exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2007-08-17

Ubuntu Security Notice 499-1
Posted Aug 17, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 499-1 - Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2006-5752, CVE-2007-1863, CVE-2007-3304
SHA-256 | 69c2ee81e5ba3748cde201f6e604a87d176a6e5c82bbc5fb13bacec9909aa2a6
iDEFENSE Security Advisory 2007-08-16.6
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability specifically exists due to insufficient validation of the length of attacker supplied data. When an attacker specifies a specially crafted string via certain environment variables, the string is copied into a static sized buffer stored on the stack. By supplying too much data, an attacker can overflow the buffer and overwrite stack-stored execution control structures resulting in arbitrary code execution. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, overflow, arbitrary, local, code execution
systems | linux, unix
advisories | CVE-2007-4276
SHA-256 | 2ce73c62807c4278c40ffa0601e9af21c2b385048feb81b35475702acd8470ab
iDEFENSE Security Advisory 2007-08-16.5
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of multiple untrusted search path vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities exist due to the execution of binaries or loading of libraries within untrusted paths. In each case, the path to a binary or library is generated based on an environment variable that is under attacker control. Additionally, the files to be executed or loaded are located in a directory under attacker control. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, local, vulnerability
systems | linux, unix
advisories | CVE-2007-4275
SHA-256 | 5577b8f6a48a6bedfc93172160c097112cad4770e7ab3d4afe01806091868426
iDEFENSE Security Advisory 2007-08-16.4
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of a directory creation vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability exists due to insecure directory creation within setuid-binaries included with DB2. While creating specific directory structures, attacker created symbolic links will be followed. This allows world-writable directories to be created anywhere on the file system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, local
systems | linux, unix
advisories | CVE-2007-4273
SHA-256 | 6bb87043d539277fe0a85042c481ab1af91f564f464c010d4f7c3bb59bc02e98
iDEFENSE Security Advisory 2007-08-16.3
Posted Aug 17, 2007
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of multiple file creation vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. By setting certain combinations of environment variables, an attacker is able to create or append to arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, arbitrary, local, vulnerability
systems | linux, unix
advisories | CVE-2007-4272
SHA-256 | 68f5e988169e1a1f9703ab258eee67f2763fe92aeb1c8a4ac21ddfb06c5cd74e
iDEFENSE Security Advisory 2007-08-16.2
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of a directory traversal vulnerability in IBM Corp.'s DB2 Universal Database allows attackers to cause a denial of service (DoS) condition or elevate privileges to root. Some DB2 binaries that are installed setuid-root will save event information to a log file. When creating the full path to the destination file, an environment variable is concatenated with "/tmp/". Since there is no checking for path traversal strings, such as "../", within the environment variable, an attacker is able to create arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, unix
advisories | CVE-2007-4271
SHA-256 | 6f620eab6537c31509d20ac985ce18180b4e6d3c22825695c8acd36e676cfc76
iDEFENSE Security Advisory 2007-08-16.1
Posted Aug 17, 2007
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of multiple race condition vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. In each case, a race condition exists between a check to see if an existing file is a symbolic link and modifying it. By quickly and repeatedly removing and recreating the file as a symbolic link, an attacker could modify arbitrary files with root privileges. iDefense confirmed the existence of these vulnerabilities in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, unix
advisories | CVE-2007-4270
SHA-256 | def2b551a679acaa494a7c32010e039efa2e488a7698767f83081bf79c986072
Gentoo Linux Security Advisory 200708-12
Posted Aug 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-12 - Wireshark doesn't properly handle chunked encoding in HTTP responses, iSeries capture files, certain types of DCP ETSI packets, and SSL or MMS packets. An off-by-one error has been discovered in the DHCP/BOOTP dissector when handling DHCP-over-DOCSIS packets. Versions less than 0.99.6 are affected.

tags | advisory, web
systems | linux, gentoo
advisories | CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3393
SHA-256 | af6cb3a05dedc8d0f0b1cdb1bcbf0cf1cf3cdb6c487be371388dd3e7d3aecae4
Gentoo Linux Security Advisory 200708-11
Posted Aug 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-11 - Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP headers, the mod_auth and mod_scgi modules, and the limitation of active connections. Versions less than 1.4.16 are affected.

tags | advisory, web
systems | linux, gentoo
advisories | CVE-2007-3946, CVE-2007-3947, CVE-2007-3948, CVE-2007-3949, CVE-2007-3950
SHA-256 | 4b93d00e8346ee0513619fe0cb000ab50487fcd726d600745ed90dd8a12b0ecb
Gentoo Linux Security Advisory 200708-10
Posted Aug 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-10 - Dormando reported a vulnerability within the handling of password packets in the connection protocol. Andrei Elkin also found that the CREATE TABLE LIKE command didn't require SELECT privileges on the source table. Versions less than 5.0.44 are affected.

