exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 40 RSS Feed

Files Date: 2008-01-18

iDEFENSE Security Advisory 2008-01-17.4
Posted Jan 18, 2008
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 01.17.08 - Local exploitation of an invalid array index vulnerability in the X.Org X server, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code with the privileges of the X server, typically root. The vulnerability exists within the XFree86-Misc extension. When processing a request, a 32-bit value from the client's request is used as an index into an array of structures. This structure contains an array of function pointers, one of which is used later in the request handling. By supplying a large array index, an arbitrary function pointer can be dereferenced. This results in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in X.org X11 version R7.3. Previous versions may also be affected.

tags | advisory, arbitrary, local, root
advisories | CVE-2007-5760
SHA-256 | b1bca06565d2f165aedea3eb15eab5d2d20441857d50764b8dc053baf339d3f8
iDEFENSE Security Advisory 2008-01-17.3
Posted Jan 18, 2008
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 01.17.08 - Local exploitation of multiple integer overflow vulnerabilities in the X.Org X server, as included in various vendors' operating system distributions, could allow an attacker to execute arbitrary code with the privileges of the X server, typically root. One vulnerability exists within the EVI extension. When processing a request, the server uses a 32-bit value provided by the client in an arithmetic operation that calculates the number of bytes to allocate for a dynamic buffer. This operation can overflow, which later leads to a potentially exploitable heap overflow. Another vulnerability exists within the MIT-SHM extension. When allocating a pixmap, the server uses values from the request to verify that the requested size is not greater than the amount of allocated shared memory. The calculation can overflow, which leads to the overwriting of arbitrary addresses in memory that aren't part of the shared memory segment. iDefense has confirmed the existence of these vulnerabilities in X.Org X11 version R7.3. Previous versions may also be affected.

tags | advisory, overflow, arbitrary, local, root, vulnerability
advisories | CVE-2007-6429
SHA-256 | 4771cffce18053e80e066e7475e194c4330b692f7bbb96e44000ac38b0c62d4f
iDEFENSE Security Advisory 2008-01-17.2
Posted Jan 18, 2008
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 01.17.08 - Local exploitation of an information disclosure vulnerability in the X.Org X server, as included in various vendors' operating system distributions, could allow an attacker to gain access to sensitive information stored in server memory. The vulnerable code exists within the TOG-CUP extension. A 32-bit client supplied value is taken directly from the request, and then used as an index into an array. The value located at this index is then stored into a buffer which is later sent to the client. This allows a client to read memory from arbitrary locations in server memory. iDefense has confirmed the existence of this vulnerability in X.Org X11 version R7.3. Previous versions may also be affected.

tags | advisory, arbitrary, local, info disclosure
advisories | CVE-2007-6428
SHA-256 | a830ea77fa2be6da734569efacfc8af0c88a9b2b7118beb38c4ab08de59b7be4
iDEFENSE Security Advisory 2008-01-17.1
Posted Jan 18, 2008
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 01.17.08 - Local exploitation of multiple memory corruption vulnerabilities in the X.Org X server, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the X server, typically root. Vulnerable code exists within multiple functions in the XInput extension. By sending specially crafted X11 requests, an attacker is able to corrupt heap memory located after their request data. This results in a potentially exploitable condition. Defense has confirmed the existence of these vulnerabilities in X.Org X11 version R7.3. Previous versions may also be affected.

tags | advisory, arbitrary, local, root, vulnerability
advisories | CVE-2007-6427
SHA-256 | 4357bff2a486d2934d0def5af55ed1b0333abfe4897f136cdcb70115231ac4b8
IMF-CFP-2008.txt
Posted Jan 18, 2008
Authored by IMF Conference 2008 | Site imf-conference.org

IMF 2008 Call For Papers - The International Conference on IT-Incident Management and IT-Forensics invites submissions for IMF 2008 being held from September 23rd through the 25th, 2008 in Mannheim, Germany.

tags | paper, conference
SHA-256 | dfb056bd25fa137b3badc9f6585468bd11f7fed5fbe74c404249e58fb2aba839
Ubuntu Security Notice 571-1
Posted Jan 18, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 571-1 - Multiple overflows were discovered in the XFree86-Misc, XInput-Misc, TOG-CUP, EVI, and MIT-SHM extensions which did not correctly validate function arguments. An authenticated attacker could send specially crafted requests and gain root privileges. It was discovered that the X.org server did not use user privileges when attempting to open security policy files. Local attackers could exploit this to probe for files in directories they would not normally be able to access. It was discovered that the PCF font handling code did not correctly validate the size of fonts. An authenticated attacker could load a specially crafted font and gain additional privileges.

tags | advisory, overflow, local, root
systems | linux, ubuntu
advisories | CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006
SHA-256 | ed802d7374761fc7f216b15cd6a5443aef8801fd64dc5cd436bba1141cfd5934
Zero Day Initiative Advisory 08-02
Posted Jan 18, 2008
Authored by Tipping Point, Eric DETOISIEN | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix Presentation Server. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Independent Management Architecture service, ImaSrv.exe, which listens by default on TCP port 2512 or 2513. The process trusts a user-suppled value as a parameter to a memory allocation. By supplying a specific value, an undersized heap buffer may be allocated. Subsequently, an attacker can then overflow that heap buffer by sending an overly large packet leading to arbitrary code execution in the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution
SHA-256 | f74d157f42833663912a8b445195d23fdb27067cc6aaf7f59aeada0bda2796a8
Core Security Technologies Advisory 2007.1119
Posted Jan 18, 2008
Authored by Core Security Technologies, Sebastian Gottschalk | Site coresecurity.com

