what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2007-09-11

Technical Cyber Security Alert 2007-254A
Posted Sep 11, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-254A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Microsoft Visual Studio, Microsoft Windows Services for Unix, and Microsoft MSN Messenger. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | windows, unix
SHA-256 | 449e8375e4d58c6d69b4684104e0fe777e2115b6468b2aa4c8522199571b396a
Gentoo Linux Security Advisory 200709-1
Posted Sep 11, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200709-01 - A stack buffer overflow (CVE-2007-3999) has been reported in svcauth_gss_validate() of the RPC library of kadmind. Another vulnerability (CVE-2007-4000) has been found in kadm5_modify_policy_internal(), which does not check the return values of krb5_db_get_policy() correctly. Versions less than 1.5.3-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3999, CVE-2007-4000
SHA-256 | 069944d06e3a8b3634e84b6d6ae791d61b76bde151ac2d5c0ca18b8f9799be32
iDEFENSE Security Advisory 2007-09-11.1
Posted Sep 11, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.11.07 - Remote exploitation of a stack based buffer overflow vulnerability in Microsoft Corp's Microsoft Windows 2000 Agent service could allow an attacker to execute arbitrary code with the privileges of the logged in user. The vulnerability exists within the Agent Service (agentsvr.exe). Due to improper handling of specially crafted URLs, an attack can cause stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in the Agent service included in Windows 2000. Microsoft reports that newer versions of the Agent service are not vulnerable.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2007-3040
SHA-256 | 1b09178d90eb13abe427829422d154cb73153fac8556c0b6ef96121e7b1afce5
Debian Linux Security Advisory 1374-1
Posted Sep 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1374-1 - Several vulnerabilities have been discovered in jffnms, a web-based Network Management System for IP networks. These include cross site scripting and SQL injection vulnerabilities.

tags | advisory, web, vulnerability, xss, sql injection
systems | linux, debian
advisories | CVE-2007-3189, CVE-2007-3190, CVE-2007-3191
SHA-256 | 8bee2501639339349d4514554062c4a6b73faa58549ff329748d01232e880805
Debian Linux Security Advisory 1373-1
Posted Sep 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1373-1 - It was discovered that ktorrent, a BitTorrent client for KDE, was vulnerable to a directory traversal bug which potentially allowed remote users to overwrite arbitrary files.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2007-1799
SHA-256 | a960c7e4c34ac3e3c21cf9a30e5705e5bebfffa7196b540161fbd20a223ff098
Debian Linux Security Advisory 1371-1
Posted Sep 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1371-1 - Several vulnerabilities have been discovered in phpWiki, a wiki engine written in PHP. It was discovered that phpWiki performs insufficient file name validation, which allows unrestricted file uploads. It was discovered that phpWiki performs insufficient file name validation, which allows unrestricted file uploads. If the configuration lacks a nonzero PASSWORD_LENGTH_MINIMUM, phpWiki might allow remote attackers to bypass authentication via an empty password, which causes ldap_bind to return true when used with certain LDAP implementations.

tags | advisory, remote, php, vulnerability, file upload
systems | linux, debian
advisories | CVE-2007-2024, CVE-2007-2025, CVE-2007-3193
SHA-256 | b7b01d7f2a959335ad4e537ebb5fba440c7f535ac3481c32a0333098d6941ddf
FSC20070911-11.txt
Posted Sep 11, 2007
Site assurent.com

The Microsoft Agent ActiveX control contains a buffer overflow vulnerability that allows remote attackers to inject and execute arbitrary code with the privileges of the currently logged in user. Version 2.0.0.3425 is affected.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2007-3040
SHA-256 | 84769b4dd70aa5a25033c2792a38ff41ffe63f37d0dfb99127fadb9218e95243
ibmatom-xss.txt
Posted Sep 11, 2007
Authored by Yosuke HASEGAWA

The Atom feed in www.ibm.com is susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | 8594a8f0707bbe9347aa863ec75647e87cd75f7b7fd157f2619aa5aef11de528
samba-gid0.txt
Posted Sep 11, 2007
Authored by Rick King | Site samba.org

An incorrect group assignment (gid 0) occurs for domain users using the rfc2307 or sfu Winbind nss info plugin.

tags | advisory
advisories | CVE-2007-4138
SHA-256 | b5a615800b2024d33d761d8ce00f430ad5581db3dae1a6f700d5296aa7e1e424
OS2A_1010.txt
Posted Sep 11, 2007
Authored by Arun Kethipelly, Nagendra Kumar G, Chandan S

