what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2008-01-16

Debian Linux Security Advisory 1464-1
Posted Jan 16, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1464-1 - Oriol Carreras discovered that syslog-ng, a next generation logging daemon can be tricked into dereferencing a NULL pointer through malformed timestamps, which can lead to denial of service and the disguise of an subsequent attack, which would otherwise be logged.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2007-6437
SHA-256 | 709413684fbcfe4de2f8bce74ad577baf1efe925079cc2d1f27fee7378cdd765
TPTI-08-01.txt
Posted Jan 16, 2008
Authored by Cody Pierce | Site tippingpoint.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of malformed Image Descriptor (IDSC) atoms. Specifying a malicious atom size can result in an under allocated heap chunk and subsequently an exploitable heap corruption situation. QuickTime Player version 7.3 and QuickTime PictureViewer version 7.3 are affected.

tags | advisory, arbitrary
systems | apple
advisories | CVE-2008-0033
SHA-256 | ef7d96b0982ebabf7d4e87e2df2b476b5c438e320325d76b3b4f1d7df3d20a4c
quicktimebof.zip
Posted Jan 16, 2008
Authored by Luigi Auriemma | Site aluigi.org

The Apple Quicktime Player versions 7.3.1.70 and below HTTP error message buffer overflow exploit.

tags | exploit, web, overflow
systems | apple
SHA-256 | 89a653e5db8d7a3160f90c80abdc466ec35b708c1a5efdf2b96d5fa578d311a0
iDEFENSE Security Advisory 2008-01-15.5
Posted Jan 16, 2008
Authored by iDefense Labs, Jun Mao | Site idefense.com

iDefense Security Advisory 01.15.08 - Remote exploitation of a heap corruption vulnerability in Apple Computer Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in the handling of Macintosh Resources embedded in QuickTime movies. When processing these records, a length value stored in the resource header is not properly validated. When a length value larger than the actual buffer size is supplied, potentially exploitable memory corruption occurs. iDefense Labs confirmed this vulnerability exists in QuickTime Player version 7.3.1. Previous versions are suspected to be vulnerable.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2008-0032
SHA-256 | 6d73e3ce9736dc59d009c05ff809807ae8052bbc094fde1bd0def439d35351b7
iDEFENSE Security Advisory 2008-01-15.4
Posted Jan 16, 2008
Authored by iDefense Labs, Sean Larsson, McSlibin | Site idefense.com

iDefense Security Advisory 01.15.08 - Remote exploitation of multiple untrusted loop bounds vulnerabilities in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. When processing requests, SmartSockets uses values from the requests to control the number of iterations of several loops. Inside these loops, various memory operations are performed. Since attackers can control these values, potentially exploitable conditions arise. iDefense has confirmed the existence of these vulnerabilities in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2007-5656
SHA-256 | 7f196c84113ddcc385c5d70b854af7778a013336ae974c92f3479d023fc233d8
iDEFENSE Security Advisory 2008-01-15.3
Posted Jan 16, 2008
Authored by iDefense Labs, Sean Larsson, McSlibin | Site idefense.com

iDefense Security Advisory 01.15.08 - Remote exploitation of multiple untrusted pointer offset vulnerabilities in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. When processing requests, SmartSockets uses values from the requests as offsets added to valid pointers. The resulting pointer values are then used in various memory operations. Since attackers can control these offset values, potentially exploitable conditions arise. iDefense has confirmed the existence of these vulnerabilities in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2007-5657
SHA-256 | 0d4e1180975b5622df56fb55155580852ab845d3afcc3f51f3a7d74e8eddf4ee
iDEFENSE Security Advisory 2008-01-15.2
Posted Jan 16, 2008
Authored by iDefense Labs, Sean Larsson, McSlibin | Site idefense.com

iDefense Security Advisory 01.15.08 - Remote exploitation of multiple untrusted pointer vulnerabilities in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. When processing requests, SmartSockets uses values from the requests as pointers. These pointer values are then used in various memory operations. Since attackers can control these values, potentially exploitable conditions arise. iDefense has confirmed the existence of these vulnerabilities in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2007-5655
SHA-256 | 3786ba1f2c0d443c5ba142c9250af385bc9b7d612652583004e74f0b46076165
iDEFENSE Security Advisory 2008-01-15.1
Posted Jan 16, 2008
Authored by iDefense Labs, McSlibin | Site idefense.com

