what you don't know can hurt you
Showing 1 - 25 of 59 RSS Feed

Files Date: 2007-11-15

samba-nmbdoverflow.txt
Posted Nov 15, 2007
Site samba.org

Samba versions 3.0.0 through 3.0.26a suffer from a vulnerability where the processing of specially crafted GETDC mailslot requests can result in a buffer overrun in nmbd.

tags | advisory, overflow
advisories | CVE-2007-4572
MD5 | 075f97f649c9adb362e7901b79904f00
HP Security Bulletin 2007-14.83
Posted Nov 15, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities may allow remote unauthorized access.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2007-5240, CVE-2007-5239, CVE-2007-5236, CVE-2007-5237, CVE-2007-5238, CVE-2007-5273, CVE-2007-5274, CVE-2007-5232, CVE-2007-5689
MD5 | f61323f72f6eadfecba5c24c6bf75819
InvisibleInk-source.zip
Posted Nov 15, 2007
Authored by Marco Ceriani | Site enlargeyournerd.com

Invisible Ink is a very simple and intuitive steganography program coded in C# that embeds text into a .bmp picture file. Text can be easily encrypted/decrypted with Rijndael algorithm using a 256 byte key generated with the sha256 function.

tags | encryption, steganography
MD5 | 50cb0cd7381bac565c591d0df58d2c96
wordpressbf.py.txt
Posted Nov 15, 2007
Authored by d3hydr8 | Site darkc0de.com

WordPress brute forcing utility for wp-login.php.

tags | cracker, php
MD5 | 9491e738dc0f57fca6caf609f628a457
secunia-samba.txt
Posted Nov 15, 2007
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending NetBIOS replies. This can be exploited to cause a stack-based buffer overflow by sending multiple specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request. Successful exploitation allows execution of arbitrary code, but requires that Samba is configured to run as a WINS server (the "wins support" option is enabled). Samba version 3.0.26a is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2007-5398
MD5 | a78f93bd20591fd195541b9b8aab6c25
Secunia Security Advisory 27550
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in BtitTracker, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks and to bypass certain security restrictions.

tags | advisory, vulnerability, xss, sql injection
MD5 | 50e0677900c5b676f37eb53f9b551b1f
Secunia Security Advisory 27625
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | ac6d55d2fe1fff6c1d9ae7b93452a4c7
Secunia Security Advisory 27629
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
MD5 | 4ef59c9eb404179bf07f38cecc2d4e1b
Secunia Security Advisory 27633
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Citrix Presentation Server, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 501a859de3e44bf2b1cb0b2937c6aea2
Secunia Security Advisory 27641
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for poppler. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, suse
MD5 | c7dcbf82769d03a0fc91a847aa79e4cd
Secunia Security Advisory 27648
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities and weaknesses have been reported in PHP, where some have unknown impacts and others can be exploited to bypass certain security restrictions.

tags | advisory, php, vulnerability
MD5 | f37510528efd9c8e847554260b72f2e5
Secunia Security Advisory 27665
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for firefox, seamonkey, and xulrunner. This fixes some vulnerabilities and a weakness, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | 6492cd9282e0a4275b93e6f12f853e37
Secunia Security Advisory 27671
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - L4teral has discovered a vulnerability in AutoIndex PHP Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
MD5 | 117f48f11e5d49fd224f00bb29ee81dd
Secunia Security Advisory 27673
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for ruby. This fixes some security issues, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof, ruby
systems | linux, redhat
MD5 | 96236a58af82046f703ba5c15885ea83
Secunia Security Advisory 27677
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ShAy6oOoN has discovered a vulnerability in X7 Chat, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 0059c12916385ce6a9011f9008e90ebd
Secunia Security Advisory 27566
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Emiliano Scavuzzo has discovered a vulnerability in TorrentStrike, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 9c52e38d4890ce02e63df39f05f3778a
Secunia Security Advisory 27628
Posted Nov 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for flac. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | eab938ee4a5f521db9999e6ac96b0da5
iDEFENSE Security Advisory 2007-11-14.4
Posted Nov 15, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 11.14.07 - Local exploitation of an access validation vulnerability in Apple Inc.'s Mac OS X could allow an attacker to execute arbitrary code with root privileges. When executing a setuid-root binary, the Mach kernel does not reset the current thread Mach port, or the current thread Mach Exception Port. By first creating and obtaining write access to a Mach port, and then executing a set-uid root binary, an attacker can write arbitrary data into the address space of the process running as root. This leads to arbitrary code execution in the privileged process.

