what you don't know can hurt you
Showing 1 - 25 of 35 RSS Feed

Files Date: 2007-07-20

Ubuntu Security Notice 490-1
Posted Jul 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 490-1 - A slew of vulnerabilities have been fixed in the Firefox browser. Too many to list, but we suggest upgrading now.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738
MD5 | 69a260993d9439d3a91accde398b4888
wii-flash.txt
Posted Jul 20, 2007
Authored by Juha-Matti Laurio

It appears that the Wii is susceptible to the recent Flash vulnerability.

tags | advisory
advisories | CVE-2007-3456
MD5 | a9b33e8c3d3adde0e675d05dbd32efe8
Technical Cyber Security Alert 2007-200A
Posted Jul 20, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-200A - Oracle has released patches to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
MD5 | 7ec017aab5d0e9b1e0fe583299f1275b
heise-lotus.txt
Posted Jul 20, 2007
Authored by Juergen Schmidt | Site heise-security.co.uk

A debug function in versions 5 and above of Lotus Notes can be used to write a file containing the new password in plain text when a user password is changed.

tags | advisory
MD5 | 85742875ca20f3e82e3dea11989bb6b1
CA Security Advisory 35515
Posted Jul 20, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize Alert service functionality contain multiple vulnerabilities. The vulnerabilities are due to insufficient bounds checking on received data by certain RPC procedures. An attacker can exploit these buffer overflows to execute arbitrary code or cause service failure.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2007-3825
MD5 | ea597a900ed63173104b243d02af6b2b
iDEFENSE Security Advisory 2007-07-19.2
Posted Jul 20, 2007
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDefense Security Advisory 07.19.07 - Remote exploitation of an input handling vulnerability within multiple browsers on the Microsoft Windows platform allows code execution as the local user. This vulnerability is due to interaction between programs. The most commonly used Microsoft Windows URL protocol handling code doesn't provide a way for the URI handling application to distinguish the end of one argument from the start of another. The problem is caused by the fact that browsers do not pct-encode certain characters in some URIs, which does not comply with the behavior that RFC3986 (also known as IETF STD 66) requires. As a result, a specially constructed link could be interpreted as multiple arguments by a URI protocol handler.

tags | advisory, remote, local, code execution, protocol
systems | windows
advisories | CVE-2007-3670
MD5 | 401f50546fb7a6ac0740d19ed3abeec5
iDEFENSE Security Advisory 2007-07-19.1
Posted Jul 20, 2007
Authored by iDefense Labs, enhalos | Site idefense.com

iDefense Security Advisory 07.19.07 - Remote exploitation of a dangling pointer vulnerability in Opera Software ASA's Opera web browser could allow an attacker to execute arbitrary code with the privileges of the logged in user. Opera 9.2 supports BitTorrent downloads. When parsing a specially crafted BitTorrent header, Opera uses memory that has already been freed. This can result in an invalid object pointer being dereferenced, and may allow for the execution of arbitrary code. The vulnerability is triggered when the user right clicks on the transfer and removes it. iDefense has confirmed the existence of this vulnerability in Opera version 9.21 on Windows. Previous versions may also be affected.

tags | advisory, remote, web, arbitrary
systems | windows
MD5 | b5ed8c60f7cd7a1f4ccb27150d5ba7b5
docuwiki-xss.txt
Posted Jul 20, 2007
Authored by Cyrill Brunschwiler | Site csnc.ch

DocuWiki versions 2007-06-26 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 15a5ce6fa749f6679f8730fa4c1f8de0
Ubuntu Security Notice 489-2
Posted Jul 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 489-2 - USN-489-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding fixes for the redhat cluster suite kernel sources. A flaw was discovered in the cluster manager. A remote attacker could connect to the DLM port and block further DLM operations.

