exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 38 RSS Feed

Files Date: 2007-10-05

Ubuntu Security Notice 526-1
Posted Oct 5, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 526-1 - Thomas de Grenier de Latour discovered that the checkrestart program included in debian-goodies did not correctly handle shell meta-characters. A local attacker could exploit this to gain the privileges of the user running checkrestart.

tags | advisory, shell, local
systems | linux, debian, ubuntu
advisories | CVE-2007-3912
SHA-256 | 0f79713d47922e9699f6f7748e8f256eea58e9743bebd57b333c780201b14f5f
Ubuntu Security Notice 525-1
Posted Oct 5, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 525-1 - Robert Buchholz discovered that libsndfile did not correctly validate the size of its memory buffers. If a user were tricked into playing a specially crafted FLAC file, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-4974
SHA-256 | 2c6937c22bf119a9f249ebc4002d970ce18187beb7c8a17fa0fb05e51d69fb5e
Ubuntu Security Notice 524-1
Posted Oct 5, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 524-1 - An integer overflow was discovered in the TIFF handling code in OpenOffice. If a user were tricked into loading a malicious TIFF image, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-2834
SHA-256 | d679c6e0a877e8dbdd863c4cf4253bbec18d9365f65b6eecc313749f6295aa68
Mandriva Linux Security Advisory 2007.193
Posted Oct 5, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A flaw in how OpenSSL performed Montgomery multiplications was discovered %that could allow a local attacker to reconstruct RSA private keys by examining another user's OpenSSL processes. Moritz Jodeit found that OpenSSL's SSL_get_shared_ciphers() function did not correctly check the size of the buffer it was writing to. As a result, a remote attacker could exploit this to write one NULL byte past the end of the application's cipher list buffer, which could possibly lead to a denial of service or the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, mandriva
advisories | CVE-2007-3108, CVE-2007-5135
SHA-256 | e2a55a0ddfe0e74375fa35335a37ec3b8f8a492c3c7d3bbcc030dfe764c45c83
Gentoo Linux Security Advisory 200710-1
Posted Oct 5, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-01 - A stack based buffer overflow has been discovered in the svcauth_gss_validate() function in file lib/rpc/svc_auth_gss.c when processing an overly long string in a RPC message. Versions less than 0.16 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3999
SHA-256 | 5dcb345310412b72c5ee993c17657da7411898965c17fe4fe7957de2cfc7e000
Digital Defense VRT Advisory 2007.5
Posted Oct 5, 2007
Authored by Digital Defense | Site netsupportmanager.com

The NetSupport Manager client that listens on TCP port 5405 does not properly validate input supplied during the initial connection sequence. Specifically, during the configuration exchange part of the initial connection setup, the client does not appear to validate the supplied data which can result in a DoS of the NetSupport Manager Client. Remote code exploitation is also thought to be possible.

tags | advisory, remote, tcp
SHA-256 | cde2525578cbe2844b74106d67cd9ea372d80d0491c48852fda02ce3f1368320
monografias.com-search-xss.txt
Posted Oct 5, 2007
Authored by rootkit

www.monografias.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c52e8ea14b32eadfae6d506469d5e416e510b1e713d6af126514ba612a4b5b37
stuffed-xss.txt
Posted Oct 5, 2007
Site aria-security.net

Stuffed Tracker suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 75842e814c1d972d528943705bca98c7dd67434ee3f764435ac0c5a6a805fffc
TISA2007-12-Private.txt
Posted Oct 5, 2007
Authored by Edi Strosar | Site teamintell.com

Vba32 AntiVirus version 3.12.2 suffers from an insecure file permission vulnerability.

tags | advisory
SHA-256 | d3d6140a0119824f9833385bf62ffbd9f3acf4febef91c4755b0f09ad6e69702
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Oct 5, 2007
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Various enhancements. Preview of strongSwan Manager. Further improvements to MOBIKE support.
tags | kernel, encryption
systems | linux
SHA-256 | c45faeac07c3670026eb663fedda94fb5d319625be7196d814fbba9d4b28b2ab
leaguestat-lfi.txt
Posted Oct 5, 2007
Authored by d3v1l

Leaguestat.com version 0.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 6c92ffa3847bf342029b66e46143356e1d65753191336b79fbde0e4fe7ec664b
furkan-sql.txt
Posted Oct 5, 2007
Authored by CyberGhost | Site aspspider.org

