what you don't know can hurt you
Showing 1 - 25 of 47 RSS Feed

Files Date: 2007-11-16

Mandriva Linux Security Advisory 2007.221
Posted Nov 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in kpdf. An attacker could create a malicious PDF file that would cause kpdf to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | 653876dc602521aaabe631ca6bf660a3
Mandriva Linux Security Advisory 2007.220
Posted Nov 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in gpdf. An attacker could create a malicious PDF file that would cause gpdf to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | 69593546afb721d6fb53d6aaded7144b
Mandriva Linux Security Advisory 2007.219
Posted Nov 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in xpdf. An attacker could create a malicious PDF file that would cause xpdf to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | f2df8f41505283862496fbe63d3514af
RISE-2007004.txt
Posted Nov 16, 2007
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

There exists a vulnerability within an architecture dependent function of the Apple Mac OS X 10.4.x kernel, which when properly exploited can lead to local compromise of the vulnerable system. Proof of concept code included.

tags | exploit, kernel, local, proof of concept
systems | apple, osx
MD5 | f7cb9a678cad1e52e9b8323a667b2f32
ProCheckUp Security Advisory 2007.26
Posted Nov 16, 2007
Authored by ProCheckUp, Jan Fry | Site procheckup.com

The Aruba 800 is vulnerable to a persistent cross site scripting vulnerability on the administrator login screen.

tags | exploit, xss
MD5 | e832c68f33e43997356ffe700c515f1b
ProCheckUp Security Advisory 2007.2
Posted Nov 16, 2007
Authored by Adrian Pastor, ProCheckUp | Site procheckup.com

The Liferay Portal login page is vulnerable to a cross site scripting vulnerability within the "login" field processed by the "/c/portal/login" server-side script.

tags | exploit, xss
MD5 | 7b9abfad8585fd2146ccbb87c11f4500
Secunia Security Advisory 27559
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for zope-cmfplone. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
MD5 | 2fc8483fcf4bd21f6c82fb44d1f97b5e
Ubuntu Security Notice 544-1
Posted Nov 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 544-1 - Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. Alin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges.

tags | advisory, remote, denial of service, overflow, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2007-5398, CVE-2007-4572
MD5 | 16bd422ddf2c0a218797ed724276624b
Ubuntu Security Notice 543-1
Posted Nov 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 543-1 - Neel Mehta and Ryan Smith discovered that the VMWare Player DHCP server did not correctly handle certain packet structures. Remote attackers could send specially crafted packets and gain root privileges. Rafal Wojtczvk discovered multiple memory corruption issues in VMWare Player. Attackers with administrative privileges in a guest operating system could cause a denial of service or possibly execute arbitrary code on the host operating system.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4496, CVE-2007-4497
MD5 | 24a482be135004abb40a5ba0e1911e58
Ubuntu Security Notice 542-2
Posted Nov 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 542-2 - USN-542-1 fixed a vulnerability in poppler. This update provides the corresponding updates for KWord, part of KOffice. Secunia Research discovered several vulnerabilities in poppler. If a user were tricked into loading a specially crafted PDF file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges in applications linked against poppler.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | bac4e1bd42fa4b7ac989e879f7e27092
EEYE-flac.txt
Posted Nov 16, 2007
Authored by Greg Linares | Site eeye.com

eEye Digital Security has discovered 14 vulnerabilities in the processing of FLAC (Free-Lossless Audio Codec) files affecting various applications. Processing a malicious FLAC file within a vulnerable application could result in the execution of arbitrary code at the privileges of the application or the current user (depending on OS).

tags | advisory, arbitrary, vulnerability
MD5 | 706194b7826e52d2af09ba987033b92e
TKADV2007-001.txt
Posted Nov 16, 2007
Authored by Tobias Klein | Site trapkit.de

The xnu kernel of Mac OS X contains a vulnerability in the code that handles TIOCSETD ioctl requests. Exploitation of this vulnerability can lead to denial of service and code execution.

tags | advisory, denial of service, kernel, code execution
systems | apple, osx
advisories | CVE-2007-4686
MD5 | 88c07513ac15b9342ddde37b417d5f43
Technical Cyber Security Alert 2007-319A
Posted Nov 16, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-319A - Apple has released Mac OS X 10.4.11 and Security Update 2007-008 to address multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | apple, osx
MD5 | 89ab9961b2b4060afaa56c9d1e3ec030
stproxy-0.9.1.tar.gz
Posted Nov 16, 2007
Authored by Adam Hurkala

stproxy is small and simple single-threaded HTTP/SSL proxy server released under the GNU General Public License (GPL). stproxy uses as little resources as possible, while still being very fast and efficient.

Changes: Added support for HEAD method.
tags | web
MD5 | e866b16e098629bb809e239487573f3d
flexgrid-overflow.txt
Posted Nov 16, 2007
Authored by Elazar Broad

The FlexGrid component version 7.1 suffers from stack overflows.

tags | exploit, overflow
MD5 | f10dc195b91a28edd7c47f499acc4115
secunia-netbios.txt
Posted Nov 16, 2007
Site secunia.com

Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending NetBIOS replies. This can be exploited to cause a stack-based buffer overflow by sending multiple specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request. Samba version 3.0.26a is affected.

tags | advisory, overflow
advisories | CVE-2007-5398
MD5 | db0f59106b8205bb0ddf17f924d35fa6
samba-nmbdexec.txt
Posted Nov 16, 2007
Site samba.org

Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the "wins support" parameter has been enabled in smb.conf. Samba versions 3.0.0 through 3.0.26a are affected.

tags | advisory, arbitrary
advisories | CVE-2007-5398
MD5 | 654dd8b16cb5fa9e199fa2e9017d8162
aida-disclose.txt
Posted Nov 16, 2007
Authored by MC Iglo

Aida-Web may suffer from some information exposure vulnerabilities.

tags | advisory, web, vulnerability, info disclosure
MD5 | ec86e1096fe986eb00737c870438e9cb
sshutout-1.0.4.tar.gz
Posted Nov 16, 2007
Authored by Bil DuPree | Site techfinesse.com

sshutout is a daemon that periodically monitors log files, looking for multiple failed login attempts via the Secure Shell daemon. The daemon is meant to mitigate what are commonly known as "dictionary attacks," i.e. scripted brute force attacks that use lists of user IDs and passwords to effect unauthorized intrusions. The sshutout daemon blunts such attacks by creating firewall rules to block individual offenders from accessing the system. These rules are created when an attack signature is detected, and after a configurable expiry interval has elapsed, the rules are deleted.

tags | shell, encryption
MD5 | 009b88377bb61919bdc0f53a4651bc70
Secunia Security Advisory 27565
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for horde3. This fixes some vulnerabilities, which can be exploited by malicious people to conduct phishing and cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
MD5 | 3b2c86f20e61670024d9b45272d40a79
Secunia Security Advisory 26276
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Peter Ohlerich has reported a vulnerability in Lantronix SCS3200, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 971f9c1d9b1bc4ac1a09b7478b323efe
Secunia Security Advisory 27450
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Samba, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | ebe4eaabe22f3313a6e24a54739d0b39
Secunia Security Advisory 27597
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for django. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
MD5 | 4af1d76ada4b7c0d85fc0daae07ddd85
Secunia Security Advisory 27612
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mono. This fixes a vulnerability with an unknown impact.

tags | advisory
systems | linux, fedora
MD5 | 7206226e00b80a1b9e5b759c1a543c98
Secunia Security Advisory 27614
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
MD5 | 4ca7ce0e4b80ebb54af2b0198280302b
Page 1 of 2
Back12Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    12 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close