exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 440 RSS Feed

Files

Apple Security Advisory 2012-11-29-1
Posted Nov 30, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-29-1 - Apple TV 5.1.1 is now available and addresses information disclosure and code execution vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure
systems | apple
advisories | CVE-2012-3749, CVE-2012-3748
SHA-256 | caa20eb0d66851c61553ae776f1f9fa646d8aa08b83a087b6b2dc7fe2af9bede
Safend Data Protector 3.4.5586.9772 Privilege Escalation
Posted Nov 30, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

Safend Data Protector suffers from multiple privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-4767, CVE-2012-4760, CVE-2012-4760, CVE-2012-4761, CVE-2012-4761
SHA-256 | 7fa4ab53d92dfd88c732eb79417967adbe52865b5df1b66c86b093a3abbc15b9
Mozilla Firefox "imgRequestProxy" Class Remote Use-After-Free
Posted Nov 30, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "imgRequestProxy::OnStopRequest()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
SHA-256 | 6ff9c9465d128e7723f00c6eb8b2c513970c66279404d1491f6201d4b7ded1cd
Ubuntu Security Notice USN-1430-5
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1430-5 - USN-1430-3 fixed vulnerabilities in Thunderbird. This update provides an updated mozilla-devscripts which produces packaged addons compatible with the latest thunderbird packaging.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 2e3cd2c8aeffd832578a924739c75e1773dc2e46546fb23e4d3f9e27f601fccf
Ubuntu Security Notice USN-1643-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1643-1 - It was discovered that the decode_xs function in the Encode module is vulnerable to a heap-based buffer overflow via a crafted Unicode string. An attacker could use this overflow to cause a denial of service. It was discovered that the 'new' constructor in the Digest module is vulnerable to an eval injection. An attacker could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-2939, CVE-2011-3597, CVE-2012-5195, CVE-2012-5526, CVE-2011-2939, CVE-2011-3597, CVE-2012-5195, CVE-2012-5526
SHA-256 | 6c274eedfdb3da7dbb7671102ad6fe7a37edb74ba2b040227e902cbb757d04a1
Debian Security Advisory 2579-1
Posted Nov 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2579-1 - A vulnerability has been found in the Apache HTTPD Server.

tags | advisory
systems | linux, debian
advisories | CVE-2012-4557, CVE-2012-4929
SHA-256 | 75cc0f2d9d8dabf15819407aef98d97059d1c26d0754a1dead1d43130c26538d
Ubuntu Security Notice USN-1652-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1652-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | e2ab2490ada83b444a66c52183f126e16e8175d3cffdad175af3f948c4a2e280
Ubuntu Security Notice USN-1651-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1651-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-4565
SHA-256 | 050be699e44be98ae2ca0aff99370d56139223bf52fe876c8f83644c51ece493
Ubuntu Security Notice USN-1650-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1650-1 - Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-4565
SHA-256 | ea0d826ac97c808d41bf039a736c91d3f83693af9097f54d42f504187da73d53
Ubuntu Security Notice USN-1649-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1649-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 50d96a46ae540807a3cbac6d9da2f0a742defbec6c2aeb63630420490e1280e4
Ubuntu Security Notice USN-1648-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1648-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 4eb660e26fd88a32afdbb6f4745741f275f50287259f53e6fcf824c0f62ee4ce
Ubuntu Security Notice USN-1647-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1647-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | bc7bae042dda4167991eaaa3aba4772592c4a371088803032bf38ec4fc7d8f3b
Ubuntu Security Notice USN-1646-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1646-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | e417f1d428863d8eb7268db89617f507396def202c65c7aa89768f7915d5e0be
Ubuntu Security Notice USN-1645-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1645-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 4d3dae198ecc5f0fab30ae0aa3248050f97447564d01f2bdf33aa7274130728c
Ubuntu Security Notice USN-1644-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1644-1 - Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4565, CVE-2012-0957, CVE-2012-4565
SHA-256 | 5a24998d89af0c468b0e5534c8e4d28d186288d82114644816fad0f143a37bfb
Drupal Zero Point 6.x / 7.x Cross Site Scripting
Posted Nov 30, 2012
Authored by samatha | Site drupal.org

