the original cloud security
Showing 1 - 25 of 52 RSS Feed

Files Date: 2006-11-13

Secunia Security Advisory 22793
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Laurent Gaffi

tags | advisory, vulnerability, sql injection
MD5 | 29deedc4271f8eda22741a0a5ea6c9a0
Secunia Security Advisory 22743
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Tru64, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | d07f30c41e9404c4700c0f9f5e31bf7d
reboot-kk.c
Posted Nov 13, 2006
Authored by Kris Katterjohn

20 byte Linux/x86 shellcode that reboots the system.

tags | x86, shellcode
systems | linux
MD5 | 806ee3feaa815152d315701d462f6c04
modsecips.html
Posted Nov 13, 2006
Authored by Jesus Oquendo | Site infiltrated.net

Securing LAMP - A whitepaper that discusses a methodology to configure, test, and run a Secure LAMP environment.

tags | paper
MD5 | bcacccdeb14c1322732a9766c791d51a
Zero Day Initiative Advisory 06-039
Posted Nov 13, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Marshal MailMarshal (formerly of NetIQ). Authentication is not required to exploit this vulnerability. The specific flaw exists within the extraction and scanning of ARJ compressed attachments. Due to incorrect sandboxing of extracted filenames that contain directory traversal modifiers such as "../", an attacker can cause an executable to be created in an arbitrary location. Affected are MailMarshal SMTP 5.x, 6.x, and 2006 and MailMarshal for Exchange 5.x.

tags | advisory, remote, arbitrary
advisories | CVE-2006-5487
MD5 | d482dcd713a7808dbf5015d0395dc535
Gentoo Linux Security Advisory 200611-5
Posted Nov 13, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200611-05 - Paul Szabo reported that an incorrect seteuid() call after the chdir() function can allow an attacker to access a normally forbidden directory, in some very particular circumstances, for example when the NFS-hosted targeted directory is not reachable by the client-side root user. Additionally, some potentially exploitable unchecked setuid() calls were also fixed. Versions less than 0.17-r4 are affected.

tags | advisory, root
systems | linux, gentoo
MD5 | 009b4341f09b3bc65697cf677e71f060
OpenPKG Security Advisory 2006.33
Posted Nov 13, 2006
Authored by OpenPKG Foundation | Site openpkg.org

OpenPKG Security Advisory OpenPKG-SA-2006.033 - Evgeny Legerov discovered a vendor-confirmed denial of service vulnerability in OpenLDAP. The vulnerability allows remote attackers to cause a DoS via a certain combination of LDAP "Bind" requests that trigger an assertion failure in "libldap". The flaw is caused by incorrectly computing the length of a normalized name.

tags | advisory, remote, denial of service
advisories | CVE-2006-5779
MD5 | fc9c419e7027615b51a28aea5fd2253f
Netragard Security Advisory 2006-08-10
Posted Nov 13, 2006
Authored by Netragard | Site netragard.com

Netragard, L.L.C Advisory NETRAGARD-20060810 - libpthread suffers from a buffer overflow vulnerability which may enable an attacker to execute arbitrary commands on the system. This vulnerability may potentially be exploited by a creating a specially crafted buffer and inserting it into the PTHREAD_CONFIG variable. Version 5.1b is affected.

tags | advisory, overflow, arbitrary
MD5 | c15d7a566c97361fe11f65fdbda11ff9
Mandriva Linux Security Advisory 2006.206
Posted Nov 13, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-206 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.8.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748
MD5 | e185d43e44a3d0d59472a916814d2c9d
Mandriva Linux Security Advisory 2006.205
Posted Nov 13, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-205 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.8.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-5462, CVE-2006-5463, CVE-2006-5464, CVE-2006-5747, CVE-2006-5748
MD5 | 0808cf1417535758c32ef244418dde91
Gentoo Linux Security Advisory 200611-4
Posted Nov 13, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200611-04 - Bugzilla is vulnerable to cross-site scripting, script injection, and request forgery. Versions less than 2.18.6 are affected.

tags | advisory, xss
systems | linux, gentoo
MD5 | b43590070f7b3bd00f7c82cef15a01a0
wheatblogXSS.txt
Posted Nov 13, 2006
Authored by benjamin moss, laurent gaffie | Site s-a-p.ca

Wheatblog suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | a0167ccbebf534024ff90ab2df88be10
Ubuntu Security Notice 379-1
Posted Nov 13, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 379-1 - Miloslav Trmac discovered a buffer overflow in texinfo's index processor. If a user is tricked into processing a .texi file with texindex, this could lead to arbitrary code execution with user privileges.

