exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2007-08-16

Ubuntu Security Notice 498-1
Posted Aug 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 498-1 - David Thiel discovered that libvorbis did not correctly verify the size of certain headers, and did not correctly clean up a broken stream. If a user were tricked into processing a specially crafted Vorbis stream, a remote attacker could execute arbitrary code with the user's privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-3106, CVE-2007-4029
MD5 | 1fa171cc33091ba997a41481db0d9703
Debian Linux Security Advisory 1356-1
Posted Aug 16, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1356-1 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, debian
advisories | CVE-2007-1353, CVE-2007-2172, CVE-2007-2453, CVE-2007-2525, CVE-2007-2876, CVE-2007-3513, CVE-2007-3642, CVE-2007-3848, CVE-2007-3851
MD5 | cf012807510b8261551f02c3597097d2
tlbinf32-exec.txt
Posted Aug 16, 2007
Authored by Brett Moore SA | Site security-assessment.com

The TypeLib Information object library, implemented in TlbInf32.dll, suffers from a code execution vulnerability.

tags | advisory, code execution
MD5 | 8b8dc31409539f5c54ad3f777ade2d98
pshtoolkit-1.0.tgz
Posted Aug 16, 2007
Authored by Hernan Ochoa | Site oss.coresecurity.com

The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions maintained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!). Both source tarball and binary tarballs are included.

tags | remote, local
systems | windows
MD5 | 93512dd3912e0cbc8c16551c50592991
Mandriva Linux Security Advisory 2007.165
Posted Aug 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause cups to crash and possibly execute arbitrary code open a user opening the file.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387
MD5 | 99560061e62852f302dc418de9ecbe74
iDEFENSE Security Advisory 2007-08-15.1
Posted Aug 16, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.15.07 - Remote exploitation of a buffer overflow vulnerability within Environmental Systems Research Institute (ESRI) Inc.'s ArcSDE service allows attackers to crash the service or potentially execute arbitrary code. This vulnerability specifically exists due to insufficient buffer space when representing user-supplied numeric values in ASCII. Certain requests result in an sprintf() call using a static-sized 8 byte stack buffer. If an attacker supplies a number that's ASCII value cannot be represented within 8 bytes, a stack-based buffer overflow occurs. The vendor has confirmed that version 9.2 of ArcSDE, as bundled with ArcGIS, is vulnerable to this attack. All versions are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2007-4278
MD5 | efc19a0f0f68db26f16302283e1efab6
Cisco Security Advisory 20070815-vpnclient
Posted Aug 16, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two vulnerabilities exist in the Cisco VPN Client for Microsoft Windows that may allow unprivileged users to elevate their privileges to those of the LocalSystem account.

tags | advisory, vulnerability
systems | cisco, windows
MD5 | 6c2a8850eb338fc8f428f12d96e27b35
HP Security Bulletin 2006-12.60
Posted Aug 16, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Operations Manager for Windows (OVOW) with the OpenView Operations (OVO) add on module for OpenView Operations-Business Availability Center (OVO-BAC) integration running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code.

tags | advisory, arbitrary
systems | windows
MD5 | 9e3666ef99dd1e1a4f75453786e8ca18
mcafee-advisory-08-2007.txt
Posted Aug 16, 2007
Authored by Sebastian Wolfgarten | Site devtarget.org

A buffer overflow exists in McAfee Virus Scan for Linux and Unix version 5.10.0 that may allow for code execution in the context of the uid running it.

tags | advisory, overflow, code execution, virus
systems | linux, unix
MD5 | bfdf3833ccef43127c2e0bed56d2de14
NSFOCUS-0701.txt
Posted Aug 16, 2007
Authored by Hu Qianwei | Site nsfocus.com

The NSFocus Security Team has discovered a memory corruption vulnerability in Internet Explorer 5 that allows arbitrary code execution when parsing a malicious CSS file.

tags | advisory, arbitrary, code execution
advisories | CVE-2007-0943
MD5 | 78b66138c5a9c2f8b17a6c7accc0ccf0
2wire-csrf.txt
Posted Aug 16, 2007
Authored by hkm

2wire routers versions 1701HG and 2071 Gateway are susceptible to cross site request forgery attacks.

tags | exploit, csrf
MD5 | 1cd9dcc85c631ceb685b593c17d415a5
Mandriva Linux Security Advisory 2007.164
Posted Aug 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause tetex to crash and possibly execute arbitrary code open a user opening the file. In addition, tetex contains an embedded copy of the GD library which suffers from a number of bugs which potentially lead to denial of service and possibly other issues.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387, CVE-2007-3472, CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476, CVE-2007-3477, CVE-2007-3478
MD5 | 560aefd25ba986b9c934330c057af1ae
Mandriva Linux Security Advisory 2007.162
Posted Aug 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause kpdf to crash and possibly execute arbitrary code open a user opening the file.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-3387
MD5 | 55cf063d551c12a226c033fbf592a01f
phpendangers.txt
Posted Aug 16, 2007
Authored by Arham Muhammad

Whitepaper entitled PHP Endangers - Remote Code Execution.

tags | paper, remote, php, code execution
MD5 | 75496cb8ab31fe5ed70fd44ed2edd52e
systemedevote-rfi.txt
Posted Aug 16, 2007
Authored by Crackers_Child

Systeme de vote en temps version 1 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 360d17dae01dfe96a6df7e35a10317a6
safari-upload.txt
Posted Aug 16, 2007
Authored by laurent gaffie

Safari version 3.0.3 allows for arbitrary file uploads.

tags | advisory, arbitrary, file upload
MD5 | 229284aecd6ed83bb4917e9a29a1a241
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close