exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2007-08-31

Ubuntu Security Notice 509-1
Posted Aug 31, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 509-1 - The Linux 2.6 kernel series suffers from multiple vulnerabilities. A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. A flaw was discovered in the usblcd driver. A local attacker could cause large amounts of kernel memory consumption, leading to a denial of service. It was discovered that certain setuid-root processes did not correctly reset process death signal handlers. A local user could manipulate this to send signals to processes they would not normally have access to. The Direct Rendering Manager for the i915 driver could be made to write to arbitrary memory locations. An attacker with access to a running X11 session could send a specially crafted buffer and gain root privileges. It was discovered that the aacraid SCSI driver did not correctly check permissions on certain ioctls. A local attacker could cause a denial of service or gain privileges.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3104, CVE-2007-3105, CVE-2007-3513, CVE-2007-3848, CVE-2007-3851, CVE-2007-4308
SHA-256 | 739b16d5c2a6a6a15dde4c79a2547109bddace7cde6d485d1b7a618484a247e2
cisco-sql.txt
Posted Aug 31, 2007
Authored by Elliot Kendall

A SQL injection vulnerability exists in the Log On page of the web interface for Cisco CallManager AKA Unified Communications Manager. An unauthenticated attacker who is able to access the Log On page could exploit this vulnerability to run arbitrary SQL commands as the logged in database user, usually cm_publisher. By running SQL commands, the attacker could gain information about the CallManager configuration, including call records. Exploitation details provided.

tags | exploit, web, arbitrary, sql injection
systems | cisco
SHA-256 | bdf4519eaae63fb7371ea2a51f7e95369b5b21611901b65877146460074a3edf
iDEFENSE Security Advisory 2007-08-30.1
Posted Aug 31, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.30.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Yahoo Inc.'s Yahoo! Messenger 8.1 allows attackers to execute arbitrary code with the privileges of the currently logged in user. iDefense has confirmed the existence of this vulnerability in version 8.1 of Yahoo Instant Messenger. Previous versions are suspected to be vulnerable as well.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2007-4515
SHA-256 | 85f0ed1aa30224aa168277475b87bf25b92562e627754f083ac6c72aa51e3f32
telemark-xss.txt
Posted Aug 31, 2007
Authored by Tosser

The Telemark.com search engine is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 065f4b939700f4b7fb9d590db44e796637aa21cc3fb8406a0a8cfd29487a123f
chacha-xss.txt
Posted Aug 31, 2007
Authored by d3hydr8 | Site darkcode.h1x.com

The ChaCha.com search functionality suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 96ff97ef2ffceb4d5d77a8122900f48e3a0907da45e93270552d8ed9ba0b8af1
NS-072307-XSS.pdf
Posted Aug 31, 2007
Authored by Amish Shah | Site net-square.com

A cross site scripting vulnerability existed in http://research.microsoft.com/. This has been fixed.

tags | advisory, web, xss
SHA-256 | 409254e5087d3ad4fe4be1cf31a829e511b67470a2a46a88ec330b7dccb728b3
Secunia Security Advisory 26605
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged a vulnerability in HP Tru64 UNIX and HP Internet Express for Tru64 UNIX, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
systems | unix
SHA-256 | 878e52aa3e5bcf9c3b01ab52c79cff764e835ca6ef394c1a32ba48a3ef6f7f98
Secunia Security Advisory 26621
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 1367ce133f8de6baf49f0254cf2e39ff7dfea17ab7f1c073fb2a56afedf13c1e
Secunia Security Advisory 26637
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Sopas Ferreira has reported some vulnerabilities in ACG News, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | c6ff4691da00cfac02d605deb0dcb5a82774c7a209e182f87f432da82f9604e0
Secunia Security Advisory 26642
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, php, vulnerability
SHA-256 | a5ae16c79d308f646f389cb785c3b553ae85ee8a5bfe3d4e39d5231c03c7870c
Secunia Security Advisory 26652
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - R00T[ATI] has discovered a vulnerability in NMDeluxe, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | e56b7c47fd586be457230df76a9b0451d1a7cdfe46893eaa3cd5cb54097d9317
Secunia Security Advisory 26657
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Micha Lenk has reported a security issue in Backup Manager, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
SHA-256 | 4e7fced8e91b7b82f47a2c48d61a77d780a30df48d1798d47cdcdc01ed79ed86
SUSE-SA-2007-050.txt
Posted Aug 31, 2007
Site suse.com

