9b08b22f323e
Mandriva Linux Security Advisory 2010-190
Posted Sep 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-190 - libtiff allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3087
MD5 | 1911159cfabb247e0ac6341a8eaf76fb
HP Security Bulletin HPSBMA02558 SSRT100158
Posted Sep 30, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin HPSBMA02558 SSRT100158 - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 3 of this advisory.

tags | advisory, web, arbitrary
advisories | CVE-2010-2704
MD5 | 6785a0e2f09b9a73aad4f96eec1d230b
VMware Security Advisory 2010-0015
Posted Sep 30, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory 2010-0015 - ESX 4.0 Console OS (COS) updates for NSS_db, OpenLDAP, cURL, sudo OpenSSL, GnuTLS, NSS and NSPR packages.

tags | advisory
advisories | CVE-2009-2409, CVE-2009-3245, CVE-2009-3555, CVE-2009-3767, CVE-2010-0433, CVE-2010-0734, CVE-2010-0826, CVE-2010-1646
MD5 | 9f99f58fbdd8d777048475ace5b9e8a4
Secunia Security Advisory 41667
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities and weaknesses, which can be exploited by malicious local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges, and by malicious people to disclose potentially sensitive information.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
MD5 | 25d26f3acdc8d948624b992d9b1f9b6f
Secunia Security Advisory 41659
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libgdiplus. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | aab29f736424a0370f1115463e7dbc39
Secunia Security Advisory 41658
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libhx. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, ubuntu
MD5 | e0dd05e66020acfe676dbf5fa155a3a5
Secunia Security Advisory 41642
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has acknowledged some security issues in fence, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, gentoo
MD5 | bf7d77d1f05b773ef0fd6343adc6ccc1
Secunia Security Advisory 41619
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Pluck, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | cda67f0037af2e149752616bef0f38f5
Secunia Security Advisory 41629
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in Zimplit, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 9ddd62066e24335ab21123c4c392d507
Secunia Security Advisory 41669
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Imagemenu module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 9f8c06b7fe117c64971924aa988ace08
Secunia Security Advisory 41676
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Imagemenu module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | f4c05d0b343dd5b4e38b96f62bb3f99d
Secunia Security Advisory 41661
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the PECL Alternative PHP Cache (APC) extension, which can potentially be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
MD5 | b286de1c963a89dc76a4414ad1b865d6
Secunia Security Advisory 41663
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in the Memcache module for Drupal, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 231d79f8c60e7889f4cacaffa210e989
Secunia Security Advisory 41675
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Julien Cayssol has reported some vulnerabilities in Artica, which can be exploited by malicious users to disclose sensitive information, manipulate certain data, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, SQL injection attacks, and disclose sensitive information.

tags | advisory, vulnerability, xss, sql injection
MD5 | c9f6609888a0ac3b0dfc7069fd7397a7
Secunia Security Advisory 41651
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in JE Guestbook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information.

tags | advisory, vulnerability, sql injection
MD5 | 9057856e7743bbf8c58b6dc1c2e51f97
Secunia Security Advisory 41662
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for php-pecl-apc. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
systems | linux, fedora
MD5 | 002183eb517c96eb2237811f9e1598c0
Secunia Security Advisory 41668
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in webSPELL, which can be exploited by malicious people to conduct SQL injection attacks and bypass certain security restrictions.

tags | advisory, vulnerability, sql injection
MD5 | b277b7ba191af1b1cf0e303d261d3c8b
Secunia Security Advisory 41653
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
MD5 | 40063580dcd191191a07fe4c1b057baf
Secunia Security Advisory 41531
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 3Com H3C 3100 and 3600 Series switches, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 52d5677545bfec66f5d7d1e597660020
Secunia Security Advisory 41655
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and some vulnerabilities have been reported in phpCAS, which can be exploited by malicious users to perform certain actions with escalated privileges and disclose sensitive information and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | cf9049e9a542665d56ad7be7c9ee04fc
Secunia Security Advisory 41618
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESX Server, where one has an unknown impact and the others can be exploited by malicious, local users to disclose potentially sensitive information and bypass certain security restrictions and by malicious people to manipulate certain data, conduct spoofing attacks, bypass certain security features, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, spoof, vulnerability
MD5 | eb028bbecfe30c38f7cd84704e55102e
Zero Day Initiative Advisory 10-187
Posted Sep 30, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-187 - This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of IBM Tivoli FastBack Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within FastBackServer.exe process which listens by default on TCP port 11406. The problematic code resides within a function responsible for reading a block of network packet data. A parameter to this function is initialized to 0 and under certain conditions this value will be accessed before properly initialized. This causes a NULL pointer to be dereferenced and subsequent application crash due to a lack of exception handling. Successful exploitation leads to immediate termination of the fastback server.

tags | advisory, remote, denial of service, tcp
MD5 | 875f2b08848724bbbf7c0318f1980d3c
Page 1 of 28
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
Child Safety Smartwatches Easy To Hack, Watchdog Says
Posted Oct 18, 2017

tags | headline, privacy, flaw
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Microsoft Never Disclosed 2013 Hack Of Secret Vulnerability Database
Posted Oct 18, 2017

tags | headline, hacker, microsoft, data loss, flaw
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close