exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 57 RSS Feed

Files Date: 2007-11-07

Gentoo Linux Security Advisory 200711-9
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-09 - Clemens Kolbitsch and Sylvester Keil reported an error when processing beacon frames with an overly large length value in the xrates element. Versions less than 0.9.3.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5448
SHA-256 | cdb4e248d974bf9f3c2d3160376436a0968bbf8ff3b8be093cb9efd7bd4ab2e3
Debian Linux Security Advisory 1402-1
Posted Nov 7, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1402-1 - Steve Kemp from the Debian Security Audit project discovered that gforge, a collaborative development tool, used temporary files insecurely which could allow local users to truncate files upon the system with the privileges of the gforge user, or create a denial of service attack.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2007-3921
SHA-256 | 83cf871582c0f2f1785740f1f1c14e639dc8c07188efff8263516a3c1c55a4b6
Gentoo Linux Security Advisory 200711-8
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-08 - An off-by-one error when handling ICC profile chunks in the png_set_iCCP() function was discovered. George Cook and Jeff Phillips reported several errors in pngrtran.c, the use of logical instead of a bitwise functions and incorrect comparisons. Tavis Ormandy reported out-of-bounds read errors in several PNG chunk handling functions. Versions less than 1.2.21-r3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5266, CVE-2007-5268, CVE-2007-5269
SHA-256 | d69eab70f1eed07c06dddfddec2d2a89e5accf81afc417284e481013a4068d2f
Gentoo Linux Security Advisory 200711-7
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-07 - Slythers Bro discovered multiple integer overflows in the imageop module, one of them in the tovideo() method, in various locations in files imageop.c, rbgimgmodule.c, and also in other files. Versions less than 2.4.4-r6 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4965
SHA-256 | 2fb3dc7550b78ddefc9837c110eab024f2532db2e6549845e662f020b562ae99
Gentoo Linux Security Advisory 200711-6
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-06 - Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex. An error has been discovered in the recall_headers() function in mod_mem_cache. The mod_cache module does not properly sanitize requests before processing them. The Prefork module does not properly check PID values before sending signals. The mod_proxy module does not correctly check headers before processing them. Versions less than 2.2.6 are affected.

tags | advisory, vulnerability, xss
systems | linux, gentoo
advisories | CVE-2006-5752, CVE-2007-1862, CVE-2007-1863, CVE-2007-3304, CVE-2007-3847, CVE-2007-4465
SHA-256 | 3af714c78881d176cc1b41256f3f354e3c88517f7cc34687fe2d8f0b5a7a9ef6
secunia-xpdf.txt
Posted Nov 7, 2007
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system. An array indexing error, integer overflow, and boundary error all exist. Xpdf version 3.02 with the xpdf-3.02pl1.patch is affected.

tags | advisory, overflow, vulnerability
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
SHA-256 | db7926f6baf6cd881e47ceeba424de373bbceb3b243705bc23d61922f9cb077e
sipvicious-0.2.1.tar.gz
Posted Nov 7, 2007
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

Changes: Session state is now saved and svmap supports sending INVITE to particular extensions. The rest are mostly bug fixes and stability.
tags | telephony, python
SHA-256 | 44b8f1330394d7ee5c5a5ce92f71f1909241c1b2caa71c754c83930bc18bd737
secunia-abiword.txt
Posted Nov 7, 2007
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in AbiWord Link Grammar, which can be exploited by malicious people to compromise an application using the library. Version 4.2.4 is affected.

tags | advisory
advisories | CVE-2007-5395
SHA-256 | 35cb57c20c1b5fffa8c0266a03e117db8c1180ef7b09ebd9d7b9ff6d8364e840
secunia-linkgrammar.txt
Posted Nov 7, 2007
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Link Grammar, which can be exploited by malicious people to compromise an application using the affected code. Version 4.1b is affected.

tags | advisory
advisories | CVE-2007-5395
SHA-256 | 4f0f9129c0c405b31977030fcfdf263ff9f2e4be0e99cafe4813fc14f9401248
siteminder-xss.txt
Posted Nov 7, 2007
Authored by Giuseppe Gottardi | Site overet.securitydate.it

