what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 423 RSS Feed

Files

Zero Day Initiative Advisory 11-090
Posted Feb 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-090 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is not required to exploit this vulnerability. The flaw exists within the XNFS.NLM component which listens by default on UDP port 1234. When handling the an NFS RPC request the xdrDecodeString function uses a user supplied length value to null terminate a string. This value can be signed allowing the NULL byte to be written at an arbitrary address. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the system.

tags | advisory, remote, arbitrary, udp
advisories | CVE-2010-4227
SHA-256 | 6ff956732b5f7f5743b6b55d69eb36425aa86fc4836dc1a32c8a0cabd05749ea
Cisco Security Advisory 20110223-telepresence-ctsman
Posted Feb 23, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco TelePresence Manager. These issues include SOAP authentication bypass, RMI command injection, and remote code execution vulnerabilities.

tags | advisory, remote, vulnerability, code execution
systems | cisco
advisories | CVE-2011-0379, CVE-2011-0380, CVE-2011-0381
SHA-256 | 2279b02e90cd86dbc13becc622a5ef57fcba430ff6c4d1c352b719594dc541a3
Cisco Security Advisory 20110223-fwsm
Posted Feb 23, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers that may cause the Cisco FWSM to reload after processing a malformed Skinny Client Control Protocol (SCCP) message. Devices are affected when SCCP inspection is enabled. Cisco has released free software updates that address this vulnerability.

tags | advisory, protocol
systems | cisco
advisories | CVE-2011-0394
SHA-256 | 2d3c304b1169c0947fbea1a762b1e12011ff5021a0b46976a1ef04bb54325ee7
Cisco Security Advisory 20110223-asa
Posted Feb 23, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances are affected by a transparent firewall packet buffer exhaustion vulnerability, a SCCP denial of service vulnerability, a RIP denial of service vulnerability, and an unauthorized file system access vulnerability.

tags | advisory, denial of service
systems | cisco
advisories | CVE-2011-0393, CVE-2011-0394, CVE-2011-0395, CVE-2011-0396
SHA-256 | e76421e954aaa07cd6bf59eee71ec3dfe95a934bc32fb56fe6edae8a2ff01ed9
Cisco Security Advisory 20110223-telepresence-cts
Posted Feb 23, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco TelePresence solution. These issues include command injection, unauthenticated access, malicious IP address injection, and more.

tags | advisory, vulnerability
systems | cisco
advisories | CVE-2011-0372, CVE-2011-0373, CVE-2011-0374, CVE-2011-0375, CVE-2011-0376, CVE-2011-0377, CVE-2011-0378, CVE-2011-0379
SHA-256 | 97ae824371ddb74da2c469bdef6be6241f1177feac903333ba85b638323a3686
Ubuntu Security Notice USN-1070-1
Posted Feb 23, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1070-1 - It was discovered that Bind incorrectly handled IXFR transfers and dynamic updates while under heavy load when used as an authoritative server. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0414
SHA-256 | f3ee93eff5dd43e96835d6ac34baaa23b2dd16a87b9fde94a2ca80d1281683ed
Cisco Security Advisory 20110223-telepresence-ctrs
Posted Feb 23, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist within the Cisco TelePresence Recording Server. These issues include unauthenticated java servlet access, command injection, file upload, denial of service and more.

tags | advisory, java, denial of service, vulnerability, file upload
systems | cisco
advisories | CVE-2011-0379, CVE-2011-0382, CVE-2011-0383, CVE-2011-0385, CVE-2011-0386, CVE-2011-0388, CVE-2011-0391, CVE-2011-0392
SHA-256 | 61c7ea617941a186f5b3f36418eecc50bb5d47f751232a507474c95dee05d970
Cisco Security Advisory 20110223-telepresence-ctms
Posted Feb 23, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist within the Cisco TelePresence Multipoint Switch. These issues range from unauthenticated java servlet access to denial of service conditions.

tags | advisory, java, denial of service, vulnerability
systems | cisco
advisories | CVE-2011-0379, CVE-2011-0383, CVE-2011-0384, CVE-2011-0385, CVE-2011-0387, CVE-2011-0388, CVE-2011-0389, CVE-2011-0390
SHA-256 | 52bb50cf3d384bc587235c2c5aa3a2ff5fe913f2c1d20077463786e39a6067e9
Mandriva Linux Security Advisory 2011-036
Posted Feb 23, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-036 - Multiple cross-site scripting vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the username field in a confirmation message.

tags | advisory, remote, web, arbitrary, cgi, vulnerability, xss
systems | linux, mandriva
advisories | CVE-2011-0707
SHA-256 | ea5c67f8416addc10d7426c9a007de08e8c3a2a7563158dfc18282c74b813aa4
Linux 2.4 / 2.6 Privilege Escalation / Denial Of Service
Posted Feb 23, 2011
Site pre-cert.de

PRE-CERT Security Advisory - Both the 2.4 and 2.6 Linux kernels have multiple vulnerabilities. A buffer overflow bug in mac_partition in fs/partitions/mac.c (for MAC partition tables) allows for a denial-of-service (kernel panic) condition via a corrupted MAC partition table. A division-by-zero bug in ldm_get_vblks in fs/partitions/ldm.c (for LDM partition tables) allows a denial-of-service (kernel oops) condition via a corrupted LDM partition table. A buffer overflow bug in ldm_frag_add in fs/partitions/ldm.c (for LDM partition tables) may allow escalation of privileges or disclosure of sensitive information via a corrupted LDM partition table.