tags | advisory, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2006-4810
MD5 | 622c73f9b543b2cf4d53eb7b07e702d8
landshop.txt
Posted Nov 13, 2006
Authored by benjamin moss, laurent gaffie | Site s-a-p.ca

The LandShop Real Estate software suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | 0e62ba1eff5d709dbf095c4bddfef6ed
Debian Linux Security Advisory 1207-1
Posted Nov 13, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1207-1 - Several remote vulnerabilities have been discovered in phpMyAdmin that allow for everything from CRLF injection to cross site scripting.

tags | advisory, remote, vulnerability, xss
systems | linux, debian
advisories | CVE-2006-1678, CVE-2006-2418, CVE-2005-3621, CVE-2005-3665, CVE-2006-5116
MD5 | fea33ade215c7ca57bfc1b0749162d30
Zero Day Initiative Advisory 06-038
Posted Nov 13, 2006
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix MetaFrame Presentation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine IMA_SECURE_DecryptData1() defined in ImaSystem.dll and is reachable through the Independent Management Architecture (IMA) service (ImaSrv.exe) that listens on TCP port 2512 or 2513. The encryption scheme used is reversible and relies on several 32-bit fields indicating the size of the packet and the offsets to the authentication strings. During the decryption of authentication data an attacker can specify invalid sizes that result in an exploitable heap corruption.

tags | advisory, arbitrary, tcp
advisories | CVE-2006-5821
MD5 | f0bd5ceb8b34ccd9f92b4d36d57575d7
iDEFENSE Security Advisory 2006-11-08.3
Posted Nov 13, 2006
Authored by iDefense Labs, Eric DETOISIEN | Site idefense.com

iDefense Security Advisory 11.08.06 - Remote exploitation of an input validation error in Citrix Systems Inc.'s Metaframe Presentation Server 4.0 IMA service may allow an attacker to cause a denial of service (DoS) condition. The IMA (Independent Management Architecture) server component Citrix's Presentation Server (previously known as Metaframe) contains an input validation error in the handling of certain packet types. By constructing a specific packet, it is possible to cause the service to reference an unmapped memory address. This causes an unhandled exception, which in turn causes the service to exit, resulting in a DoS condition. This vulnerability has been confirmed to affect Citrix Presentation Server 4.0. Previous versions may also be affected.

tags | advisory, remote, denial of service
MD5 | d2061b8b90155f67a264ed1015c4a193
bitweaver131.txt
Posted Nov 13, 2006
Authored by benjamin moss, laurent gaffie | Site s-a-p.ca

Bitweaver versions 1.3.1 and below suffer from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | bf387c91a0715eb7c529e193ba250fa1
gnugv362.txt
Posted Nov 13, 2006
Authored by Renaud Lifchitz

GNU gv version 3.6.2 is susceptible to a remote stack overflow vulnerability. This issue exists because the application fails to perform proper boundary checks before copying user-supplied data into process buffers.

tags | exploit, remote, overflow
MD5 | 2bb2458403518a10a12116602486f84c
Secunia Security Advisory 22816
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Paul Szabo has reported some vulnerabilities in the Linux NetKit FTP Server, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information, or perform certain actions with escalated privileges.

tags | advisory, local, vulnerability
systems | linux
MD5 | f38a22b5f9ecfd65b5186427e3491821
Secunia Security Advisory 22699
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Novell BorderManager, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions via replay attacks.

tags | advisory, denial of service
MD5 | be0270e8a2fc1ef415fd018b528e635b
Secunia Security Advisory 22711
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Juniper products, which potentially can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | juniper
MD5 | 5eaadd03775e46e196b1053c98ae64df
Secunia Security Advisory 22716
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Vieira-Kurz has reported some vulnerabilities in xenis.creator, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 19f08b59253d04083f80680c34f8962e
Secunia Security Advisory 22776
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - LMH has reported a vulnerability in Fedora Core, which can be exploited by malicious, local users to cause a DoS (Denial of Service)

tags | advisory, denial of service, local
systems | linux, fedora
MD5 | f56138b10c0672a2cca4cb2d28411ede
Secunia Security Advisory 22805
Posted Nov 13, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r0ut3r has discovered some vulnerabilities in ContentNow, which can be exploited by malicious people to disclose certain sensitive information, perform certain actions with escalated privileges, or to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 6d7d7417e7e3853a5c8419273d515663
Page 1 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close