what you don't know can hurt you
Showing 1 - 25 of 35 RSS Feed

Files Date: 2007-08-31

Ubuntu Security Notice 509-1
Posted Aug 31, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 509-1 - The Linux 2.6 kernel series suffers from multiple vulnerabilities. A flaw in the sysfs_readdir function allowed a local user to cause a denial of service by dereferencing a NULL pointer. A buffer overflow was discovered in the random number generator. In environments with granular assignment of root privileges, a local attacker could gain additional privileges. A flaw was discovered in the usblcd driver. A local attacker could cause large amounts of kernel memory consumption, leading to a denial of service. It was discovered that certain setuid-root processes did not correctly reset process death signal handlers. A local user could manipulate this to send signals to processes they would not normally have access to. The Direct Rendering Manager for the i915 driver could be made to write to arbitrary memory locations. An attacker with access to a running X11 session could send a specially crafted buffer and gain root privileges. It was discovered that the aacraid SCSI driver did not correctly check permissions on certain ioctls. A local attacker could cause a denial of service or gain privileges.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3104, CVE-2007-3105, CVE-2007-3513, CVE-2007-3848, CVE-2007-3851, CVE-2007-4308
MD5 | 71d8853d53804ac2aa9e5b6ad74a2932
cisco-sql.txt
Posted Aug 31, 2007
Authored by Elliot Kendall

A SQL injection vulnerability exists in the Log On page of the web interface for Cisco CallManager AKA Unified Communications Manager. An unauthenticated attacker who is able to access the Log On page could exploit this vulnerability to run arbitrary SQL commands as the logged in database user, usually cm_publisher. By running SQL commands, the attacker could gain information about the CallManager configuration, including call records. Exploitation details provided.

tags | exploit, web, arbitrary, sql injection
systems | cisco
MD5 | 3f7b845f8abbf592305551e6224d261d
iDEFENSE Security Advisory 2007-08-30.1
Posted Aug 31, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 08.30.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Yahoo Inc.'s Yahoo! Messenger 8.1 allows attackers to execute arbitrary code with the privileges of the currently logged in user. iDefense has confirmed the existence of this vulnerability in version 8.1 of Yahoo Instant Messenger. Previous versions are suspected to be vulnerable as well.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2007-4515
MD5 | 44bf2944288480d2f88cd559b0d9ab27
telemark-xss.txt
Posted Aug 31, 2007
Authored by Tosser

The Telemark.com search engine is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c9940b9124caccd7386973aa56d9027a
chacha-xss.txt
Posted Aug 31, 2007
Authored by d3hydr8 | Site darkcode.h1x.com

The ChaCha.com search functionality suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e9ebdea597e5f10ca9b9c99db9e3cf62
NS-072307-XSS.pdf
Posted Aug 31, 2007
Authored by Amish Shah | Site net-square.com

A cross site scripting vulnerability existed in http://research.microsoft.com/. This has been fixed.

tags | advisory, web, xss
MD5 | 9956c839a73047e0ea608902bdcd1dc1
Secunia Security Advisory 26605
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged a vulnerability in HP Tru64 UNIX and HP Internet Express for Tru64 UNIX, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
systems | unix
MD5 | 433b3c840c5ca9002e61f88aeb9d041d
Secunia Security Advisory 26621
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
MD5 | 0029030599e99eeff262a28aa41c9823
Secunia Security Advisory 26637
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Sopas Ferreira has reported some vulnerabilities in ACG News, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 802772a63475cc47fa4ff8b10ddd9b95
Secunia Security Advisory 26642
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, php, vulnerability
MD5 | 4d9e26617afcf2b65884e778cb00801c
Secunia Security Advisory 26652
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - R00T[ATI] has discovered a vulnerability in NMDeluxe, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 7fc4cd41223c6cf92c220b13e43e4e91
Secunia Security Advisory 26657
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Micha Lenk has reported a security issue in Backup Manager, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
MD5 | bbf94fe08ec4861329f9905c64d71024
SUSE-SA-2007-050.txt
Posted Aug 31, 2007
Site suse.com

SUSE Security Announcement - The Opera web-browser allows an attacker to execute arbitrary code by providing an invalid pointer to a virtual function in JavaScript. This bug can be exploited automatically when a user visits a web-site that contains the attacker's JavaScript code.

tags | advisory, web, arbitrary, javascript
systems | linux, suse
advisories | CVE-2007-4367
MD5 | 67d50149e61c18e0f82a4f187d83b23e
ppstream-overflow.txt
Posted Aug 31, 2007
Authored by dummy

PPStream ActiveX remote overflow exploit that makes use of PowerPlayer.dll version 2.0.1.3829.

tags | exploit, remote, overflow, activex
MD5 | 132a38ce0cc72b3c49ae42b164ffefa1
norton-local.txt
Posted Aug 31, 2007
Authored by inocraM | Site 48bits.com

Norman Virus Control local exploit that makes use of nvcoaft51.sys.

tags | exploit, local, virus
MD5 | f7f06590d69b8657e3cc40e36b8f36f0
phpbblinks-sql.txt
Posted Aug 31, 2007
Authored by Don

phpBB Links MOD versions 1.2.2 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | f7c85f4b2a3d84bd57186a373ff8cce4
ourspace-upload.txt
Posted Aug 31, 2007
Authored by Don

Ourspace version 2.0.9 suffers from an upload vulnerability in uploadmedia.cgi.

tags | exploit, cgi, file upload
MD5 | 49e68f901eb8af65054e494a64870126
nmdeluxe-sql.txt
Posted Aug 31, 2007
Authored by not sec group | Site notsec.com

NMDeluxe version 2.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7df7ee1cc55190e6e2306680ca06cd41
wiresharkdnp3-dos.txt
Posted Aug 31, 2007
Authored by Beyond Security | Site BeyondSecurity.com

Wireshark versions below 0.99.5 DNP3 dissector infinite loop denial of service exploit.

tags | exploit, denial of service
MD5 | db40242afee4ecc22686066188808a89
hexamail-dos.txt
Posted Aug 31, 2007
Authored by rgod | Site retrogod.altervista.org

Hexamail Server version 3.0.0.001 pop3 pre-auth remote overflow denial of service exploit.

tags | exploit, remote, denial of service, overflow
MD5 | e2ebdee6bf86c4327ab9df16adebf030
ProCheckUp Security Advisory 2007.23
Posted Aug 31, 2007
Authored by ProCheckUp

Absolute Poll Manager XE version 4.1 suffers from cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 1caee24a2fb021f6add15739ee80febf
vmwarevix-vuln.txt
Posted Aug 31, 2007
Site vmware.com

VMWware suffers from a poor guest isolation design.

tags | advisory
MD5 | 6f1db85eb6f7a1f8d6ed25f9064ddba3
Secunia Security Advisory 26524
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Doomsday, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 9332c883dec2cfd2946b56bc1d7d8f40
Secunia Security Advisory 26567
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has acknowledged a vulnerability in tcp-wrappers, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, tcp
systems | linux, ubuntu
MD5 | 8e9c8028448cc5316157bb18442c66e6
Secunia Security Advisory 26579
Posted Aug 31, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | fd5e5126c8b73940124202153b0436a5
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close