what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2007-02-01

0701-exploits.tgz
Posted Feb 1, 2007
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for January, 2007.

tags | exploit
MD5 | 95724f85c8e7c3ede5c7034235ed9230
mimedefang-2.59.tar.gz
Posted Feb 1, 2007
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with Sendmail 8.11/8.12's new "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: A new "watch-multiple-mimedefangs.tcl" tool that lets you keep an eye on a cluster of MIMEDefang scanners. Fixes to the build scripts that should eliminate build problems on Intel/AMD 64-bit architectures. mimedefang generates the COMMANDS file more safely and more efficiently. Various other minor improvements and bug-fixes.
systems | windows, unix
MD5 | 03c8cbdabc56a27193402f453ba7debb
ExploitingJSON.pdf
Posted Feb 1, 2007
Authored by Aditya K Sood | Site zeroknock.metaeye.org

Whitepaper entitled Exploiting JSON Framework - 7 Attack Shots.

tags | paper
MD5 | 052059e9ca2376b0b9d89c6a6d5f7d1d
Debian Linux Security Advisory 1256-1
Posted Feb 1, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1256-1 - It was discovered that the image loading code in the GTK+ graphical user interface library performs insufficient error handling when loading malformed images, which may lead to denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2007-0010
MD5 | 04b34324ef7c745c3c0a166ead134e25
Gentoo Linux Security Advisory 200701-27
Posted Feb 1, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-27 - Teemu Salmela discovered an error in the validation code of smb:// URLs used by ELinks, the same issue as reported in GLSA 200612-16 concerning Links. Versions less than 0.11.2 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 6186634a29b53c15df8a6d424df4cfb6
Gentoo Linux Security Advisory 200701-26
Posted Feb 1, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-26 - KSirc fails to check the size of an incoming PRIVMSG string sent from an IRC server during the connection process. Versions less than 3.5.5-r1 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 818a74e3c4f13a6ceddd9c8806082188
Gentoo Linux Security Advisory 200701-28
Posted Feb 1, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200701-28 - thttpd is vulnerable to an underlying change made to the start-stop-daemon command in the current stable Gentoo baselayout package (version 1.12.6). In the new version, the start-stop-daemon command performs a chdir / command just before starting the thttpd process. In the Gentoo default configuration, this causes thttpd to start with the document root set to /, the system root directory. Versions less than 2.25b-r6 are affected.

tags | advisory, root
systems | linux, gentoo
MD5 | e992fad7912ab6e6d3587fdf16cc2501
Debian Linux Security Advisory 1255-1
Posted Feb 1, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1255-1 - Liu Qishuai discovered that the GNOME gtop library performs insufficient sanitising when parsing the system's /proc table, which may lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-0235
MD5 | 6b10603ecfdaa5f6ff1d5dedae59e8dd
Echo Security Advisory 2007.63
Posted Feb 1, 2007
Authored by y3dips, Echo Security | Site echo.or.id

Cadre suffers from a remote file inclusion flaw.

tags | exploit, remote, file inclusion
MD5 | dbe6dbe67c3ec2682c8b3daa37c2d9f5
Cisco Security Advisory 20070131-sip
Posted Feb 1, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco devices running IOS which support voice and are not configured for Session Initiated Protocol (SIP) are vulnerable to a crash under yet to be determined conditions, but isolated to traffic destined to Port 5060. SIP is enabled by default on all Advanced images which support voice and do not contain the fix for CSCsb25337. There are no reports of this vulnerability on the devices which are properly configured for SIP processing. Workarounds exist to mitigate the effects of this problem. IOS releases that include voice support after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG and all of 12.4 are affected.

tags | advisory, protocol
systems | cisco
MD5 | ef630cb93afce94787df82c139fd9b8b
NGS-traversal.txt
Posted Feb 1, 2007
Authored by Mark Litchfield | Site ngssoftware.com

Oracle 10g R2 Enterprise Manager suffers from a classic directory traversal flaw. Details provided.

tags | exploit, file inclusion
MD5 | 0c5b1958a382b2b56a78fd3ccad8e0f0
NGS00401.txt
Posted Feb 1, 2007
Authored by Mark Litchfield, John Heasman | Site ngssoftware.com

BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote resource exhaustion vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause LGSERVER.EXE to write very large files to the system disk. In addition, the LGSERVER.EXE process becomes unresponsive until the file has been written.

tags | advisory, remote, tcp
MD5 | f96044c51bcb9897bf083cf6eebbb52b
NGS00402.txt
Posted Feb 1, 2007
Authored by Mark Litchfield | Site ngssoftware.com

BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote denial of service vulnerability. By sending a specially crafted series of packets to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to cause the process to terminate.

tags | advisory, remote, denial of service, tcp
MD5 | 865b0f8edf04493798df6cd6397e3b54
NGS00403.txt
Posted Feb 1, 2007
Authored by Mark Litchfield | Site ngssoftware.com

BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote c ode execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 1900, it is possible to cause a stack overflow that allows arbitrary code execution as Local System.

tags | advisory, remote, overflow, arbitrary, local, tcp, code execution
MD5 | bb9d6d34d81c344270cf41343b5ab20a
NGS00404.txt
Posted Feb 1, 2007
Authored by Mark Litchfield | Site ngssoftware.com

BrightStor ARCserve Backup for Laptops and Desktops r11.1 suffers from a remote code execution vulnerability. By sending a specially crafted packet to the LGSERVER.EXE process that listens on TCP port 2200, it is possible to execute arbitrary code as SYSTEM on a Windows Platform.

tags | advisory, remote, arbitrary, tcp, code execution
systems | windows
MD5 | b7f57a2008ba7f24d464595979b82415
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close