the original cloud security
Showing 1 - 25 of 78 RSS Feed

Files Date: 2007-07-13

verisign-redirect.txt
Posted Jul 13, 2007
Authored by Aditya K Sood | Site secniche.org

Verisign has various open HTTP redirect servers that may assist phishing.

tags | advisory, web
MD5 | cd49eb736abc0756d54da4034f1314b8
mzkblog-sql.txt
Posted Jul 13, 2007
Authored by GeFORC3

MzK Blog suffers from a SQL injection vulnerability in katgoster.asp.

tags | exploit, sql injection, asp
MD5 | 60d39a1e91a5664b25eb18efd37f2fde
chroot_sshd_linux.pdf
Posted Jul 13, 2007
Authored by Paul Sebastian Ziegler | Site observed.de

Whitepaper discussing how to chroot SSHd on Linux.

tags | paper
systems | linux
MD5 | b8ac8bec7c6f34e51f6e3e029d5c3b43
Ubuntu Security Notice 483-1
Posted Jul 13, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 483-1 - Peter Johannes Holzer discovered that the Net::DNS Perl module had predictable sequence numbers. This could allow remote attackers to carry out DNS spoofing, leading to possible man-in-the-middle attacks. Steffen Ullrich discovered that the Net::DNS Perl module did not correctly detect recursive compressed responses. A remote attacker could send a specially crafted packet, causing applications using Net::DNS to crash or monopolize CPU resources, leading to a denial of service.

tags | advisory, remote, denial of service, perl, spoof
systems | linux, ubuntu
advisories | CVE-2007-3377, CVE-2007-3409
MD5 | 1ee28020e77f1222473434a7acd3442a
MSA01110707.txt
Posted Jul 13, 2007
Authored by Stefano Di Paola | Site mindedsecurity.com

By using a specially crafted "flv" video it is possible to trigger an integer overflow inside Adobe Flash interpreter which could lead to client/browser-plugin crash, arbitrary code execution or system denial of service.

tags | advisory, denial of service, overflow, arbitrary, code execution
MD5 | b746354064d05658a8ac2541f856ee2f
esyndicat-sql.txt
Posted Jul 13, 2007
Authored by d3v1l

eSyndiCat is susceptible to multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 5d0af3c6127d3418e099b6a1355d200e
TISA2007-03-Public.pdf
Posted Jul 13, 2007
Authored by Edi Strosar | Site teamintell.com

TeamIntell has discovered a local buffer overflow vulnerability in Poslovni Informator Republike Slovenije 2007 aka PIRS2007, a data collection of companies and active business subjects in Slovenia.

tags | advisory, overflow, local
MD5 | 919831362bf3d6210792106c6233a5a2
Secunia Security Advisory 26048
Posted Jul 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for php4 and php5. This fixes some vulnerabilities, where one has an unknown impact and others can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges, and by malicious people to to cause a DoS (Denial of Service), bypass certain security restrictions, and potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
MD5 | c627f109497c8821ea6e54df8ef74e0a
AL-2007-0071.txt
Posted Jul 13, 2007
Site auscert.org

AUSCERT ALERT - A buffer overflow vulnerability in the image parsing code in the Java Runtime Environment may allow an untrusted applet or application to elevate its privileges. For example, an applet may grant itself permissions to read and write local files or execute local applications that are accessible to the user running the untrusted applet. A second vulnerability may allow an untrusted applet or application to cause the Java Virtual Machine to hang. The first vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier. The second vulnerability affects JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_19 and earlier.

tags | advisory, java, overflow, local
advisories | CVE-2007-2788, CVE-2007-2789
MD5 | a41671b4f430da1c16c147c82f9ed593
Secunia Security Advisory 26014
Posted Jul 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for perl-Net-DNS. This fixes some vulnerabilities, which can be exploited to poison the DNS cache or cause a DoS (Denial of Service).

