exploit the possibilities
Showing 1 - 25 of 57 RSS Feed

Files Date: 2007-11-07

Gentoo Linux Security Advisory 200711-9
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-09 - Clemens Kolbitsch and Sylvester Keil reported an error when processing beacon frames with an overly large length value in the xrates element. Versions less than 0.9.3.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5448
MD5 | 961d46ee34c3b0f35bcc3ccf242cf88e
Debian Linux Security Advisory 1402-1
Posted Nov 7, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1402-1 - Steve Kemp from the Debian Security Audit project discovered that gforge, a collaborative development tool, used temporary files insecurely which could allow local users to truncate files upon the system with the privileges of the gforge user, or create a denial of service attack.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2007-3921
MD5 | 17dfaca82f3706e5ee00af94e90356b1
Gentoo Linux Security Advisory 200711-8
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-08 - An off-by-one error when handling ICC profile chunks in the png_set_iCCP() function was discovered. George Cook and Jeff Phillips reported several errors in pngrtran.c, the use of logical instead of a bitwise functions and incorrect comparisons. Tavis Ormandy reported out-of-bounds read errors in several PNG chunk handling functions. Versions less than 1.2.21-r3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5266, CVE-2007-5268, CVE-2007-5269
MD5 | 91774f16eb2509bc91fb7173604d093c
Gentoo Linux Security Advisory 200711-7
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-07 - Slythers Bro discovered multiple integer overflows in the imageop module, one of them in the tovideo() method, in various locations in files imageop.c, rbgimgmodule.c, and also in other files. Versions less than 2.4.4-r6 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4965
MD5 | 5e6a79a6694e21971b2fc94f992cac20
Gentoo Linux Security Advisory 200711-6
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-06 - Multiple cross-site scripting vulnerabilities have been discovered in mod_status and mod_autoindex. An error has been discovered in the recall_headers() function in mod_mem_cache. The mod_cache module does not properly sanitize requests before processing them. The Prefork module does not properly check PID values before sending signals. The mod_proxy module does not correctly check headers before processing them. Versions less than 2.2.6 are affected.

tags | advisory, vulnerability, xss
systems | linux, gentoo
advisories | CVE-2006-5752, CVE-2007-1862, CVE-2007-1863, CVE-2007-3304, CVE-2007-3847, CVE-2007-4465
MD5 | d0a654e53e1d16a9c2a5fa25a6c1337f
secunia-xpdf.txt
Posted Nov 7, 2007
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system. An array indexing error, integer overflow, and boundary error all exist. Xpdf version 3.02 with the xpdf-3.02pl1.patch is affected.

tags | advisory, overflow, vulnerability
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | 799a1d5d74d1d0cd593022e5323f4b12
sipvicious-0.2.1.tar.gz
Posted Nov 7, 2007
Authored by Sandro Gauci | Site sipvicious.org

SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

Changes: Session state is now saved and svmap supports sending INVITE to particular extensions. The rest are mostly bug fixes and stability.
tags | telephony, python
MD5 | a41df16fef97293f0623b1c59390b545
secunia-abiword.txt
Posted Nov 7, 2007
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in AbiWord Link Grammar, which can be exploited by malicious people to compromise an application using the library. Version 4.2.4 is affected.

tags | advisory
advisories | CVE-2007-5395
MD5 | 1c86e3f869d0038b2ad11508623a5f58
secunia-linkgrammar.txt
Posted Nov 7, 2007
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Link Grammar, which can be exploited by malicious people to compromise an application using the affected code. Version 4.1b is affected.

tags | advisory
advisories | CVE-2007-5395
MD5 | e57538a745ad765db929c35cbe71ad93
siteminder-xss.txt
Posted Nov 7, 2007
Authored by Giuseppe Gottardi | Site overet.securitydate.it

SiteMinder Agent suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5eb1ae53f1d3d45d32335dede1b2a78f
Secunia Security Advisory 26462
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Joren McReynolds has reported some vulnerabilities in Cisco Unified Meeting Place, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | cisco
MD5 | 5d7412f778dc6ecbd761e2fd96d707c4
Secunia Security Advisory 27260
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Xpdf, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 56c8ff59a18a850f0ff3f9219435cf31
Secunia Security Advisory 27340
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in the AbiWord Link Grammar library, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 81f952bd11b1cc09cda93c51db67579b
Secunia Security Advisory 27556
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Chris has reported a vulnerability in the Cypress script for BitchX, which can be exploited by malicious people to disclose potentially sensitive information or to compromise a vulnerable system.

tags | advisory
MD5 | dbc030238f597808ec0092f859609b5a
Secunia Security Advisory 27530
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Plone, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 0ac8fc2d69614ceaa2ec4c6735ae43a6
Secunia Security Advisory 27533
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - DarkFig has discovered a vulnerability in JBC Explorer, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory
MD5 | 3844d78db4f8f5678b29e19e6dad69c9
Secunia Security Advisory 27540
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for cups. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
MD5 | 722d9042d5be95311da2aa0ec3841105
setlocate-local.txt
Posted Nov 7, 2007
Authored by Thomas Pollet

IBM AIX versions 5.3.0 and below setlocale() local privilege escalation exploit.

tags | exploit, local
systems | aix
advisories | CVE-2006-4254
MD5 | 819234988ee6683a72080dff03d470a4
bunny-0.91.tgz
Posted Nov 7, 2007
Authored by Michal Zalewski | Site code.google.com

Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.

Changes: Various bug fixes.
tags | protocol, fuzzer
MD5 | 288b17950491878e849c03b3580bdeda
Secunia Security Advisory 27489
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for netpbm. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
MD5 | 2d954bd0fe6ccd46e9f9b24ac2516ebc
Secunia Security Advisory 27539
Posted Nov 7, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Archive::Tar Perl module, which can be exploited by malicious people to compromise a user's system.

tags | advisory, perl
MD5 | 5aeb81dd32bb7dda7de83dbe3f72d994
Technical Cyber Security Alert 2007-310A
Posted Nov 7, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-310A - Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. Versions below 7.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | apple
MD5 | c54873a3a1cac4bb175fa9e38f28498a
Mandriva Linux Security Advisory 2007.210
Posted Nov 7, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption.

tags | advisory, overflow, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2007-4568, CVE-2007-4990
MD5 | 03cfdc844269ee8302005df8fc4b54f0
Gentoo Linux Security Advisory 200711-5
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-05 - Tim Brown discovered these multiple issues: the translation module does not properly sanitize the value to the dir parameter; the translation module also does not sanitize the values of the edit and value parameters which it passes to eval() and include(); the log-in command does not validate the URL to redirect users to after logging in; SiteBar also contains several cross-site scripting vulnerabilities. Versions less than 3.3.9 are affected.

tags | advisory, vulnerability, xss
systems | linux, gentoo
advisories | CVE-2007-5491, CVE-2007-5492, CVE-2007-5692, CVE-2007-5693, CVE-2007-5694, CVE-2007-5695
MD5 | 653c13956ffb694b4e066882a76b4281
Gentoo Linux Security Advisory 200711-4
Posted Nov 7, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-04 - The imap_rescan() function of the file camel-imap-folder.c does not properly sanitize the SEQUENCE response sent by an IMAP server before being used to index arrays. Versions less than 1.10.3.1 are affected.

tags | advisory, imap
systems | linux, gentoo
advisories | CVE-2007-3257
MD5 | 73bfd4c7173bb1b3a317305f9d233fdf
Page 1 of 3
Back123Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    13 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close