Drupal Zero Point third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 6347995ee546668a1cb10c9e6dcb8474565196af6e987f78ce2ca60daf7cdbf0
Drupal Webmail Plus 6.x SQL Injection
Posted Nov 30, 2012
Authored by Fox | Site drupal.org

Drupal Webmail Plus third party module version 6.x suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
SHA-256 | 6fa3935c9e1b5fd40c0dc10a06f1425b572bff4c3acc8054a6de33b5695f47a8
Symantec Messaging Gateway Backdoor / Privilege Escalation
Posted Nov 30, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from backdoor account and privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2007-4573, CVE-2008-0009, CVE-2008-4210, CVE-2009-1046, CVE-2009-1337, CVE-2009-2692, CVE-2009-3547, CVE-2010-1146, CVE-2010-2959, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850, CVE-2010-3904, CVE-2010-4073, CVE-2010-4258, CVE-2010-4347
SHA-256 | 0037358302ea3ef9e579ea39b29f6aeedaab8ea3fd730436e1fe43363d09f8dc
Ubuntu Security Notice USN-1642-1
Posted Nov 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1642-1 - Dan Rosenberg discovered a heap-based buffer overflow in Lynx. If a user were tricked into opening a specially crafted page, a remote attacker could cause a denial of service via application crash, or possibly execute arbitrary code as the user invoking the program. This issue only affected Ubuntu 10.04 LTS. It was discovered that Lynx did not properly verify that an HTTPS certificate was signed by a trusted certificate authority. This could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. This update changes the behavior of Lynx such that self-signed certificates no longer validate. Users requiring the previous behavior can use the 'FORCE_SSL_PROMPT' option in lynx.cfg. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-2810, CVE-2012-5821, CVE-2010-2810, CVE-2012-5821
SHA-256 | b98e04aa75eae4a1918f485d23f130b118754361f7105d77894ebac142879154
Red Hat Security Advisory 2012-1512-01
Posted Nov 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1512-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of libxml2 are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2012-5134
SHA-256 | 6f7db09dd21f23e1bf77fc46e0f5d364af0871fe611443be9a977f18023d9919
Red Hat Security Advisory 2012-1511-01
Posted Nov 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1511-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.1 will end on 31st May, 2013.

tags | advisory
systems | linux, redhat
SHA-256 | 9605d9da818d0a15e363b5aac249a85541b3999fc84cf8c6acf32264f66b46bd
Drupal Multi-Language Link And Redirect 6.x / 7.x Access Bypass
Posted Nov 29, 2012
Authored by Andy Inman | Site drupal.org

Drupal Multi-Language Link and Redirect third party module versions 6.x and 7.x suffer from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | 16b169ea8d16998b870fa5e82e8bfe29ef5496ec76acb5215dc2913976eedab0
Drupal Mixpanel 6.x Cross Site Scripting
Posted Nov 29, 2012
Authored by David Snopek | Site drupal.org

Drupal Mixpanel version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 3ed7e90f6032c72423060e1577756b8cf039348e1b7794bca96618b8465bc93b
Drupal Services 6.x / 7.x Information Disclosure
Posted Nov 29, 2012
Authored by hefox | Site drupal.org

Drupal Services versions 6.x and 7.x suffer from an information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | d50c1ef2b299adfc26d879c8c4b9c23673085155d13d23f089b41cb0bf80a188
Drupal Email Field 6.x XSS / Access Bypass
Posted Nov 29, 2012
Authored by hefox | Site drupal.org

Drupal Email Field third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | e3b63db0422c668d8a678dff5a87346abd5b6c935810c271e4060b7a8fb5ebb7
Page 1 of 18
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close