Furkan Tastan Blog suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4f0a2fc4fd446a8404d2a5e70c8d8e1261995d74b5b0e8c3728a7dc27e7ae831
uebimiau27x-xss.txt
Posted Oct 5, 2007
Authored by Maximiliano Soler | Site nullcode.com.ar

UebiMiau versions 2.7.x and below suffer from a cross site scripting vulnerability due to the email variable not being sanitized.

tags | exploit, xss
SHA-256 | 79a84d3b963c093c2200fd851b69d2f931d4bb23f1b53a7c634509e2e368c560
trionic-rfi.txt
Posted Oct 5, 2007
Authored by GolD_M | Site tryag.cc

Trionic Cite CMS versions 1.2rev9 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | e3fa94a3ed8fb70cb376a83e84f20a240d78c3d4c3a79a09b99149f6bf0cd957
RISE-2007003.txt
Posted Oct 5, 2007
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

There exists multiple vulnerabilities within functions of Firebird Relational Database, which when properly exploited can lead to remote compromise of the vulnerable system.

tags | advisory, remote, vulnerability
SHA-256 | 1c86a390506eff2926bd6e4aa1194c457840db61d3266849eacf36611c21d7d8
RISE-2007002.txt
Posted Oct 5, 2007
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

There exists multiple vulnerabilities within functions of Borland InterBase, which when properly exploited can lead to remote compromise of the vulnerable system.

tags | advisory, remote, vulnerability
SHA-256 | 4677f1e27489c5e2f6da840db8cc4baacfe3704811d7e3fa34b629b2925dd959
cart32-download.txt
Posted Oct 5, 2007
Authored by Paul Craig | Site security-assessment.com

Cart32 versions 6.3 and below suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | a92fa9402089256f28b31d6407f2dce1d7e435f93e1b897eed66b1ed6d626af2
ossigeno-rfi.txt
Posted Oct 5, 2007
Authored by naxx | Site nicenamecrew.com

Ossigeno CMS versions 2.2a3 and below suffer from a remote file inclusion vulnerability in footer.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 0128339e51bc8dab8e4f8ff73b006f2495c3ec644492a282ae32cddad7ba5636
deonix-sql.txt
Posted Oct 5, 2007
Authored by home_edition2001 | Site solpotcrew.org

Web Template Management System version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 9bea5fdd58ecedba219929e700c129013ba97e4cb7fc6f4a064e5cfccf47f407
fsfdt-overflow.txt
Posted Oct 5, 2007
Authored by weak

FSFDT version 3.000 d9 remote buffer overflow exploit that spawns a reverse shell to 10.0.0.100:4321.

tags | exploit, remote, overflow, shell
SHA-256 | 6334281787ff675203ddc02bdec9476d24639f281266b774ce705692e0695395
Ubuntu Security Notice 523-1
Posted Oct 5, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 523-1 - Multiple vulnerabilities were found in the image decoders of ImageMagick. If a user or automated system were tricked into processing a malicious DCM, DIB, XBM, XCF, or XWD image, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988
SHA-256 | 131191d0b29fa7de23c99153559471941ccb8045903b5decedbd76f9abdec287
FreeBSD-SA-07-08.openssl.txt
Posted Oct 5, 2007
Site security.freebsd.org

FreeBSD Security Advisory - A buffer overflow addressed in FreeBSD-SA-06:23.openssl has been found to be incorrectly fixed.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2007-3738, CVE-2007-5135
SHA-256 | b17048d5d589fb121d6c680856308fa4c05d2db3f5e995fda3825188618c9387
Secunia Security Advisory 26970
Posted Oct 5, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in Altnet Download Manager, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | f2c857bbeae6499877e4a48eef1e60f094b505dc794bcbf0ba19be6b017dc33c
Secunia Security Advisory 27005
Posted Oct 5, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Trew has reported some vulnerabilities in BlackBoard Learning System, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 7923f75e705108fbb40ac08b26e115308b793972e9f4fbb23b3309bf23a562fa
Secunia Security Advisory 27009
Posted Oct 5, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Sun Java JRE (Java Runtime Environment), which can be exploited by malicious people to bypass certain security restrictions, manipulate data, disclose sensitive/system information, or potentially compromise a vulnerable system.

tags | advisory, java, vulnerability
SHA-256 | 5ea060abbafb7ec298181b469fc1d6e095273995dd938e58b7724d54376c67d5
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close