what you don't know can hurt you
Showing 1 - 25 of 51 RSS Feed

Files Date: 2007-10-18

Gentoo Linux Security Advisory 200710-20
Posted Oct 18, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-20 - Maurycy Prodeus discovered an integer overflow vulnerability possibly leading to a stack-based buffer overflow in the XPDF code which PDFKit is based on. ImageKits also contains a copy of PDFKit. Versions less than or equal to 0.9_pre062906 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-3387
MD5 | df07e1fa1ad1a75a05415ac571fad712
Secunia Security Advisory 27287
Posted Oct 18, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Miranda, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | da44f43fec9723b930da8336ec0861d8
Secunia Security Advisory 27165
Posted Oct 18, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - shinnai has reported a vulnerability in Microsoft Visual FoxPro, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 627312ec6207a5a2db5ee9dfd931cb5a
Secunia Security Advisory 27238
Posted Oct 18, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SkyOut has reported a vulnerability in Netgear SSL312, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | fb4ec8d61acd7e56c83c8660d685cab7
Mandriva Linux Security Advisory 2007.200
Posted Oct 18, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerablity in Tk was found that could be used to overrun a buffer when loading certain GIF images. If a user were tricked into opening a specially crafted GIF file, it could lead to a denial of service condition or possibly the execution of arbitrary code with the user's privileges.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2007-5137, CVE-2007-5378
MD5 | 0e3f83e910e1f30abaa43c4df9dd66d7
S21SEC-038-en.txt
Posted Oct 18, 2007
Authored by Juan de la Fuente Costa, Pablo Seijo Cajaraville | Site s21sec.com

S21sec has discovered a vulnerability in Alcatel Omnivista 4760 that allows injection of javascript code in text variables.

tags | exploit, javascript
MD5 | 89aac8bb5666c8ae408f6e439fc64eee
Gentoo Linux Security Advisory 200710-19
Posted Oct 18, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-19 - Jean-Sebastien Guay-Leroux reported an integer underflow in the file_printf() function of the file utility which is bundled with The Sleuth Kit (CVE-2007-1536, GLSA 200703-26). Note that Gentoo is not affected by the improper fix for this vulnerability (identified as CVE-2007-2799, see GLSA 200705-25) since version 4.20 of file was never shipped with The Sleuth Kit ebuilds. Versions less than 2.0.9 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-1536, CVE-2007-2799
MD5 | ca4f37a7a61ecbe504c0403c1b6e6772
Gentoo Linux Security Advisory 200710-18
Posted Oct 18, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-18 - Ludwig Nussel discovered that the check_special_mountprog() and check_special_umountprog() functions call setuid() and setgid() in the wrong order and do not check the return values, which can lead to privileges being dropped improperly. Versions less than 2.12r-r8 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5191
MD5 | 71b4aca2aca73e6a69751ac8e61c7132
Debian Linux Security Advisory 1389-1
Posted Oct 18, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1389-1 - It was discovered that zoph, a web based photo management system, performs insufficient input sanitizing, which allows SQL injection.

tags | advisory, web, sql injection
systems | linux, debian
advisories | CVE-2007-3905
MD5 | 4b0b16e17ae71170c36d120ef22d5d8b
Debian Linux Security Advisory 1388-1
Posted Oct 18, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1388-1 - It was discovered that dhcp, a DHCP server for automatic IP address assignment, didn't correctly allocate space for network replies. This could potentially allow a malicious DHCP client to execute arbitrary code upon the DHCP server.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2007-5365
MD5 | 9d2033eca1d5196eddf26e6f4fb6ffec
SYMSA-2007-011.txt
Posted Oct 18, 2007
Authored by Ollie Whitehouse | Site symantec.com

Symantec Vulnerability Research SYMSA-2007-011 - A vulnerability has been discovered in the SMS handler on Windows Mobile 2005 Pocket PC Phone edition which means the sender of the original SMS message can be masked from the recipient when sent a specifically crafted WAP PUSH message.

tags | advisory
systems | windows
advisories | CVE-2007-5493
MD5 | e24110e7aa7f663a5d2ed64308d72156
Technical Cyber Security Alert 2007-290A
Posted Oct 18, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-290A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
MD5 | d5c97101601ad13ece13321675a9d954
Mandriva Linux Security Advisory 2007.199
Posted Oct 18, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A number of vulnerabilities and security-related issues have been fixed in phpMyAdmin versions since the 2.9.1.1 release. This update provides version 2.11.1.2 which is the latest stable release of phpMyAdmin.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2007-0095, CVE-2007-0203, CVE-2007-0204, CVE-2007-1325, CVE-2007-1395, CVE-2007-2245, CVE-2007-4306, CVE-2007-5386
MD5 | 63068dbd378f93dd27eb133bc954fb9e
Cisco Security Advisory 20071017-asa
Posted Oct 18, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two crafted packet vulnerabilities exist in the Cisco PIX 500 Series Security Appliance (PIX) and the Cisco 5500 Series Adaptive Security Appliance (ASA) that may result in a reload of the device. These vulnerabilities are triggered during processing of Media Gateway Control Protocol (MGCP) packets, or during processing of Transport Layer Security (TLS) traffic that terminates on the PIX or ASA security appliance.