SUSE Security Announcement - The Opera web-browser allows an attacker to execute arbitrary code by providing an invalid pointer to a virtual function in JavaScript. This bug can be exploited automatically when a user visits a web-site that contains the attacker's JavaScript code.

tags | advisory, web, arbitrary, javascript
systems | linux, suse
advisories | CVE-2007-4367
SHA-256 | 6d7da325dc91c81b2493fec61eab287fa40d5a1fccbc184831ba43fa853d678f
ppstream-overflow.txt
Posted Aug 31, 2007
Authored by dummy

PPStream ActiveX remote overflow exploit that makes use of PowerPlayer.dll version 2.0.1.3829.

tags | exploit, remote, overflow, activex
SHA-256 | f52ec5c7f133f22b6993eb48de5996ccee1cd17a4c901596e3a93bb709715f15
norton-local.txt
Posted Aug 31, 2007
Authored by inocraM | Site 48bits.com

Norman Virus Control local exploit that makes use of nvcoaft51.sys.

tags | exploit, local, virus
SHA-256 | b12b06dc51562223f827800af12ca8909a53b821b648a6ce7537838aa2f2da7c
phpbblinks-sql.txt
Posted Aug 31, 2007
Authored by Don

phpBB Links MOD versions 1.2.2 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 552d03ee54d5f071ecf277b9ea0bd0995a6c680eed0bfd651fc21d24dd69ea6d
ourspace-upload.txt
Posted Aug 31, 2007
Authored by Don

Ourspace version 2.0.9 suffers from an upload vulnerability in uploadmedia.cgi.

tags | exploit, cgi, file upload
SHA-256 | 36c1af1e1992562541c39430813a1164577aec948a0daa0d05b0b092d125b291
nmdeluxe-sql.txt
Posted Aug 31, 2007
Authored by not sec group | Site notsec.com

NMDeluxe version 2.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f218fd0ccacebefda9aa7e8d676c95c8b798d59965c1f726d810ab44be98d9fc
wiresharkdnp3-dos.txt
Posted Aug 31, 2007
Authored by Beyond Security | Site BeyondSecurity.com

Wireshark versions below 0.99.5 DNP3 dissector infinite loop denial of service exploit.

tags | exploit, denial of service
SHA-256 | cde9d97a0c0f44ccd0bf659e4f35424c5eae09318226f38bb657e22dddf7292d
hexamail-dos.txt
Posted Aug 31, 2007
Authored by rgod | Site retrogod.altervista.org

Hexamail Server version 3.0.0.001 pop3 pre-auth remote overflow denial of service exploit.

tags | exploit, remote, denial of service, overflow
SHA-256 | 6ecc71a7cc6a2be2b79f037aa2d625facdb9ea17f3884c323f20ebdbe363722d
ProCheckUp Security Advisory 2007.23
Posted Aug 31, 2007
Authored by ProCheckUp

Absolute Poll Manager XE version 4.1 suffers from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | dd60be87a868c6cd25e099acaae441d93d12fcd935587ae8c4b87d7202dd04ca
vmwarevix-vuln.txt
Posted Aug 31, 2007
Site vmware.com

VMWware suffers from a poor guest isolation design.

tags | advisory
SHA-256 | e34dca01aaf832d2fa675dfd14bd66bec79bc94f49d2c237202424a01a6d8b9f
Secunia Security Advisory 26524
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Doomsday, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | ba04fa18866b678d1237ff862e5117e5ff6be7c41ddd3e1ebf198dd67502a89a
Secunia Security Advisory 26567
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has acknowledged a vulnerability in tcp-wrappers, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, tcp
systems | linux, ubuntu
SHA-256 | eaa93a525798cc3f388cf40fa75a2ef437faa1a8560951c31a9862bdc12ec9aa
Secunia Security Advisory 26579
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | ac3d30f9125e7033214ae97897b6c73968c2c8199356101c532fd17eb07f1546
Page 1 of 2
Back12Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close