tags | advisory, protocol
systems | linux, gentoo
advisories | CVE-2007-3780, CVE-2007-3781
SHA-256 | 39e9b5dcb8341de0eef94ba1c55dcfed5cfb6abfd1c5592e1d020349a61457d8
aspnet-xss.txt
Posted Aug 17, 2007
Authored by GeFORC3

The ASP.NET version of Text File Search suffers from a cross site scripting vulnerability.

tags | exploit, xss, asp
SHA-256 | 66263ba1b03a3bc49325c2ae5abed2036b824a42558fbb63ba016b1bcac46d90
tfsc-xss.txt
Posted Aug 17, 2007
Authored by GeFORC3

Text File Search Classic ASP suffers from a cross site scripting vulnerability.

tags | exploit, xss, asp
SHA-256 | d9304302bd0601615327d029228a49aee51781e275fd51fa35cf5596ebc7ccbd
TS-2007-003-0.txt
Posted Aug 17, 2007
Authored by forloop

Template Security has discovered a root privilege escalation vulnerability in the BlueCat Networks Adonis DNS/DHCP appliance which allows the admin user to gain root privilege from the Command Line Interface (CLI). Adonis version 5.0.2.8 is susceptible. Exploit details included.

tags | exploit, root
SHA-256 | 219aa7d9b7cf70a7456a29006c7032444b70633a33926ddf828895ebe52d9a93
olate-bypass.txt
Posted Aug 17, 2007
Authored by imei addmimistrator | Site myimei.com

Olate Download version 3.4.1 suffers from an authentication bypass vulnerability in admin.php.

tags | advisory, php, bypass
SHA-256 | c653e98a19525918ae3457e1ba83227b7bd19bb919bd8740854b5dc25e99f6ef
oracle-forensics-6.pdf
Posted Aug 17, 2007
Authored by David Litchfield | Site databasesecurity.com

Whitepaper: Oracle Forensics Part 6 - Examining Undo Segments, Flashback and the Oracle Recycle Bin.

tags | paper
SHA-256 | 76e1d7ed99164fa689c01f4960b40e5de09c7ff60fa91c3fe4fcaabf1c4422f2
bfdict.sh.txt
Posted Aug 17, 2007
Authored by sin

Brute force dictionary generator written as a bash shell script.

tags | shell, cracker, bash
SHA-256 | 89758529c904f92045403f5012116598004a14921235d4970e273bc616233144
NGS-cvpnd.txt
Posted Aug 17, 2007
Authored by Dominic Beecher | Site ngssoftware.com

NGS has discovered a local privilege escalation vulnerability in the Cisco VPN client. Versions below 5.0.01.0600 are affected.

tags | advisory, local
systems | cisco
SHA-256 | 436882c9a5494e1185241b6fe402d4ef752be7a51be1314974bd0e4dfed3317c
edraw-insecure.txt
Posted Aug 17, 2007
Authored by shinnai | Site shinnai.altervista.org

EDraw Office Viewer Component version 5.1 HttpDownloadFile() insecure method exploit.

tags | exploit
SHA-256 | 0087365c213a194631e52cec6d5a488a7e66652d404dc2be8c61f20c07488d4c
Secunia Security Advisory 26402
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | bc5bd0fefc6939931b51cd4b71d07178432ca03b266bd9c0acaab8cda7cd0727
Secunia Security Advisory 26428
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Dell Remote Access Card 4, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, remote, denial of service
SHA-256 | e5c14aa3d23da72b7e6ffbc6e30fffdabb002eb9a7dbaab41c1c5896e2b2e8cc
Secunia Security Advisory 26469
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Robert Watson has reported some vulnerabilities in Generic Software Wrappers Toolkit, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local, vulnerability
SHA-256 | f5ae77b98f467601879a9e35d96266682a4419f32e36597f2e4bb63bc9bdf7ab
Secunia Security Advisory 26471
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM DB2, some of which have an unknown impact, while others can potentially be exploited to bypass certain security restrictions or perform certain actions with escalated privileges.

tags | advisory, vulnerability
SHA-256 | aba8b13b5866d4d55b9e3ff680c5f92115e2e9ae3d34495296274d33d23b8843
Secunia Security Advisory 26474
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Robert Watson has reported some vulnerabilities in CerbNG, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local, vulnerability
SHA-256 | 0d43b1cf628111546ad655bb73fc09c82b66a12ddc08aac26b734063fa2801e4
Secunia Security Advisory 26478
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information or to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | 5e6623cde4cc5847d382e804a63e58e400da874f3bdc26afd6dfcc05bb484f41
Secunia Security Advisory 26479
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Robert Watson has reported some vulnerabilities in Systrace and Sysjail included in OpenBSD, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | openbsd
SHA-256 | aa29115f07f508be187472b7d69d97e72f5394eb35302299ced96dba0058bc36
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close