tags | advisory, remote, kernel, vulnerability
systems | linux, redhat, ubuntu
advisories | CVE-2007-3380
MD5 | fa2d1e36c3decb09b0108ca5b75c592a
Ubuntu Security Notice 489-1
Posted Jul 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 489-1 - A ridiculous amount of vulnerabilities in the Linux 2.6 kernel have been fixed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-4623, CVE-2006-7203, CVE-2007-0005, CVE-2007-1000, CVE-2007-1353, CVE-2007-1861, CVE-2007-2453, CVE-2007-2525, CVE-2007-2875, CVE-2007-2876, CVE-2007-2878, CVE-2007-3380, CVE-2007-3513
MD5 | 44760b5f718175c47aece71c76f178d5
rsbac-common-1.3.5.tar.bz2
Posted Jul 20, 2007
Site rsbac.org

Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.

Changes: Fixed compilation issue, various other tweaks.
tags | kernel
systems | linux
MD5 | c5cc66633c3de30d334929309ef707f6
Stega201.zip
Posted Jul 20, 2007
Authored by Asko Vuori

Stega version 2.01 for DOS can hide another file inside Bmp/Gif/Lst/Pcx/Raw/Tga/Txt/Voc/Wav file with 128-bit IDEA key. This is a freeware utility and the binary release of this program. stega.gif has full zipped (15k) FASM source inside.

tags | encryption, steganography
MD5 | 7bf01fcb41ab40d8e6b7d5e9afdf2ad6
versalsoft-overflow.txt
Posted Jul 20, 2007
Authored by shinnai | Site shinnai.altervista.org

Versalsoft HTTP File Uploader AddFile() remote buffer overflow exploit that makes use of UFileUploaderD.dll version 6.0.0.38.

tags | exploit, remote, web, overflow, file upload
MD5 | e279dd085cc55aef91282147b3d4deb5
bunkerview.txt
Posted Jul 20, 2007
Authored by Andrea Purificato | Site rawlab.mindcreations.com

Oracle 9i and 10g evil view change password exploit.

tags | exploit
advisories | CVE-2007-3855
MD5 | 156ce8ad96251504ce236cc580e21ff3
joomlapony-sql.txt
Posted Jul 20, 2007
Authored by ajann

Joomla component Pony Gallery versions 1.5 and below are susceptible to a blind SQL injection exploit that makes use of index.php.

tags | exploit, php, sql injection
MD5 | 1c633f7eb95c6f0c68d6881d221fcfad
Secunia Security Advisory 26066
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Rajesh Sethumadhavan has reported a vulnerability in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | c3c42243a0162e18ee1b096ec8f7bf41
Secunia Security Advisory 26092
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - hdiamant has discovered a security issue in the Samsung SCX-4200 Driver, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | 1238cd48ad50d9aae1da2dc4d8012d5e
Secunia Security Advisory 26103
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing and cross-site scripting attacks, and potentially compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
MD5 | 9e70c5e18bcb42e33e873d2bea959075
Secunia Security Advisory 26106
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | d4e19a6a19e5e067317e45723fb8b7de
Secunia Security Advisory 26107
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing and cross-site scripting attacks, and potentially compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
MD5 | 45f01190497aca349b97829975e36272
Secunia Security Advisory 26110
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tim Brown has reported some vulnerabilities in eVisit Analyst, which can be exploited by malicious people conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 8792a5cc40159bda47c3ea84d1a9f36d
Secunia Security Advisory 26113
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in MAXdev MD-Pro, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | cb9587d6b23dd3e37fc20219b935d084
Secunia Security Advisory 26118
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | e24a91df2a13f5656c2f5115e3b075e8
Secunia Security Advisory 26119
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for IBM Java JRE/SDK and Sun Java JRE/SDK. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, gain escalated privileges, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, suse
MD5 | ddbfa3fb496016a6ea412e29c2e3ecbf
Secunia Security Advisory 26121
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LedgerSMB, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | a68a54ed05e47dc199c4d0c71112cf7f
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    20 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close