all things security
Showing 1 - 25 of 42 RSS Feed

Files Date: 2007-11-08

Secunia Security Advisory 27586
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Steve Kemp has reported a security issue in GForge, which can be exploited by malicious, local users to truncate arbitrary files.

tags | advisory, arbitrary, local
MD5 | c56925e6264f1ffe040458921fb10a7f
Debian Linux Security Advisory 1404-1
Posted Nov 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1404-1 - Nicklous Roberts discovered that the Reupload module of Gallery 2, a web based photo management application, allowed unauthorized users to edit Gallery's data file.

tags | advisory, web
systems | linux, debian
advisories | CVE-2007-4650
MD5 | ac44e6a1640b5db47bbd2560fb44b166
Debian Linux Security Advisory 1403-1
Posted Nov 8, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1403-1 - Omer Singer of the DigiTrust Group discovered several vulnerabilities in phpMyAdmin, an application to administrate MySQL over the WWW. phpMyAdmin allows a remote attacker to inject arbitrary web script or HTML in the context of a logged in user's session (cross site scripting). phpMyAdmin, when accessed by a browser that does not URL-encode requests, allows remote attackers to inject arbitrary web script or HTML via the query string.

tags | advisory, remote, web, arbitrary, vulnerability, xss
systems | linux, debian
advisories | CVE-2007-5589, CVE-2007-5386
MD5 | ebef30c98719dfff911a0788284f0536
Mandriva Linux Security Advisory 2007.213
Posted Nov 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2007-1660
MD5 | 419f8570df845774c467abb9c94a6f4d
Mandriva Linux Security Advisory 2007.212
Posted Nov 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2007-1659, CVE-2007-1660
MD5 | 4a10d480630399081cc9b29433fc4791
Mandriva Linux Security Advisory 2007.211
Posted Nov 8, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application.

tags | advisory, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768
MD5 | d404ef582f6c62567198754e268e3457
AST-2007-024.txt
Posted Nov 8, 2007
Authored by Michal Bucko, Mark Michelson | Site asterisk.org

Asterisk Project Security Advisory - This advisory is a response to a false security vulnerability published in several places on the Internet. Had Asterisk's developers been notified prior to its publication, there would be no need for this. There is a potential for a buffer overflow in the sethdlc application; however, running this application requires root access to the server, which means that exploiting this vulnerability gains the attacker no more advantage than what he already has. As such, this is a bug, not a security vulnerability.

tags | advisory, overflow, root
advisories | CVE-2007-5690
MD5 | 4e70e810f66fe1da827e00a4ea82b022
lotfian-sql.txt
Posted Nov 8, 2007
Authored by The-0utl4w | Site aria-security.net

Lotfian BROCHURE Management System is susceptible to SQL injection attacks.

tags | exploit, sql injection
MD5 | 18b30b65f8a0986501202f5e18edd40b
HP Security Bulletin 2007-14.84
Posted Nov 8, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in the Aries PA-RISC emulation software running on HP-UX IA-64 platforms only. This vulnerability may allow local unauthorized access.

tags | advisory, local, risc
systems | hpux
MD5 | b37ed6fcf3812f73f0e2bf08547f9d5b
Gentoo Linux Security Advisory 200711-13
Posted Nov 8, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-13 - 3proxy contains a double free vulnerability in the ftpprchild() function, which frees param->hostname and calls the parsehostname() function, which in turn attempts to free param->hostname again. Versions less than 0.5.3j are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5622
MD5 | 4c693bb5c066662ed6e09a37b427b986
Gentoo Linux Security Advisory 200711-12
Posted Nov 8, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-12 - Jan Oravec reported that the /usr/bin/tomboy script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) to be included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 0.8.1-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-4790
MD5 | 5960f033e452769b32ce449af3d5d7d3
Gentoo Linux Security Advisory 200711-11
Posted Nov 8, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-11 - fabiodds reported a boundary checking error in the check_snmp plugin when processing SNMP GET replies that could lead to a stack-based buffer overflow. Nobuhiro Ban reported a boundary checking error in the redir() function of the check_http plugin when processing HTTP Location: header information which might lead to a buffer overflow. Versions less than 1.4.10-r1 are affected.

tags | advisory, web, overflow
systems | linux, gentoo
advisories | CVE-2007-5198, CVE-2007-5623
MD5 | 59425702583a03eb898842fae835be14
texinfo-poc.txt
Posted Nov 8, 2007
Authored by Cody Rester | Site codyrester.com

texinfo versions 4.9 and below format string proof of concept exploit.

tags | exploit, proof of concept
MD5 | f0c3b36bc36ae59d4ec72e1ceccb1643
OpenPKG Security Advisory 2007.23
Posted Nov 8, 2007
Authored by OpenPKG Foundation | Site openpkg.com

OpenPKG Security Advisory - Will Drewry and Tavis Ormandy of the Google Security Team have discovered a UTF-8 related heap overflow in the regular expression compiler of the Perl programming language, probably allowing attackers to execute arbitrary code by compiling specially crafted regular expressions. The bug manifests in a possible buffer overflow in the polymorphic "opcode" support code, caused by ASCII regular expressions that really are Unicode regular expressions.

tags | advisory, overflow, arbitrary, perl
advisories | CVE-2007-5116
MD5 | 7d78792bfaaef1d474a80e73e2ac9b60
rapid-sql.txt
Posted Nov 8, 2007
Authored by The-0utl4w | Site aria-security.net

Rapid Classified suffers from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | f07971690064fa1c54da69a9fecdee2c
bunny-0.92.tgz
Posted Nov 8, 2007
Authored by Michal Zalewski | Site code.google.com

Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.

Changes: IPC handling bug fix.
tags | protocol, fuzzer
MD5 | 37ee71ac134446b5560d912ea82da562
nufw-2.2.8.tar.gz
Posted Nov 8, 2007
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Multiple bug fixes and some documentation additions.
tags | tool, remote, firewall
systems | unix
MD5 | 95b45bc5eb62d966e964dced1f9aa85a
Secunia Security Advisory 26503
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in GNOME gpdf, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 5785ffe34e05351180c18ca42d08fedb
Secunia Security Advisory 27479
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, perl
systems | linux, debian
MD5 | 7b6d1e7712949218bdbfee41b1f494bc
Secunia Security Advisory 27504
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PicoFlat CMS, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, vulnerability
MD5 | 6efc049a73e9db589891a6d2c243ed6d
Secunia Security Advisory 27515
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, perl
MD5 | f02ec8610807e2a3c6a1ba16f4fcdca7
Secunia Security Advisory 27535
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in C++ Sockets Library, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | e1bf21e180843dc4de90f7ab779fe12e
Secunia Security Advisory 27549
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for gforge. This fixes a security issue, which can be exploited by malicious, local users to truncate arbitrary files.

tags | advisory, arbitrary, local
systems | linux, debian
MD5 | 73bd8d79f3f3d14937430bea021e5133
Secunia Security Advisory 27554
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for pcre. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
MD5 | e441311fcd10dcc8bb4cf8eefcdf44a7
Secunia Security Advisory 27560
Posted Nov 8, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local, vulnerability
systems | linux, mandriva
MD5 | 0ee6371d1726995f40abc8fea0d2e036
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close