tags | advisory, denial of service, perl, vulnerability
systems | linux, mandriva
MD5 | 8e09d95da712e2c2a5135aa0373426c7
Secunia Security Advisory 26021
Posted Jul 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Rapha

tags | advisory, denial of service
MD5 | 8544c0f247174e8b37ae9b684bb779c5
Secunia Security Advisory 26050
Posted Jul 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in libarchive, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
MD5 | 1572b6997243e2bde17b5ad259a14090
Secunia Security Advisory 26058
Posted Jul 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Aaron Portnoy has reported a vulnerability in Progress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | a079f9adf311e6e77bb75ebf646d1bc7
Secunia Security Advisory 26062
Posted Jul 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - FreeBSD has issued an update for libarchive. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | freebsd
MD5 | 70419ede6ffd5fd306296e4e57f840e1
Secunia Security Advisory 26067
Posted Jul 13, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - RSA has acknowledged a vulnerability in some products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 4ea57dc5c28c2509395bb95efbc193a3
youtube-bypass2.txt
Posted Jul 13, 2007

YouTube.com suffers from an age verification bypass vulnerability via using googlevideo.com to watch the recording.

tags | exploit, bypass
MD5 | a96d914899443a84a2250afdb974729b
rt-sa-2007-007.txt
Posted Jul 13, 2007
Site redteam-pentesting.de

ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a permissions settings security issue.

tags | advisory
advisories | CVE-2007-3018
MD5 | d8c620ba7a554e369327d362c0cbe1b1
rt-sa-2007-006.txt
Posted Jul 13, 2007
Site redteam-pentesting.de

ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a design flaw where it performs client side content filtering to restrict javascript insertion.

tags | advisory, javascript
advisories | CVE-2007-3017
MD5 | 0ddb4bcd94e3a0f8bea6da9f484240bc
rt-sa-2007-005.txt
Posted Jul 13, 2007
Site redteam-pentesting.de

ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2007-3014
MD5 | 760603a23574ffb0492983918120073a
rt-sa-2007-004.txt
Posted Jul 13, 2007
Site redteam-pentesting.de

ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a SQL injection vulnerability.

tags | exploit, sql injection
advisories | CVE-2007-3013
MD5 | b8e37e33817af05e6d80a52f41b5fae0
multi-xss.txt
Posted Jul 13, 2007
Authored by Hanno Boeck | Site hboeck.de

Various popular web sites like thepiratebay.org and internic.net suffer from cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | fd672e1ddf398dff373ca2f488ea6d09
Zero Day Initiative Advisory 07-040
Posted Jul 13, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. User interaction is not required to exploit this vulnerability. The specific flaw exists during the process of scanning multiple maliciously formatted CAB archives. The parsing routine implicitly trusts certain user-supplied values that can result in an exploitable heap corruption.

tags | advisory, remote, arbitrary
advisories | CVE-2007-0447
MD5 | be8e5cb1bb99fd0fd8db4aeca12bec60
Zero Day Initiative Advisory 07-039
Posted Jul 13, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to create a denial of service condition on software with vulnerable installations of the Symantec's AntiVirus engine. Authentication is not required to exploit this vulnerability. The specific flaw resides in a forged PACK_SIZE field of a RAR file header. By setting this field to a specific value an infinite loop denial of service condition will occur when the scanner processes the file.

tags | advisory, denial of service
advisories | CVE-2007-3699
MD5 | ef3052215879695af8421987750c8dd3
TPTI-07-12.txt
Posted Jul 13, 2007
Authored by Aaron Portnoy | Site dvlabs.tippingpoint.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of RSA Authentication Manager and other products that include the Progress server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Progress Server listening by default on TCP ports 5520 and 5530. The _mprosrv.exe process trusts a user-supplied DWORD size and attempts to receive that amount of data into a statically allocated heap buffer

tags | advisory, arbitrary, tcp
advisories | CVE-2007-2417
MD5 | 5e0ed789c25b8e4dd5a76e87be3f6576
Mandriva Linux Security Advisory 2007.146
Posted Jul 13, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data. A denial of service vulnerability was found in how Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding.

tags | advisory, remote, denial of service, perl
systems | linux, mandriva
advisories | CVE-2007-3377, CVE-2007-3409
MD5 | 858a1ffee7d19abb06a54ea28e358ddb
Page 1 of 4
Back1234Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close