iDefense Security Advisory 01.15.08 - Remote exploitation of a heap overflow vulnerability in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. A heap overflow vulnerability exists within the code responsible for processing requests. Two distinct values from the request are used for the allocation size and the amount of data copied. Since both values are attacker controlled, this can lead to a heap overflow, potentially resulting in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2007-5658
SHA-256 | d1f2b39e4549949cfc2ea044ba91948441a2d453f40b6a0acbaf1209018892a3
rtssentry-overflow.txt
Posted Jan 16, 2008
Authored by rgod | Site retrogod.altervista.org

RTS Sentry Digital Surveillance buffer overflow exploit that makes use of CamPanel.dll version 2.1.0.2.

tags | exploit, overflow
SHA-256 | a107188cb89bc1cffd2b55b52f95827b328468e2f2ac2e5e5b9117e0368872c5
Secunia Security Advisory 28428
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - hadihadi has discovered a vulnerability in MTCMS, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 1c2d3afc506dcd9c7d9f12381ded66ad8907f1112aa3e7bb1c8e66f9ab4a3e82
Secunia Security Advisory 28367
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | freebsd
SHA-256 | 0d0a7367b13f1fa12b15d984732de8e37fb037633d9ddbffdba4f732db5bddc0
Secunia Security Advisory 28397
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Anastasios Monachos has reported a security issue in LevelOne WBR-3560A, which can be exploited by malicious people to compromise a vulnerably device.

tags | advisory
SHA-256 | ea0f34f90c15e09170ade1433bf6777e039e24a5b872a95b4ad391ee668fc902
Secunia Security Advisory 28422
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and cross-site request forgery attacks.

tags | advisory, vulnerability, xss, csrf
SHA-256 | ad90740ec536618829b988ce94a54359d3d1bb75529c7c68e59bd46050514b44
Secunia Security Advisory 28423
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | apple
SHA-256 | 506566d015116a1f4b5ef50c441e60dd4d7e4356f5e20e871cf7aca562957dc6
Secunia Security Advisory 28424
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - k1n9k0ng has reported two vulnerabilities in vcart, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | ee777ce69228d21cc490996e45fe4badb5dc892607f15227f60b3db0a52f18ff
Secunia Security Advisory 28427
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - BlackHawk has reported a vulnerability in Evilsentinel, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | bd5b8d13825fb4af9ff72126413d900142824860e77c68933b1f83d1d10f18bc
Secunia Security Advisory 28431
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for madwifi-source. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | 9b8641c2b23c82e283de305d0a46a9a44702f68574f60cf77ff9164a74d45092
Secunia Security Advisory 28433
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for openafs. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 07f12f54f89fd394fee857f589ac55a948d8801aedd34bfeda61ff0293284755
Secunia Security Advisory 28434
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for dovecot. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, ubuntu
SHA-256 | 2dac0ac4196a118c2707babaea6a57ea4a5e27581f01cf36db00d529def68247
Secunia Security Advisory 28451
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for gforge. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
systems | linux, debian
SHA-256 | 71afeaaf8422f58a4b1205e0646e83f5c7e6c2b7da5887826834fcb9c0984322
Secunia Security Advisory 28466
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | solaris
SHA-256 | 8e8f64df79ae3ad61597cf909af73b66313dce099c6b5ab8c47c375ddb6f3b2e
Secunia Security Advisory 28471
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for apache. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, redhat
SHA-256 | ff58a2af4ed2b39bf084f61051d23b582fe1bd074b00e971166da6fa40962fda
Secunia Security Advisory 28474
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PHP Running Management, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
SHA-256 | c33fc6df48f34f706eb0351dd9e723a6d86740c5f3a57a4d6a2a5437de1590b2
Secunia Security Advisory 28475
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | c8b886aef8019e6e4c60af6ec57be15a1a817e2b2fe74a8d4b996cb84b73c336
Secunia Security Advisory 28477
Posted Jan 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | 0b66ccc5b3d1d2bea6ac2e8194bcc083be024fb1012b73315eb8fbe5e238965f
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close