exploit the possibilities
Showing 1 - 25 of 27 RSS Feed

Files Date: 2007-08-17

Ubuntu Security Notice 499-1
Posted Aug 17, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 499-1 - Stefan Esser discovered that mod_status did not force a character set, which could result in browsers becoming vulnerable to XSS attacks when processing the output. If a user were tricked into viewing server status output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. By default, mod_status is disabled in Ubuntu. Niklas Edmundsson discovered that the mod_cache module could be made to crash using a specially crafted request. A remote user could use this to cause a denial of service if Apache was configured to use a threaded worker. By default, mod_cache is disabled in Ubuntu. A flaw was discovered in the signal handling of Apache. A local attacker could trick Apache into sending SIGUSR1 to other processes. The vulnerable code was only present in Ubuntu Feisty.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2006-5752, CVE-2007-1863, CVE-2007-3304
MD5 | 7c60f4ea73486685f797832eeb5940f5
iDEFENSE Security Advisory 2007-08-16.6
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of a buffer overflow vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability specifically exists due to insufficient validation of the length of attacker supplied data. When an attacker specifies a specially crafted string via certain environment variables, the string is copied into a static sized buffer stored on the stack. By supplying too much data, an attacker can overflow the buffer and overwrite stack-stored execution control structures resulting in arbitrary code execution. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, overflow, arbitrary, local, code execution
systems | linux, unix
advisories | CVE-2007-4276
MD5 | c5b91aebbfaea50b067a3bd8179c060e
iDEFENSE Security Advisory 2007-08-16.5
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of multiple untrusted search path vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities exist due to the execution of binaries or loading of libraries within untrusted paths. In each case, the path to a binary or library is generated based on an environment variable that is under attacker control. Additionally, the files to be executed or loaded are located in a directory under attacker control. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, local, vulnerability
systems | linux, unix
advisories | CVE-2007-4275
MD5 | b11f7e9a67d7aeac3783ed4668d0fd69
iDEFENSE Security Advisory 2007-08-16.4
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of a directory creation vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. This vulnerability exists due to insecure directory creation within setuid-binaries included with DB2. While creating specific directory structures, attacker created symbolic links will be followed. This allows world-writable directories to be created anywhere on the file system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, local
systems | linux, unix
advisories | CVE-2007-4273
MD5 | e7074858185112623a7ed4e554ff2dd6
iDEFENSE Security Advisory 2007-08-16.3
Posted Aug 17, 2007
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of multiple file creation vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. By setting certain combinations of environment variables, an attacker is able to create or append to arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, arbitrary, local, vulnerability
systems | linux, unix
advisories | CVE-2007-4272
MD5 | fa67305bc50f5d281ebe6e85e267c4ce
iDEFENSE Security Advisory 2007-08-16.2
Posted Aug 17, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of a directory traversal vulnerability in IBM Corp.'s DB2 Universal Database allows attackers to cause a denial of service (DoS) condition or elevate privileges to root. Some DB2 binaries that are installed setuid-root will save event information to a log file. When creating the full path to the destination file, an environment variable is concatenated with "/tmp/". Since there is no checking for path traversal strings, such as "../", within the environment variable, an attacker is able to create arbitrary files on the system. iDefense confirmed the existence of this vulnerability in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, unix
advisories | CVE-2007-4271
MD5 | d9c108b924ba8ae4d0455dbfaa0f0745
iDEFENSE Security Advisory 2007-08-16.1
Posted Aug 17, 2007
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 08.16.07 - Local exploitation of multiple race condition vulnerabilities in IBM Corp.'s DB2 Universal Database could allow attackers to elevate privileges to the superuser. These vulnerabilities are due to insufficient checking being performed while handling files with elevated privileges. In each case, a race condition exists between a check to see if an existing file is a symbolic link and modifying it. By quickly and repeatedly removing and recreating the file as a symbolic link, an attacker could modify arbitrary files with root privileges. iDefense confirmed the existence of these vulnerabilities in version 9.1 Fix Pack 2 of IBM Corp.'s DB2 Universal Database installed on a Linux system. All prior versions, as well as builds for other UNIX-based operating systems, are suspected to be vulnerable.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, unix
advisories | CVE-2007-4270
MD5 | 515807fc57dc8ba1f64372577e80ee74
Gentoo Linux Security Advisory 200708-12
Posted Aug 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-12 - Wireshark doesn't properly handle chunked encoding in HTTP responses, iSeries capture files, certain types of DCP ETSI packets, and SSL or MMS packets. An off-by-one error has been discovered in the DHCP/BOOTP dissector when handling DHCP-over-DOCSIS packets. Versions less than 0.99.6 are affected.

