exploit the possibilities
Showing 1 - 25 of 56 RSS Feed

Files Date: 2007-03-13

Mandriva Linux Security Advisory 2007.060
Posted Mar 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Many vulnerabilities were discovered and corrected in the Linux 2.6 kernel. The 2.6.17 kernel and earlier, when running on IA64 and SPARC platforms would allow a local user to cause a DoS (crash) via a malformed ELF file. The mincore function in the Linux kernel did not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. An unspecified vulnerability in the listxattr system call, when a "bad inode" is present, could allow a local user to cause a DoS (data corruption) and possibly gain privileges via unknown vectors. The zlib_inflate function allows local users to cause a crash via a malformed filesystem that uses zlib compression that triggers memory corruption. The ext3fs_dirhash function could allow local users to cause a DoS (crash) via an ext3 stream with malformed data structures. When SELinux hooks are enabled, the kernel could allow a local user to cause a DoS (crash) via a malformed file stream that triggers a NULL pointer derefernece. The key serial number collision avoidance code in the key_alloc_serial function in kernels 2.6.9 up to 2.6.20 allows local users to cause a crash via vectors thatr trigger a null dereference. The Linux kernel version 2.6.13 to 2.6.20.1 allowed a remote attacker to cause a DoS (oops) via a crafted NFSACL2 ACCESS request that triggered a free of an incorrect pointer. A local user could read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump; a variant of CVE-2004-1073.

tags | advisory, remote, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2006-4538, CVE-2006-4814, CVE-2006-5753, CVE-2006-5823, CVE-2006-6053, CVE-2006-6056, CVE-2007-0006, CVE-2007-0772, CVE-2007-0958
MD5 | 186a8d105b5a3c8a35936f0a69d24e0a
hcnews-blindsql.txt
Posted Mar 13, 2007
Authored by UniquE-Key

HC NewsSystem version 1.0-4 suffers from a blind SQL injection vulnerability in index.php.

tags | exploit, php, sql injection
MD5 | cbbea38cc4b916b693749f9fc5bf2ea5
SA-20070309-0.txt
Posted Mar 13, 2007
Authored by Bernhard Mueller, S.Streichbier | Site sec-consult.com

SEC-CONSULT Security Advisory 20070309-0 - Starting with version 5, MySQL provides access to the database metadata. When using functions that operate on strings in combination with subselects on information_schema tables and additional sorting of the results with the ORDER BY clause, a null-pointer dereferencation takes place causing a segmentation fault. This allows an attacker to crash the MySQL database. Versions below 5.0.37 are affected.

tags | advisory
MD5 | dc17b12aac7afeadc3dec710fdb0b1c5
Php Nuke POST Cross Site Scripting On Steroids
Posted Mar 13, 2007
Authored by Stefano Di Paola, Francesco Ongaro | Site ush.it

PHP Nuke version 8.0, and possibly lower versions, are susceptible to a POST cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 3f22e872fea3c471242fa8fac6024d02
wp212-sql.txt
Posted Mar 13, 2007
Authored by Omid

WordPress version 2.1.2 suffers from a SQL injection vulnerability.

tags | advisory, sql injection
MD5 | a32d884c4d889517051c4ea6cb217e08
script-rfi.txt
Posted Mar 13, 2007
Authored by Hasadya Raed

A remote file inclusion vulnerability exists in Script copyright (c) James Coyle.

tags | exploit, remote, code execution, file inclusion
MD5 | dc1108925e674c3eec7e40f804108bf6
copperminepg-rfi.txt
Posted Mar 13, 2007
Authored by Hasadya Raed

Coppermine Photo Gallery suffers from some remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | 1d1b7ded143dc8d26ae6e764d99ae3da
deviantART-xss.txt
Posted Mar 13, 2007
Authored by Hasadya Raed

deviantART suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7c272a8857658bbdd73a04a191251ec0
csa-driver.txt
Posted Mar 13, 2007
Authored by Daniel Roethlisberger | Site csnc.ch

COMPASS SECURITY ADVISORY - The Linux drivers for the Omnikey CardMan 4040 smartcard reader contains a buffer overflow vulnerability. Local attackers with direct or indirect write permissions to a cmx device file can execute arbitrary code with kernel privileges or may cause a denial of service condition. Proof of concept exploit included.

tags | exploit, denial of service, overflow, arbitrary, kernel, local, proof of concept
systems | linux
advisories | CVE-2007-0005
MD5 | 7dca159ebdcc3579a8aef062fa5d499b
serviziinformazionesicurezza_gov_it.txt
Posted Mar 13, 2007
Authored by samsainsekt

There is a cross site scripting vulnerability in www.serviziinformazionesicurezza.gov.it.

tags | exploit, xss
MD5 | 57a0685f67b7362991d9b76add881277
Mandriva Linux Security Advisory 2007.059
Posted Mar 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - GnuPG prior to 1.4.7 and GPGME prior to 1.1.4, when run from the command line, did not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components. This could allow a remote attacker to forge the contents of an email message without detection.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2007-1263
MD5 | 29fac82d9f9fa0eb344ffaba8fac4c09
Mandriva Linux Security Advisory 2007.058
Posted Mar 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original evaluation/patches were incomplete.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2007-0999
MD5 | 90cea44784355a654905e762f1b62748
Ubuntu Security Notice 434-1
Posted Mar 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 434-1 - It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-0999
MD5 | 080d2cb4a73acc56818bae6fd1b6446f
Ubuntu Security Notice 433-1
Posted Mar 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 433-1 - Moritz Jodeit discovered that the DMO loader of Xine did not correctly validate the size of an allocated buffer. By tricking a user into opening a specially crafted media file, an attacker could execute arbitrary code with the user's privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-1246
MD5 | 642d4cf4141d799f5662f91164e441f5
adv67-K-159-2007.txt
Posted Mar 13, 2007
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

WEBO versions 1.0 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
MD5 | 462038ca65c6548f6ba75c9dcb57c78d
Secunia Security Advisory 24443
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in xine-lib, which can potentially be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | a642604fa970b3fd16d57c5676829d6d
Secunia Security Advisory 24446
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for mplayer. This fixes a vulnerability, which can potentially be exploited by malicious people compromise a vulnerable system.

tags | advisory
systems | linux, mandriva
MD5 | e09a6547d47395c26a9182b9be7b9150
Secunia Security Advisory 24448
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for xine-lib. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, mandriva
MD5 | 34117fc4f95524d7c7a2b9c6d979fc39
Secunia Security Advisory 24461
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PHPEcho CMS, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | a7bd3c0be97956775abb60b9cb1efe0c
Secunia Security Advisory 24468
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for JRE / JDK. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | b418835c5fa9a11475f73fad43c7aa61
Secunia Security Advisory 24487
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Marsu Pilami has discovered a vulnerability in NewsReactor, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | ef1634be29ec6fecb6dec93fcc007743
Secunia Security Advisory 24491
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Marsu Pilami has discovered a vulnerability in NewsBin Pro, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 96254d2bf28aae81d1ab30325247dfd9
Secunia Security Advisory 24504
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PennMUSH, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | b00bb78856199b8ac4a9863148f36a02
Secunia Security Advisory 24444
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in MPlayer, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 9dcb829393a43fcadbc7796d5ef0ea7e
Secunia Security Advisory 24459
Posted Mar 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ktorrent. This fixes some vulnerabilities, which can be exploited by malicious people to overwrite arbitrary files on a user's system or to potentially compromise a user's system.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
MD5 | 91203b34ed58ab60d3d57b891e0f2a5e
Page 1 of 3
Back123Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close