A denial of service flaw exists in RealPlayer and HelixPlayer when a user tries to open a malformed .au file. The flaw is due to a Division by Zero error when processing a malformed AU file. An attacker must entice an unsuspecting user to open a maliciously crafted AU file. Realplayer versions 10.1.0.3114 and below and Helixplayer version 1.0.6.778 are affected. Proof of concept included.

tags | exploit, denial of service, proof of concept
SHA-256 | 28be1324049b26d3f596b6ba348ac009e99f312a5179e495cba05ab6a4852baa
nuclearbb-rfi.txt
Posted Sep 11, 2007
Authored by Rootshell Security Team

NuclearBB Alpha 2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 900a3ff34f13be59dabcc2afb85e1d668c8c5254f4f4b340e1117b261d008cb7
SSHatter-0.3.tar.gz
Posted Sep 11, 2007
Authored by Tim Brown | Site nth-dimension.org.uk

SSHatter is a remote brute force utility that attempts every password from a given list against a target.

tags | remote
SHA-256 | ccf0f5f7aa39fb59f5f5b2bd959ec841ca04f761de5c1c2da76f97a1bfa7976b
msvb-vbto.txt
Posted Sep 11, 2007
Authored by shinnai | Site shinnai.altervista.org

Microsoft Visual Studio version 6.0 file overwrite exploit that makes use of VBTOVSI.DLL version 1.0.0.0.

tags | exploit
SHA-256 | a259b0efdaa09edbc604048a7da85b8a07f87f01c860ef4cca15cc3e25f00f5c
msvs-pdwiz.txt
Posted Sep 11, 2007
Authored by shinnai | Site shinnai.altervista.org

Microsoft Visual Studio version 6.0 remote command execution exploit that makes use of PDWizard.ocx versions 6.0.0.9782 and below.

tags | exploit, remote
SHA-256 | 96af82830be7c89fb85c84ebc7d1444fcc9b07290f1502ddd32c828e33e69788
xcart-rfi.txt
Posted Sep 11, 2007
Authored by aLiiF | Site debuteam.net

X-Cart suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 25ccf8166cc203fe891bf1e147d69ccfb0416770e8cd48ed57ce571284a1c8f6
Debian Linux Security Advisory 1370-2
Posted Sep 11, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1370-2 - The update for the oldstable distribution was incorrectly installed into the archive. Several remote vulnerabilities have been discovered in phpMyAdmin, a program to administrate MySQL over the web.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2006-6942, CVE-2006-6944, CVE-2007-1325, CVE-2007-1395, CVE-2007-2245
SHA-256 | b34c02843f6fd1822b6ff8d4cfcc82c348eeaa15121a44159e2d7a51e737119d
Secunia Security Advisory 26704
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Koshi has reported a vulnerability in Microsoft Visual Basic, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | a3875aa03b37ad7960ae70b692cb23678d618cc17ce27afa4e1d0b48c7c2d199
Secunia Security Advisory 26712
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Henri Lindberg has reported a vulnerability in Buffalo AirStation WHR-G54S, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | be2e20089fcc244b6478badb8628aae2f088a05284c973d4e07c507518f76fd7
Secunia Security Advisory 26723
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for gforge. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
systems | linux, debian
SHA-256 | 597510a97afbde61b5447772bb96d6619fa86bfbe18ca07554f410a947f55b33
Secunia Security Advisory 26735
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Proxy Anket, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | f860be53a7bed289f339afbf98c37d78f700365c052c39b0643f9fd72b312a46
Secunia Security Advisory 26738
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for qgit. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, fedora
SHA-256 | 46d0bebdb753ed4c3217aade1b244fada0f845220afbab5e058dd5c102fd2b91
Secunia Security Advisory 26744
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Quagga, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | c6aa2c9ac53ed7335948709ded48a9f89f0f8e03a4cd18d6a298c2c237b0556e
Secunia Security Advisory 26753
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows 2000, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
SHA-256 | 396a23d751c9eeea2a72d078e91117a38871f63c896ee84a30ac3c126876e6a4
Secunia Security Advisory 26754
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Visual Studio, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 11297b57208a227218f7f387a22efe6738a8131fed09d232fc22f8c0ddb920aa
Secunia Security Advisory 26757
Posted Sep 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows Services for UNIX, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | windows, unix
SHA-256 | a8af4a88941823f700cc5167f0f6eef2a06b59e6a48b439ac8919aa57a112970
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close