tags | advisory, web
systems | linux, gentoo
advisories | CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3393
MD5 | cc88b54041517dcd6ccb51035dc695b2
Gentoo Linux Security Advisory 200708-11
Posted Aug 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-11 - Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP headers, the mod_auth and mod_scgi modules, and the limitation of active connections. Versions less than 1.4.16 are affected.

tags | advisory, web
systems | linux, gentoo
advisories | CVE-2007-3946, CVE-2007-3947, CVE-2007-3948, CVE-2007-3949, CVE-2007-3950
MD5 | 9bd27ce7a20101b5b936e1a7c226f9cb
Gentoo Linux Security Advisory 200708-10
Posted Aug 17, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200708-10 - Dormando reported a vulnerability within the handling of password packets in the connection protocol. Andrei Elkin also found that the CREATE TABLE LIKE command didn't require SELECT privileges on the source table. Versions less than 5.0.44 are affected.

tags | advisory, protocol
systems | linux, gentoo
advisories | CVE-2007-3780, CVE-2007-3781
MD5 | ee0149052460245ae2cdba93d6f42499
aspnet-xss.txt
Posted Aug 17, 2007
Authored by GeFORC3

The ASP.NET version of Text File Search suffers from a cross site scripting vulnerability.

tags | exploit, xss, asp
MD5 | 1a29eed921a70a5b9de236daa1be2cbe
tfsc-xss.txt
Posted Aug 17, 2007
Authored by GeFORC3

Text File Search Classic ASP suffers from a cross site scripting vulnerability.

tags | exploit, xss, asp
MD5 | 540a9d55646455b498dc99492ba1e379
TS-2007-003-0.txt
Posted Aug 17, 2007
Authored by forloop

Template Security has discovered a root privilege escalation vulnerability in the BlueCat Networks Adonis DNS/DHCP appliance which allows the admin user to gain root privilege from the Command Line Interface (CLI). Adonis version 5.0.2.8 is susceptible. Exploit details included.

tags | exploit, root
MD5 | 8ddae6c8f1a26008bcb28a7971395730
olate-bypass.txt
Posted Aug 17, 2007
Authored by imei addmimistrator | Site myimei.com

Olate Download version 3.4.1 suffers from an authentication bypass vulnerability in admin.php.

tags | advisory, php, bypass
MD5 | 9cc0fc74d7fbd26518b8dcf63db8bd78
oracle-forensics-6.pdf
Posted Aug 17, 2007
Authored by David Litchfield | Site databasesecurity.com

Whitepaper: Oracle Forensics Part 6 - Examining Undo Segments, Flashback and the Oracle Recycle Bin.

tags | paper
MD5 | 9fd78e525fa001399046542dc5896853
bfdict.sh.txt
Posted Aug 17, 2007
Authored by sin

Brute force dictionary generator written as a bash shell script.

tags | shell, cracker, bash
MD5 | 90c9f3c976198f3e324bdfd9f0b3afb8
NGS-cvpnd.txt
Posted Aug 17, 2007
Authored by Dominic Beecher | Site ngssoftware.com

NGS has discovered a local privilege escalation vulnerability in the Cisco VPN client. Versions below 5.0.01.0600 are affected.

tags | advisory, local
systems | cisco
MD5 | 2a2d3b20b94c9d2a58e8b903bfeab3bf
edraw-insecure.txt
Posted Aug 17, 2007
Authored by shinnai | Site shinnai.altervista.org

EDraw Office Viewer Component version 5.1 HttpDownloadFile() insecure method exploit.

tags | exploit
MD5 | 84c779928913e5da3e38f4c0ea24717c
Secunia Security Advisory 26402
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 22d66339b28987da12c44bc7c5fdb604
Secunia Security Advisory 26428
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Dell Remote Access Card 4, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, remote, denial of service
MD5 | 574e55b2dc3a300a21172215de61e4c4
Secunia Security Advisory 26469
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Robert Watson has reported some vulnerabilities in Generic Software Wrappers Toolkit, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local, vulnerability
MD5 | fa94b69a2348dcd7e0c01b7c77716321
Secunia Security Advisory 26471
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM DB2, some of which have an unknown impact, while others can potentially be exploited to bypass certain security restrictions or perform certain actions with escalated privileges.

tags | advisory, vulnerability
MD5 | 07f59a0f1fbfaa3911f3a032c190335b
Secunia Security Advisory 26474
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Robert Watson has reported some vulnerabilities in CerbNG, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local, vulnerability
MD5 | eabb2cccada0adf6c3a0cd795db5b005
Secunia Security Advisory 26478
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to potentially disclose sensitive information or to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
MD5 | 5f4327d77bdbfa9b9cc5cd4ec7e42981
Secunia Security Advisory 26479
Posted Aug 17, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Robert Watson has reported some vulnerabilities in Systrace and Sysjail included in OpenBSD, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | openbsd
MD5 | 25883710661c1392b6fc46ef598b4e17
Page 1 of 2
Back12Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close