tags | advisory, vulnerability, protocol
systems | cisco
MD5 | e4ff59388364c154911f65adff3df622
Cisco Security Advisory 20071017-fwsm
Posted Oct 18, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Two crafted packet vulnerabilities exist in the Cisco Firewall Services Module (FWSM) that may result in a reload of the FWSM. These vulnerabilities can be triggered during the processing of HTTPS requests, or during the processing of Media Gateway Control Protocol (MGCP) packets. A third vulnerability may cause access control list (ACL) entries to not be evaluated after the access list has been manipulated.

tags | advisory, web, vulnerability, protocol
systems | cisco
MD5 | ee86a4edae50825cdb3ae77457a4bd1c
Cisco Security Advisory 20071017-IPCC
Posted Oct 18, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Unified Contact Center and Intelligent Contact Management products contain a vulnerability that may result in unauthorized access to the web-based reporting and script monitoring tool (Web View) and the web-based configuration tool (Web Admin).

tags | advisory, web
systems | cisco
MD5 | 244e079104e4868a9ff5bec548531d60
Cisco Security Advisory 20071017-cucm
Posted Oct 18, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Manager (CUCM), formerly CallManager, contains two denial of service (DoS) vulnerabilities. Large volumes of UDP Session Initiation Protocol (SIP) INVITE messages may cause a resource exhaustion condition on CUCM systems resulting in a kernel panic. The CUCM Trivial File Transfer Protocol (TFTP) service contains a buffer overflow vulnerability that may result in a denial of service condition or allow a remote, unauthenticated user to execute arbitrary code. There are no workarounds for these vulnerabilities.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, udp, vulnerability, protocol
systems | cisco
MD5 | 12346c759f4592e4e636e40e7256679e
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Oct 18, 2007
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Removed recursive pthread mutexes since uClib does not support them.
tags | kernel, encryption
systems | linux
MD5 | 6659c08512ef7a671b934f4858cd5bd3
awzmb-rfi.txt
Posted Oct 18, 2007
Authored by S.W.A.T. | Site xmors.com

awzMB versions 4.2 beta 1 and below suffer from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | e899c35b0e9405442b86dabe772023b0
limesurvey152-rfi.txt
Posted Oct 18, 2007
Authored by S.W.A.T. | Site xmors.com

LimeSurvey versions 1.52 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 3de65ce04f1c1d304a60fc514724580d
phpdj-rfi.txt
Posted Oct 18, 2007
Authored by GolD_M | Site tryag.cc

PHPDJ version 0.5 suffers from a remote file inclusion vulnerability in djpage.php.

tags | exploit, remote, php, code execution, file inclusion
MD5 | 1334689a78c8a950d4c93e9a0d0fac1e
NISR17102007E.txt
Posted Oct 18, 2007
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - The Oracle XML DB ftp service contains problems with auditing logins.

tags | advisory
MD5 | 03a2b4d2ce1e0e61066c4236c2f3932c
NISR17102007D.txt
Posted Oct 18, 2007
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - The Oracle RDBMS on receiving an invalid TNS data packet will use 100% of the CPU's time introducing a denial of service condition.

tags | advisory, denial of service
MD5 | a370f981cb7f34a8094c806a8b0dfddf
NISR17102007C.txt
Posted Oct 18, 2007
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - The Oracle TNS Listener suffers from denial of service and/or remote memory inspection vulnerabilities. Systems affected include Oracle 8.1.7.4, 10g Release 2 and 1, Oracle 9.

tags | advisory, remote, denial of service, vulnerability
MD5 | 4b1d5b9c9a68052baf1d1b81653d3661
NISR17102007B.txt
Posted Oct 18, 2007
Authored by David Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory - The Workspace Manager in Oracle 10g release 1 and 2 and Oracle 9i is vulnerable to SQL injection. The Workspace Manager, owned by SYS, contains a package called LT. This package is owned and defined by the SYS user and can be executed by PUBLIC. LT contains a procedure called FINDRICSET which calls the FINDRICSET package in the LTRIC package. This is vulnerable to SQL injection and can be abused by an attacker to gain SYS privileges.

tags | advisory, sql injection
MD5 | 69edd82fa8cac473f288d4f330ee5ac6
Page 1 of 3
Back123Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    16 Files
  • 22
    May 22nd
    13 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close