Twenty Year Anniversary
Showing 1 - 25 of 320 RSS Feed

Files Date: 2006-08-27

Gentoo Linux Security Advisory 200608-22
Posted Aug 27, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200608-22 - Toth Andras has discovered a typographic mistake in the fbgs script, shipped with fbida if the fbcon and pdf USE flags are both enabled. This script runs gs without the -dSAFER option, thus allowing a PostScript file to execute, delete or create any kind of file on the system. Versions less than 2.03-r4 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 0b2f5466ba21d3dff057b1c3bae40f88
Gentoo Linux Security Advisory 200608-21
Posted Aug 27, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200608-21 - The ftpd and rcp applications provided by Heimdal fail to check the return value of calls to seteuid(). Versions less than 0.7.2-r3 are affected.

tags | advisory
systems | linux, gentoo
MD5 | d5d1da305786c9437fac97affa78f993
MU Security Advisory 2006-08.01
Posted Aug 27, 2006
Authored by MU Dynamics, Mu Security research team | Site labs.musecurity.com

A remote stack buffer overflow condition in Asterisk's MGCP implementation could allow for arbitrary code execution. The vulnerable code is triggered with the use of a malformed AUEP (audit endpoint) response message. A second issue exists in the handling of file names sent to the Record() application which could lead to arbitrary code execution via a format string attack or arbitrary file-overwrite via directory traversal techniques. The impact of this vulnerability is minimal, however, as it requires an administrator to use a client-controlled variable as part of the filename. Asterisk versions 1.0.0 through 1.2.10 are affected.

tags | advisory, remote, overflow, arbitrary, code execution
MD5 | 3405904e50aa9f70f1d70da48e2cecd0
Cisco Security Advisory 20060823-firewall
Posted Aug 27, 2006
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Certain versions of the software for the Cisco PIX 500 Series Security Appliances, the Cisco ASA 5500 Series Adaptive Security Appliances (ASA), and the Firewall Services Module (FWSM) are affected by a software bug that may cause the EXEC password, passwords of locally defined usernames, and the enable password in the startup configuration to be changed without user intervention. Unauthorized users can take advantage of this bug to try to gain access to a device that has been reloaded after passwords in its startup configuration have been changed. In addition, authorized users can be locked out and lose the ability to manage the affected device.

tags | advisory
systems | cisco
MD5 | b63295e8ec69d97fdaa4140ffa0564bc
Cisco Security Advisory 20060823-vpn3k
Posted Aug 27, 2006
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco VPN 3000 series concentrators are affected by two vulnerabilities when file management via File Transfer Protocol (FTP) is enabled that could allow authenticated or unauthenticated attackers to execute certain FTP commands and delete files on the concentrator.

tags | advisory, vulnerability, protocol
systems | cisco
MD5 | 6c366e24e3668602419ef2d97ed6e62d
fuckmd5.cpp
Posted Aug 27, 2006
Authored by slythers

MD5 recomputation proof of concept utility.

tags | cracker, proof of concept
MD5 | 10b0f78d48440ea7cd5c8cdbe5f8aef7
coolmessenger.txt
Posted Aug 27, 2006
Authored by Tan Chew Keong | Site vuln.sg

A vulnerability has been found in Cool Messenger Office/School Server. When exploited, the vulnerability allows any people to logon to the messenger server as any user without requiring knowledge of any passwords.

tags | advisory
MD5 | 961d09ddd420d199f8f40fb35acbe6fa
powerzip.txt
Posted Aug 27, 2006
Authored by Tan Chew Keong | Site vuln.sg

A vulnerability has been found in PowerZip version 7.06 build 3895. When exploited, the vulnerability allows execution of arbitrary code when the user opens a malicious ZIP archive.

tags | advisory, arbitrary
MD5 | df193db989e4e4b88a47b041f66d908a
mcafee-linux1.txt
Posted Aug 27, 2006
Authored by Wei Wang | Site mcafee.com

The Linux kernel is susceptible to a locally exploitable flaw which may allow local users to gain root privileges and execute arbitrary code at kernel privilege level. Versions affected include 2.4.23 through 2.4.32, 2.6 up to and including 2.6.17.7.

tags | advisory, arbitrary, kernel, local, root
systems | linux
MD5 | 0cebc5ef3a993b9cdc35b82e0c3c6b71
mcafee-symantec1.txt
Posted Aug 27, 2006
Authored by Anthony Bettini

The Symantec Enterprise Security Manager (ESM) platform and agent are susceptible to a race condition that can cause the application to lock up, resulting in a denial-of-service. Affected versions include Symantec Enterprise Security Manager Platform 6 and 6.5.x, Symantec Enterprise Security Manager Agent 6 and 6.5.x.

tags | advisory
MD5 | c519abbd194605b53361a5a3a6ef0917
blsXSS.txt
Posted Aug 27, 2006
Authored by PrOtOn, digi7al64

Blackboard Learning System release 6 suffers from a multitude of cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6e831032defc388589d964ba9c8a838e
Mandriva Linux Security Advisory 2006.147
Posted Aug 27, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-147 - A cross-site scripting (XSS) vulnerability exists in search.php in SquirrelMail versions 1.5.1 and below, when register_globals is enabled, allowing remote attackers to inject arbitrary HTML via the mailbox parameter.

