what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2007-08-16

Ubuntu Security Notice 498-1
Posted Aug 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 498-1 - David Thiel discovered that libvorbis did not correctly verify the size of certain headers, and did not correctly clean up a broken stream. If a user were tricked into processing a specially crafted Vorbis stream, a remote attacker could execute arbitrary code with the user's privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-3106, CVE-2007-4029
SHA-256 | a4511d1bd36f2afda09a7e3ac14b8473de0af19daba8edad473f4096b0b8fcc2
Debian Linux Security Advisory 1356-1
Posted Aug 16, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1356-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-1353, CVE-2007-2172, CVE-2007-2453, CVE-2007-2525, CVE-2007-2876, CVE-2007-3513, CVE-2007-3642, CVE-2007-3848, CVE-2007-3851
SHA-256 | c53758ac8c375ec24755f85ab0df04f7bfb5b29732320b29f3d4926757945636
tlbinf32-exec.txt
Posted Aug 16, 2007
Authored by Brett Moore SA | Site security-assessment.com

The TypeLib Information object library, implemented in TlbInf32.dll, suffers from a code execution vulnerability.

tags | advisory, code execution
SHA-256 | e427ba1543206c21303e6311555a57d53749181577fe5dec7f3d533a7b88bb9b
pshtoolkit-1.0.tgz
Posted Aug 16, 2007
Authored by Hernan Ochoa | Site oss.coresecurity.com

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.

tags | remote, local
systems | windows
SHA-256 | 12647279df0a167a813e91d94627b92abe1cca879d0528921db39c1d55eb68d2
Mandriva Linux Security Advisory 2007.165
Posted Aug 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause cups to crash and possibly execute arbitrary code open a user opening the file.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387
SHA-256 | 615d492ff4a583c9964f4b3e57e745c7d62cad09d70886783f898e2b61f73d55
iDEFENSE Security Advisory 2007-08-15.1
Posted Aug 16, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.15.07 - Remote exploitation of a buffer overflow vulnerability within Environmental Systems Research Institute (ESRI) Inc.'s ArcSDE service allows attackers to crash the service or potentially execute arbitrary code. This vulnerability specifically exists due to insufficient buffer space when representing user-supplied numeric values in ASCII. Certain requests result in an sprintf() call using a static-sized 8 byte stack buffer. If an attacker supplies a number that's ASCII value cannot be represented within 8 bytes, a stack-based buffer overflow occurs. The vendor has confirmed that version 9.2 of ArcSDE, as bundled with ArcGIS, is vulnerable to this attack. All versions are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2007-4278
SHA-256 | 85dddbead8dfc3c87e54bea99eff2fcce5a1965f19503a8ee48cae1507f6c1be
Cisco Security Advisory 20070815-vpnclient
Posted Aug 16, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two vulnerabilities exist in the Cisco VPN Client for Microsoft Windows that may allow unprivileged users to elevate their privileges to those of the LocalSystem account.

tags | advisory, vulnerability
systems | cisco, windows
SHA-256 | 18048d89a26800b5a21868caa04299a7818e531df79579a76189757399dc853b
HP Security Bulletin 2006-12.60
Posted Aug 16, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Operations Manager for Windows (OVOW) with the OpenView Operations (OVO) add on module for OpenView Operations-Business Availability Center (OVO-BAC) integration running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.

tags | advisory, arbitrary
systems | windows
SHA-256 | 608afe549263e596b00d14b11caf4c738025f4acd09542bc88843cf783bb564b
mcafee-advisory-08-2007.txt
Posted Aug 16, 2007
Authored by Sebastian Wolfgarten | Site devtarget.org

A buffer overflow exists in McAfee Virus Scan for Linux and Unix version 5.10.0 that may allow for code execution in the context of the uid running it.

tags | advisory, overflow, code execution, virus
systems | linux, unix
SHA-256 | 653a20317b4d712bb76a36628d0b5713e8e22a2efbfa964476c159add50fc888
NSFOCUS-0701.txt
Posted Aug 16, 2007
Authored by Hu Qianwei | Site nsfocus.com

The NSFocus Security Team has discovered a memory corruption vulnerability in Internet Explorer 5 that allows arbitrary code execution when parsing a malicious CSS file.

tags | advisory, arbitrary, code execution
advisories | CVE-2007-0943
SHA-256 | 45a8f9aa9d38c801d412958f23324ee611836a6bd70dbf3506a5804651ce34bd
2wire-csrf.txt
Posted Aug 16, 2007
Authored by hkm

2wire routers versions 1701HG and 2071 Gateway are susceptible to cross site request forgery attacks.

tags | exploit, csrf
SHA-256 | 6e7c23ea90ad8a1a27332592fa4fb20f3c7323f8e82e7c0ce27f431e06c7a3ab
Mandriva Linux Security Advisory 2007.164
Posted Aug 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause tetex to crash and possibly execute arbitrary code open a user opening the file. In addition, tetex contains an embedded copy of the GD library which suffers from a number of bugs which potentially lead to denial of service and possibly other issues.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387, CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
SHA-256 | 4b9691f84f1ab3a6e1240a51aa912ed2ec78100d92ca0a1bb83a43b08e97b10a
Mandriva Linux Security Advisory 2007.162
Posted Aug 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause kpdf to crash and possibly execute arbitrary code open a user opening the file.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387
SHA-256 | 45a686b43c58e9dd3b89efec59673bc7779044afde8243ea96708d15a6f25b09
phpendangers.txt
Posted Aug 16, 2007
Authored by Arham Muhammad

Whitepaper entitled PHP Endangers - Remote Code Execution.

tags | paper, remote, php, code execution
SHA-256 | fc600865f3c5af11188782c06005c01ef0a387a4357eb31725436393278cd10f
systemedevote-rfi.txt
Posted Aug 16, 2007
Authored by Crackers_Child

Systeme de vote en temps version 1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 34c3272761112f763b48754f773655644abcd5449e12e80d542c3d77622da7cc
safari-upload.txt
Posted Aug 16, 2007
Authored by laurent gaffie

Safari version 3.0.3 allows for arbitrary file uploads.

tags | advisory, arbitrary, file upload
SHA-256 | 8489ee641a4ca6b92c2fe0637101f9baf5bf81edb10606acfab99ef50e353bbe
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close