tags | advisory, overflow, kernel, vulnerability
systems | linux
advisories | CVE-2011-1010
SHA-256 | ab0fe6ff6bc31bbaf5cc7f9b68d64070079062a5c296c403ff5d0954e13058cc
Debian Security Advisory 2172-1
Posted Feb 22, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2172-1 - Several vulnerabilities have been discovered in phpCAS, a CAS client library for PHP. The Moodle course management system includes a copy of phpCAS.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2010-2795, CVE-2010-2796, CVE-2010-3690, CVE-2010-3691, CVE-2010-3692
SHA-256 | 267dc10fad0c03e578ad3123414ea64b6e23736b2369d3414a6709c24c575ada
Ubuntu Security Notice USN-1069-1
Posted Feb 22, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1069-1 - It was discovered that Mailman did not properly sanitize certain fields, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2010-3089, CVE-2011-0707
SHA-256 | fdba9a23075e131a564baf3270fe1ab05ec54aef3f93be54371d55937b4d212a
Ubuntu Security Notice USN-1068-1
Posted Feb 22, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1068-1 - Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2011-0725
SHA-256 | f936186c43ebc1ba3469742c7385b9e594e2d6a9049351c7ba02874a13de402a
Mandriva Linux Security Advisory 2011-035
Posted Feb 22, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-035 - The tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2. The updated packages have been patched to correct this issue.

tags | advisory, local, trojan
systems | linux, mandriva
advisories | CVE-2010-4005
SHA-256 | bc3061e7437994cfa1e698306aec56aba5922b6fc005b13d7fec917c016f2077
Asterisk Project Security Advisory - AST-2011-002
Posted Feb 22, 2011
Authored by Matthew Nicholson | Site asterisk.org

Asterisk Project Security Advisory - When decoding UDPTL packets, multiple stack and heap based arrays can be made to overflow by specially crafted packets. Systems doing T.38 pass through or termination are vulnerable.

tags | advisory, overflow
SHA-256 | 9b947dd4fce8b8d4d6dc7c6bc47a02bc75f6c9d8097ebaa822eda51e67ad2705
Secunia Security Advisory 43342
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 02b775a4fb6312840e9cc1b7e1f935b68a715beb81dec606f7c73d85f1841f85
Secunia Security Advisory 43332
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in TYPO3, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 66bdf4c247dc1c7cec7bdcc6171b63bb16ed45d1c26c8aa8ffe09b104448070b
Secunia Security Advisory 43297
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for python-django. This fixes two vulnerabilities, which can be exploited by malicious people to conduct script insertion and cross-site request forgery attacks.

tags | advisory, vulnerability, python, csrf
systems | linux, debian
SHA-256 | 061a8cd981a20ef0bf3a8411fad87fd020ae9dc68c1a6f0521ad078a8a8c021d
Secunia Security Advisory 43322
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in phpMyBitTorrent, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 23b239f6b150e7295a6f22dfe2c5dc0b47cadddb041ac948a9a1a28daa8471c5
Secunia Security Advisory 43266
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Matter Inc. has discovered a vulnerability in the Kunena component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | ea5e3d4b9260ac0241d49f31c5f62bf925fe36dcc9612d247f8c61109ebd7cca
Secunia Security Advisory 43290
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for openjdk-6. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) and manipulate certain data.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | a38271d16d09bb2e0ecfeae229f7820cfc4e4efbf52f30502819dc64a21ede01
Secunia Security Advisory 43325
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM OS/400, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 3e2be18544f72480af1f3ae92b8211116d469ae1c7838a58d70474118641f787
Secunia Security Advisory 43280
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-openjdk. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, java, denial of service
systems | linux, redhat
SHA-256 | 475e244e964ec73d526b9a17797de0916190f4368c48c8286ed04b45f1b58d51
Secunia Security Advisory 43229
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for krb5. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | cf36d24fd43a44b8ac8f1e020edbd40e63d8b0aea455149579c97bb7223fc131
Secunia Security Advisory 43339
Posted Feb 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | d8cc2c303863caffb0b3233d5b3d07f08f5f2e53975f36636e54a578328551af
Page 2 of 17
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Sam Bankman-Fried's Sentencing Hearing Over FTX Fraud Begins Today
Posted Mar 28, 2024

tags | headline, fraud, cryptography
Sellafield To Be Prosecuted For IT Security Offenses
Posted Mar 28, 2024

tags | headline, government, britain, flaw
These 17,000 Microsoft Exchange Servers Are A Ticking Time Bomb
Posted Mar 28, 2024

tags | headline, microsoft, email, flaw
Analyse, Hunt, And Classify Malware Using .NET Metadata
Posted Mar 27, 2024

tags | headline, hacker, malware, microsoft
VPN Apps On Google Play Turn Android Devices Into Proxies
Posted Mar 27, 2024

tags | headline, privacy, phone, flaw, google
Fortinet FortiClient EMS SQL Injection Flaw Exploited In The Wild
Posted Mar 27, 2024

tags | headline, hacker, flaw
Google Reveals 0-Day Exploits In Enterprise Tech Surged 64% Last Year
Posted Mar 27, 2024

tags | headline, flaw, google, zero day
Ray AI Framework Vulnerability Exploited To Hack Hundreds Of Clusters
Posted Mar 27, 2024

tags | headline, hacker, flaw
Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government
Posted Mar 26, 2024

tags | headline, hacker, government, usa, china, cyberwar, spyware, backdoor
Ransomware Can Mean Life Or Death At Hospital, But DEF CON Hackers Have A Plan
Posted Mar 26, 2024

tags | headline, hacker, malware, conference, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close