tags | advisory, remote, arbitrary, php, xss
systems | linux, mandriva
advisories | CVE-2006-3174
MD5 | fe2ecf7a76e5b517a33ffcc36feeaa35
EEYE-MS06-042.txt
Posted Aug 27, 2006
Authored by Derek Soeder | Site eeye.com

eEye has confirmed that the Internet Explorer crash vulnerability as described in MS06-042 is indeed exploitable.

tags | advisory
MD5 | 9ef47386e4e24ffcfa4cb0702d3629b0
ids_evasion_oracle_sqlnet.pdf
Posted Aug 27, 2006
Authored by Joxean Koret

Write up discussing Oracle database IDS evasion techniques for SQL*Net.

tags | paper
MD5 | d59cda5242ec3439f74c6f7b13fb69ad
smf_11rc2_lock.html
Posted Aug 27, 2006
Authored by rgod | Site retrogod.altervista.org

Simple Machines Forum versions 1.1 rc2 and below "lock"/Zend_Hash_Del_Key_Or_Index exploit.

tags | exploit
MD5 | a9c5eb153c65c56035571ec24457b99d
smf_11rc2_local_incl.html
Posted Aug 27, 2006
Authored by rgod | Site retrogod.altervista.org

Simple Machines Forum versions 1.1 rc2 and below "lngfile" Zend_Hash_Del_Key_Or_Index/arbitrary local inclusion exploit for use on Windows machines.

tags | exploit, arbitrary, local
systems | windows
MD5 | 3d72b9d586b8bb3a6fcf546d6bee2855
mdaemon_poc.txt
Posted Aug 27, 2006
Authored by Leon Juranic | Site infigo.hr

Proof of concept remote exploit for the MDaemon POP3 preauth buffer overflow. MDaemon versions 8 and 9 are susceptible to this.

tags | exploit, remote, overflow, proof of concept
MD5 | 868f11c80e0e6ad1b05ea95414b4832d
INFIGO-2006-08-04.txt
Posted Aug 27, 2006
Authored by Leon Juranic | Site infigo.hr

During an audit, a critical vulnerability has been discovered in the MDaemon POP3 server. There is a buffer overflow vulnerability in 'USER' and 'APOP' command processing part of the Altn MDaemon POP3 server. The vulnerability can be triggered with providing a long string to USER or APOP commands with '@' characters included in the string. In this case, MDaemon will incorectly process the string and a heap overflow will happen as a result. To trigger the vulnerability, a few USER commands have to be sent to the POP3 Server. Sometimes (depending on the heap state and string length), it is even possible to redirect code execution directly to the supplied input buffer on the heap. MDaemon versions 8 and 9 are confirmed vulnerable.

tags | advisory, overflow, code execution
MD5 | d2a66b4cd82218e9adf2ff9ae6a3ab77
altnwebadmin.txt
Posted Aug 27, 2006
Authored by TTG

Alt-N WebAdmin versions 3.2.3 and 3.2.4 running with MDaemon version 9.0.5 are susceptible to a directory traversal attack.

tags | exploit
MD5 | 4d11cc657bd02fb9494b634241aa0d60
issue_28_2006.pdf
Posted Aug 27, 2006
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 28 - Featured articles include - How to Report Security Breaches and Why and Should we trust remote kids? monitoring services? - as well as an interview with Nick, SecureMAC.com.

tags | remote
MD5 | 2dad06c54efdb5f8b0878260d0632ddc
issue_27_2006.pdf
Posted Aug 27, 2006
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 27 - Featured articles include - Establishing an internal security awareness culture the basics and How do I figure out who?s attacking me? - as well as an interview with Roberto Preatoni, Zone-H.org.

MD5 | 1d239248643b035c51fbbbfc3d366329
issue_26_2006.pdf
Posted Aug 27, 2006
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 26 - Featured articles include - What is your position in the emerging market for software vulnerabilities? and If you don't take care of your Security, someone else will - as well as an interview with Martin Herfurt, Trifinite.org.

tags | vulnerability
MD5 | 914bb66f2c3d7c0677738a9557ffd182
issue_25_2006.pdf
Posted Aug 27, 2006
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 25 - Featured articles include - Organizational training and today's threatscape and Fortifying your browser even more! - as well as an interview with Johnny Long, johnny.ihackstuff.com.

MD5 | 8496fae85d6f478747a65bc2b0ed7893
issue_24_2005.pdf
Posted Aug 27, 2006
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 24 - Featured articles include - Breaking through security myths Part 2 and Threats posed by P2P software - as well as an interview with Vladimir, 3APA3A, Security.nnov.ru.

MD5 | 592d84f94493e54d07bb99b65f58ce07
issue_23_2005.pdf
Posted Aug 27, 2006
Authored by astalavista | Site astalavista.com

Astalavista Security Newsletter - Issue 23 - Featured articles include - Breaking through security myths Part 1 and Managing the threats posed by stolen laptops - Tips as well as an interview with David Endler, TippingPoint.com.

MD5 | 43a3a07cc1c3abe64cf523816efe04a3
Page 1 of 13
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    5 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close