Twenty Year Anniversary
Showing 1 - 19 of 19 RSS Feed

Files Date: 2007-10-09

Gentoo Linux Security Advisory 200710-7
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-07 - Reinhard Max discovered a boundary error in Tk when processing an interlaced GIF with two frames where the second is smaller than the first one. Versions less than 8.4.15-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4851
MD5 | 5b77ce70b4be4a117e2c5bea19ad6489
Gentoo Linux Security Advisory 200710-6
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-06 - Moritz Jodeit reported an off-by-one error in the SSL_get_shared_ciphers() function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the BN_from_montgomery() function in crypto/bn/bn_mont.c when performing Montgomery multiplication. Versions less than 0.9.8e-r3 are affected.

tags | advisory, crypto
systems | linux, gentoo
advisories | CVE-2006-3738, CVE-2007-3108, CVE-2007-5135
MD5 | fbb80f53be6d2a67bf086e6f20059611
Gentoo Linux Security Advisory 200710-5
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-05 - Raphael Marichez discovered that the DataLoader::doStart() method creates temporary files in an insecure manner and executes them. Versions less than 1.5.7 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4631
MD5 | 602429e7adb1a1d4a2f88c01a311fe18
Gentoo Linux Security Advisory 200710-4
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-04 - Robert Buchholz of the Gentoo Security team discovered that the flac_buffer_copy() function does not correctly handle FLAC streams with variable block sizes which leads to a heap-based buffer overflow. Versions less than 1.0.17-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4974
MD5 | ba2d76ded126e3adb7f5fd0f3167a61e
Gentoo Linux Security Advisory 200710-3
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-03 - David Thiel of iSEC Partners discovered a heap-based buffer overflow in the _01inverse() function in res0.c and a boundary checking error in the vorbis_info_clear() function in info.c. libvorbis is also prone to several Denial of Service vulnerabilities in form of infinite loops and invalid memory access with unknown impact. Versions less than 1.2.0 are affected.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2007-3106, CVE-2007-4029, CVE-2007-4065, CVE-2007-4066
MD5 | c70453c2482e2f78df068f65c8aead52
Gentoo Linux Security Advisory 200710-2
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-02 - Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate() and gdImageCreateTrueColor() functions of the GD library which can cause heap-based buffer overflows. Gerhard Wagner discovered an integer overflow in the chunk_split() function that can lead to a heap-based buffer overflow. Its incomplete fix caused incorrect buffer size calculation due to precision loss, also resulting in a possible heap-based buffer overflow. A buffer overflow in the sqlite_decode_binary() of the SQLite extension found by Stefan Esser that was addressed in PHP 5.2.1 was not fixed correctly. Versions less than 5.2.4_p20070914-r2 are affected.

tags | advisory, overflow, php, vulnerability
systems | linux, gentoo
advisories | CVE-2007-1883, CVE-2007-1887, CVE-2007-1900, CVE-2007-2756, CVE-2007-2872, CVE-2007-3007, CVE-2007-3378, CVE-2007-3806, CVE-2007-3996, CVE-2007-3997, CVE-2007-3998, CVE-2007-4652, CVE-2007-4657, CVE-2007-4658, CVE-2007-4659, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662
MD5 | 8c8d5b159992cb0df17a3a4a8b8f0e4d
carolinacon-2008-cfp.txt
Posted Oct 9, 2007
Site carolinacon.org

The CarolinaCon 2008 Call For Papers is now open. It's an annual technology conference to enhance local and global awareness of current technology issues and developments, provide affordable technology education sessions to the unwashed masses, deliver varied/informative/interesting presentations on a wide variety of InfoSec/hacking/technology/science topics, and mix in enough entertainment and side contests/challenges to make for a truly fun event. It will be taking place March 28th through the 30th in Chapel Hill, NC, USA.

tags | paper, local, conference
MD5 | e8b18654de3db3d5570c609ca13f5506
Debian Linux Security Advisory 1362-2
Posted Oct 9, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1362-2 - A problem was discovered in lighttpd, a fast webserver with minimal memory footprint, which could allow the execution of arbitary code via the overflow of CGI variables when mod_fcgi was enabled. This updated advisory correctly patches the security issue, which was not handled in DSA-1362-1.

tags | advisory, overflow, cgi
systems | linux, debian
advisories | CVE-2007-4727
MD5 | 826063a55c14e8a2be9717c3362feb6e
Secunia Security Advisory 27037
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Apache. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability, xss
MD5 | 417a5ace6ec2838ab171ea0c46816d80
Secunia Security Advisory 27106
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for kdebase. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct spoofing attacks.

tags | advisory, local, spoof, vulnerability
systems | linux, redhat
MD5 | ebd6cfc6f3d9b8a49151202ec03b9da4
Secunia Security Advisory 27085
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xen-utils. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.

tags | advisory, local, vulnerability
systems | linux, debian
MD5 | 99592ac3762a1fa46cee379625ea3b97
Secunia Security Advisory 27108
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for kdelibs. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
MD5 | 143b5f54c407e1111677f2758905c64b
Secunia Security Advisory 27114
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SnIpEr_SA has reported a vulnerability in SkaDate, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 670f45128afb649e990337ccf73ca31a
Secunia Security Advisory 27117
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in AlsaPlayer, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 00e4a762882899fd1aa31d4d33632ad7
Secunia Security Advisory 27125
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | e17de75eec911e1a20cd6eaa3c28e78e
sqlninja-0.2.1-r1.tgz
Posted Oct 9, 2007
Authored by icesurfer | Site sqlninja.sourceforge.net

sqlninja is a small tool to exploit SQL injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable database server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a database Server when a SQL injection vulnerability has been discovered. It is written in perl and runs on Unix-like boxes.

Changes: New flavor of bruteforce attack, auth mode detection, and various other enhancements and bug fixes.
tags | tool, remote, web, shell, scanner, perl, vulnerability, sql injection
systems | unix
MD5 | 4548b90a695eb0707fa38d6f3400cd29
kismet-2007-10-R1.tar.gz
Posted Oct 9, 2007
Authored by Mike Kershaw | Site kismetwireless.net

Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.

Changes: Various additions and fixes.
tags | tool, wireless
systems | cisco, linux, freebsd, openbsd, apple, osx
MD5 | 2100c667e69db0cde35fa2d06c8516e2
nuface-1.2.8.tar.gz
Posted Oct 9, 2007
Authored by Vincent Deffontaines | Site inl.fr

Nuface is a web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.

Changes: Fixed bug when auth subject with ipv4 address on included nets. Fixed bug when remote ipsec router is not in a net in desc.
tags | tool, web, firewall, protocol
systems | unix
MD5 | 0f34e5bfba1a1c19706c2475b02cef29
snortsms-1.7.8.tar.gz
Posted Oct 9, 2007
Authored by SmithJ108 | Site snortsms.servangle.net

SnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and synchronize all sensor configurations.

Changes: Remote agent rewrite. Updated SnortSMS Collector to handle new agent format.
tags | tool, web, sniffer
MD5 | 92f27461cf19c74428b0e1170d92de9f
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close