SiteMinder Agent suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 913578418723ce1d7fc6a17b8379b86e3fbc7f81742bbd87fd8fec2e2caffff9
Secunia Security Advisory 26462
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Joren McReynolds has reported some vulnerabilities in Cisco Unified Meeting Place, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | cisco
SHA-256 | 46a027f9978d34ddbb18d883b21dbca8af885758eccc253f0bc5e1e4f79917f2
Secunia Security Advisory 27260
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | a69780e0e06c95da7dee8344f7db533b3de45ec84e8a82fc1699aef30632febc
Secunia Security Advisory 27340
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in the AbiWord Link Grammar library, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 32de72b87ada2a66a050737daff796f79c3e44c46021f2c6af2a5968d13c8094
Secunia Security Advisory 27556
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Chris has reported a vulnerability in the Cypress script for BitchX, which can be exploited by malicious people to disclose potentially sensitive information or to compromise a vulnerable system.

tags | advisory
SHA-256 | 6fa57c7c91c6e66f60620f18052c9c8f1c41506f6a8feb327dc874f7496f8d1a
Secunia Security Advisory 27530
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Plone, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | d49ab0bb954a787b5499aff5fd7378501827130bbcea5eeedc68bc5c2269fee4
Secunia Security Advisory 27533
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - DarkFig has discovered a vulnerability in JBC Explorer, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory
SHA-256 | 3fb94642dc04b00a37663b1bc8faed4c093ac5e9091b54edf309e6dfb33e4bae
Secunia Security Advisory 27540
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
SHA-256 | 2c72b09e161dbb94b7a00d56851b4f6530206a2567fda7baa8c8dfaf8fbc011e
setlocate-local.txt
Posted Nov 7, 2007
Authored by Thomas Pollet

IBM AIX versions 5.3.0 and below setlocale() local privilege escalation exploit.

tags | exploit, local
systems | aix
advisories | CVE-2006-4254
SHA-256 | 14ebfd27e72f7eebada0b196fafd8c4c2f44fc8906848a379413f15b18717824
bunny-0.91.tgz
Posted Nov 7, 2007
Authored by Michal Zalewski | Site code.google.com

Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.

Changes: Various bug fixes.
tags | protocol, fuzzer
SHA-256 | ebfb03563564202d26c9314f19b2cbbdf98cdb2c16d21f6628ccf680af7d3db6
Secunia Security Advisory 27489
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for netpbm. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | b7501ae81ad03356ab9c65d2af9dbfe61904d3137b702c11fb9452a8e710f59d
Secunia Security Advisory 27539
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Archive::Tar Perl module, which can be exploited by malicious people to compromise a user's system.

tags | advisory, perl
SHA-256 | 96992f4d0f988acf20d75c5693a0a0914a1ee190ae8b03674b68df183c9658e5
Technical Cyber Security Alert 2007-310A
Posted Nov 7, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-310A - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Versions below 7.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | apple
SHA-256 | 9a845607c7692d683f7a55b5861d0d9bbabe9d325b6c9f1e3396c293d93624e1
Mandriva Linux Security Advisory 2007.210
Posted Nov 7, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

tags | advisory, overflow, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2007-4568, CVE-2007-4990
SHA-256 | 3590d95e704a2b4bb5d685df07d508326a9d5921828ec1b7d94910404cf25c19
Gentoo Linux Security Advisory 200711-5
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-05 - Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the dir parameter; the translation module also does not sanitize the values of the edit and value parameters which it passes to eval() and include(); the log-in command does not validate the URL to redirect users to after logging in; SiteBar also contains several cross-site scripting vulnerabilities. Versions less than 3.3.9 are affected.

tags | advisory, vulnerability, xss
systems | linux, gentoo
advisories | CVE-2007-5491, CVE-2007-5492, CVE-2007-5692, CVE-2007-5693, CVE-2007-5694, CVE-2007-5695
SHA-256 | 36771fb0329b6926ba517c37cc21aa30da4b07b906f850422e0062503b31d17e
Gentoo Linux Security Advisory 200711-4
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-04 - The imap_rescan() function of the file camel-imap-folder.c does not properly sanitize the SEQUENCE response sent by an IMAP server before being used to index arrays. Versions less than 1.10.3.1 are affected.

tags | advisory, imap
systems | linux, gentoo
advisories | CVE-2007-3257
SHA-256 | 6ab17f9c7332d6005a5f0de76d49e87be1e40ce82a77350dd6ded6d82833e4cc
Page 1 of 3
Back123Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close