what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 684 RSS Feed

Files

Ubuntu Security Notice USN-1202-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1202-1 - Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Various other issues were also addressed.

tags | exploit, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4081, CVE-2010-3296, CVE-2010-3297, CVE-2010-3858, CVE-2010-3859, CVE-2010-3874, CVE-2010-3880, CVE-2010-4073, CVE-2010-4075, CVE-2010-4076, CVE-2010-4077, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160, CVE-2010-4162, CVE-2010-4163, CVE-2010-4169, CVE-2010-4175, CVE-2010-4242, CVE-2010-4243, CVE-2010-4248, CVE-2010-4256, CVE-2010-4565, CVE-2010-4649, CVE-2010-4655
SHA-256 | b470551b1de773c77d363adf5b0cb1910cc8654d0405c8a191ad8f00fd5d2535
Month Of Abysssec Undisclosed Bugs - Microsoft Unicode Scripts Processor
Posted Oct 1, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Microsoft unicode scripts processor suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2010-2738
SHA-256 | 6eba272c4ddfe295b0ebe851d90034b775b8db127a39cc09038726b42ce21ce2
Month Of Abysssec Undisclosed Bugs - ASPMass Shopping Cart
Posted Oct 1, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - ASPMass Shopping Cart suffers from a file upload cross site request forgery vulnerability.

tags | advisory, file upload, csrf
SHA-256 | c9d87f8bdde161e2a4f3aa91ce867155cc368c6394a0d5d1640778fdae77f8ae
Mandriva Linux Security Advisory 2010-190
Posted Sep 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-190 - libtiff allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3087
SHA-256 | cc534c77c37d6a0d4869d969ac19c118a8a3fe84d2691705b7aefc53901cc8a5
HP Security Bulletin HPSBMA02558 SSRT100158
Posted Sep 30, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin HPSBMA02558 SSRT100158 - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 3 of this advisory.

tags | advisory, web, arbitrary
advisories | CVE-2010-2704
SHA-256 | 0df748125868d6977062e60048bd38a0e25fe5552ec26f96bcdfe7ab26c6a5af
VMware Security Advisory 2010-0015
Posted Sep 30, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory 2010-0015 - ESX 4.0 Console OS (COS) updates for NSS_db, OpenLDAP, cURL, sudo OpenSSL, GnuTLS, NSS and NSPR packages.

tags | advisory
advisories | CVE-2009-2409, CVE-2009-3245, CVE-2009-3555, CVE-2009-3767, CVE-2010-0433, CVE-2010-0734, CVE-2010-0826, CVE-2010-1646
SHA-256 | fdad8c6c91e0eabfe81a21d19d5f5d5ed52fdc1c4de978eea683eae1e3131b79
Secunia Security Advisory 41667
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities and weaknesses, which can be exploited by malicious local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or gain escalated privileges, and by malicious people to disclose potentially sensitive information.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | 0e4a4895914a1a0bebac939716f1b15f2d69ec75029606c697681ee60260636b
Secunia Security Advisory 41659
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libgdiplus. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | bc5a1ea094dd18b1f8b3acbfc6a4220517a1097625bc815809dcc95b67b54268
Secunia Security Advisory 41658
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libhx. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, ubuntu
SHA-256 | 8ecf25c03dd05c660dbfa37365f2dd3427fab81c6eef2a9157f52529ec058e2a
Secunia Security Advisory 41642
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has acknowledged some security issues in fence, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, gentoo
SHA-256 | 00b92902a18eb76e1036f61d6da9a39e1ca5c9385beb843a2f6c7fb437249d38
Secunia Security Advisory 41619
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Pluck, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 1334a3191729e7c0300547c0f267922b03265bfb972950dc2f3fddb5318833e0
Secunia Security Advisory 41629
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in Zimplit, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | ecf945eee20c4a23287a48d897a49b27660fcf2b7bbe7653e211a86afa0583cf
Secunia Security Advisory 41669
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Imagemenu module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | fa3ac77ed301c484ba2047ab9634cd6c4f1df4c7736dd411633dd92528c9d5e6
Secunia Security Advisory 41676
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Imagemenu module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | a1a45cc486ee0d5b074ac5c29564e9ccdb7d48353dee5ddece8c496d683c72f2
Secunia Security Advisory 41661
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the PECL Alternative PHP Cache (APC) extension, which can potentially be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
SHA-256 | bb490ec69990a6230896508bd08a349ab71774e96657c53451a0fa40b713e1fe
Secunia Security Advisory 41663
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in the Memcache module for Drupal, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 312f0d3555a429da4314ae58c5d4cff623ad6c682efae47c7555fbbb67ace120
Secunia Security Advisory 41675
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Julien Cayssol has reported some vulnerabilities in Artica, which can be exploited by malicious users to disclose sensitive information, manipulate certain data, and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks, SQL injection attacks, and disclose sensitive information.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 8aed63a6b90db5cc288c2f4f864a5e210e889293b53c39f9f921a3bbefdeebdc
Secunia Security Advisory 41651
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in JE Guestbook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks and disclose sensitive information.

tags | advisory, vulnerability, sql injection
SHA-256 | b139be6c4d474d24486a5989a0149e8267221de121e4ebfa12eb8465ea2913a2
Secunia Security Advisory 41662
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for php-pecl-apc. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
systems | linux, fedora
SHA-256 | c7e5fe9b0f5b2b57b20df73923616e900eaf88b75489e35687439d85d2b93b7a
Secunia Security Advisory 41668
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in webSPELL, which can be exploited by malicious people to conduct SQL injection attacks and bypass certain security restrictions.

tags | advisory, vulnerability, sql injection
SHA-256 | 9f4ca3a38ee150a9c7633de0fa9fa696f24ae2cec7cb912c22546d87de055632
Secunia Security Advisory 41653
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
SHA-256 | 81e3b63643c4e5c301896cb42711ebf5f276c06530a3980d38e52c56be9cfaa5
Secunia Security Advisory 41531
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 3Com H3C 3100 and 3600 Series switches, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | bb364d1d21455edc31432e88fd4726c294e20f8739108ccfe7258cdab82c4390
Secunia Security Advisory 41655
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and some vulnerabilities have been reported in phpCAS, which can be exploited by malicious users to perform certain actions with escalated privileges and disclose sensitive information and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | e09be520ab0c01bdd293924896547fc22a01bbf837790ba2ca5e9b2ef19136cf
Secunia Security Advisory 41618
Posted Sep 30, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESX Server, where one has an unknown impact and the others can be exploited by malicious, local users to disclose potentially sensitive information and bypass certain security restrictions and by malicious people to manipulate certain data, conduct spoofing attacks, bypass certain security features, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, spoof, vulnerability
SHA-256 | 58d7f168113661542ba2af16bc6a4a1ce7b2fbb3bb3619c2641eb2cc25f49cb1
Zero Day Initiative Advisory 10-187
Posted Sep 30, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-187 - This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of IBM Tivoli FastBack Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within FastBackServer.exe process which listens by default on TCP port 11406. The problematic code resides within a function responsible for reading a block of network packet data. A parameter to this function is initialized to 0 and under certain conditions this value will be accessed before properly initialized. This causes a NULL pointer to be dereferenced and subsequent application crash due to a lack of exception handling. Successful exploitation leads to immediate termination of the fastback server.

tags | advisory, remote, denial of service, tcp
SHA-256 | 0984b15d3968f4422e8c07cdcaa8a2380c56e0597776b56245c3c854f4a99699
Page 1 of 28
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close