tags | advisory, arbitrary, kernel, local, root, code execution
systems | apple, osx
advisories | CVE-2007-3749
MD5 | db69f1be2a8ab12fae9c857505ecbf9d
iDEFENSE Security Advisory 2007-11-14.3
Posted Nov 15, 2007
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 11.14.07 - Local exploitation of a heap based buffer overflow in Apple Inc.'s OS X may allow an attacker to execute arbitrary code in kernel context. The vulnerability exists within a function responsible for allocating an mbuf. mbufs are a BSD concept, long used by BSD kernels to allocate buffers for storing network related data. iDefense has confirmed the existence of this vulnerability in Mac OS X 10.4.10, Workstation and Server editions. Previous versions may also be affected.

tags | advisory, overflow, arbitrary, kernel, local
systems | bsd, apple, osx
advisories | CVE-2007-4268
MD5 | 6de650a9d042d02fefa2db42ec8f8855
iDEFENSE Security Advisory 2007-11-14.2
Posted Nov 15, 2007
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 11.14.07 - Local exploitation of a stack based buffer overflow in Apple Inc.'s OS X may allow an attacker to execute arbitrary code in kernel context. The vulnerability exists within the function responsible for adding an AppleTalk zone to an interface's routing table. A zone can be thought of as something similar to a Windows Domain. iDefense has confirmed the existence of this vulnerability in Mac OS X 10.4.10, Workstation and Server editions. Previous versions may also be affected.

tags | advisory, overflow, arbitrary, kernel, local
systems | windows, apple, osx
advisories | CVE-2007-4267
MD5 | ea8d9166977c7f47a836f402e57a0fd4
iDEFENSE Security Advisory 2007-11-14.1
Posted Nov 15, 2007
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 11.14.07 - Local exploitation of a heap based buffer overflow in Apple Inc.'s OS X may allow an attacker to execute arbitrary code in kernel context. The vulnerability exists within a function responsible for sending an ASP (AppleTalk Session Protocol) message on an AppleTalk socket. When allocating a buffer, the kernel uses a user provided integer to perform an arithmetic operation that calculates the number of bytes to allocate. This calculation can overflow, leading to the allocation of a buffer of insufficient size. This results in an exploitable heap based buffer overflow within the kernel. iDefense has confirmed the existence of this vulnerability in Mac OS X 10.4.10, Workstation and Server editions. Previous versions may also be affected.

tags | advisory, overflow, arbitrary, kernel, local, protocol, asp
systems | apple, osx
advisories | CVE-2007-4269
MD5 | 5bd7873cfc1a981a20a28fff6f9c381f
Gentoo Linux Security Advisory 200711-20
Posted Nov 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-20 - Bas Wijnen discovered that the Pioneers server may free sessions objects while they are still in use, resulting in access to invalid memory zones. Versions less than 0.11.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-5933
MD5 | 5da6825de9348088c32d2d8d06d10924
Gentoo Linux Security Advisory 200711-19
Posted Nov 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-19 - Stefan Esser reported that a previous vulnerability was not properly fixed in TikiWiki 1.9.8.1. The TikiWiki development team also added several checks to avoid file inclusion. Versions less than 1.9.8.3 are affected.

tags | advisory, file inclusion
systems | linux, gentoo
advisories | CVE-2007-5423, CVE-2007-5682
MD5 | 756e25fd4face3714ba508cfca928d4a
Gentoo Linux Security Advisory 200711-18
Posted Nov 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-18 - A buffer overflow vulnerability in the safer_name_suffix() function in GNU cpio has been discovered. Versions less than 2.9-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4476
MD5 | 8f79f9df7168b3a8e16794ea3234dbbd
Gentoo Linux Security Advisory 200711-17
Posted Nov 15, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200711-17 - candlerb found that ActiveResource, when processing responses using the Hash.from_xml() function, does not properly sanitize filenames. The session management functionality allowed the session_id to be set in the URL. BCC discovered that the to_json() function does not properly sanitize input before returning it to the user. Versions less than 1.2.5 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-3227, CVE-2007-5379, CVE-2007-5380
MD5 | dc5f1796319d91545f0c0f7455838bc9
Page 1 of 3
Back123Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close