Core Security Technologies Advisory - Locally exploitable kernel buffer overflow vulnerabilities and improperly validated input arguments have been found in CORE FORCE Firewall and Registry modules. The vulnerabilities allow unprivileged logged on users to crash the system (denial of service), and they also may lead to a privilege escalation or even a local root exploit. Versions 0.95.167 and below are affected.

tags | advisory, denial of service, overflow, kernel, local, root, registry, vulnerability
SHA-256 | 61e66458e791a90999e82a29780ff632327878b098c2a13fcacb54767166c9f2
okiprinter-reveal.txt
Posted Jan 18, 2008
Authored by Adrian Leuenberger | Site csnc.ch

The OKI C5510MFP printer offers a web interface for the configuration. Certain pages require higher privileges for making changes. However, the password required for accessing these pages is sent to the client in clear text by the printer. Furthermore, the password can be set without prior authentication. Consequently, the whole configuration can be changed without knowing the password.

tags | advisory, web
SHA-256 | ec83e6ee74b533afa03baa355748aa4a189a5703c548671c87488bb61956c436
mswinqueue-overflow.txt
Posted Jan 18, 2008
Authored by Marcin Kozlowski

Microsoft Windows Message Queueing Server RPC buffer overflow exploit that relates to MS07-065.

tags | exploit, overflow
systems | windows
SHA-256 | ae024ee0b98228f5ca3aa6c85b6654e303aaa2be37dce6d521de55a1d196b859
ddc-overflow.txt
Posted Jan 18, 2008
Authored by rgod | Site retrogod.altervista.org

Digital Data Communications RtspVaPgCtrl Class remote buffer overflow exploit that makes use of RtspVapgDecoder.dll version 1.1.0.29.

tags | exploit, remote, overflow
SHA-256 | af015133b5fb852204dcbe8a9e537fb0c262cb3e6f6a5107a22e3410079835b1
Debian Linux Security Advisory 1466-1
Posted Jan 18, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1466-1 - Several local vulnerabilities have been discovered in the X.Org X server.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429
SHA-256 | e6e2a481ccdd75f77778bd93cac243335052c16bf8480c3180dbf7cf634d7cfa
Debian Linux Security Advisory 1465-2
Posted Jan 18, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1465-2 - Felipe Sateler discovered that apt-listchanges, a package change history notification tool, used unsafe paths when importing its python libraries. This could allow the execution of arbitrary shell commands if the root user executed the command in a directory which other local users may write to. This security update fixes a regression in the previous one, which caused the package to fail to work.

tags | advisory, arbitrary, shell, local, root, python
systems | linux, debian
advisories | CVE-2008-0302
SHA-256 | 1f539f05b7b83a4ea630b9337ef4aeff1d755f4eea49e03a7839c5196ee7bc51
Debian Linux Security Advisory 1465-1
Posted Jan 18, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1465-1 - Felipe Sateler discovered that apt-listchanges, a package change history notification tool, used unsafe paths when importing its python libraries. This could allow the execution of arbitrary shell commands if the root user executed the command in a directory which other local users may write to.

tags | advisory, arbitrary, shell, local, root, python
systems | linux, debian
advisories | CVE-2008-0302
SHA-256 | 7b1d9ccc36f604c9dcd6edd3d81ef938f40c3ece916837e63d8aa18f4bac6476
SUSE-SA-2008-003.txt
Posted Jan 18, 2008
Site suse.com

SUSE Security Announcement - The X windows system is vulnerable to several kinds of vulnerabilities that are caused due to insufficient input validation.

tags | advisory, vulnerability
systems | linux, windows, suse
advisories | CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006
SHA-256 | db2211cc4f2a6baa5e2ef0ab490f4d619771e3e98a80aaa7ce517e872678b0f7
clevercopy-sqlxss.txt
Posted Jan 18, 2008
Authored by virangar security team | Site virangar.org

Clever Copy version 3.0 suffers from cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | b6a39b7105530c6b2525372ce4dadac16e639254fbac38119676a038e9f75a91
auracms-exec.txt
Posted Jan 18, 2008
Authored by k1tk4t | Site newhack.org

AuraCMS version 1.62 remote code execution exploit that makes use of stat.php.

tags | exploit, remote, php, code execution
SHA-256 | fa03aa2a62d66d11a42ec416aec031df445550d663229d10533e40c5ec38decf
crystal-dos.txt
Posted Jan 18, 2008
Authored by shinnai | Site shinnai.altervista.org

Crystal Reports XI Release 2 suffers from an ActiveX buffer overflow denial of service condition.

tags | exploit, denial of service, overflow, activex
SHA-256 | 5f8a09f7890ae2c8d60a386415d3d5330d7b5b27d3e498f538cf009520f88526
joomlaflashcom-rfi.txt
Posted Jan 18, 2008
Authored by Smasher

The Joomla Flash component is susceptible to a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 6b66e12fd6a61aa74c876701638c38280a7730a1064f93401f8ff49e1dd03da6
Secunia Security Advisory 28472
Posted Jan 18, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - mu-b has reported a vulnerability in Cisco VPN Client, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | cisco
SHA-256 | 98316777f3f0cf262aa3cbb3ac9f96541e123e4682a0b2e1f4aa58fa4c57bdcc
Secunia Security Advisory 28488
Posted Jan 18, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for python-paramiko. This fixes a weakness, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory, python
systems | linux, fedora
SHA-256 | 24efe93972f3bc856b69cd4608e4a8eba11bfbf169f4e8b77b3a5d51dba68fd4
Secunia Security Advisory 28499
Posted Jan 18, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Silentz has reported a vulnerability in Pixelpost, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 3c5341f837c7aaed281edb3d4605ee049cefe2968cbebfd4fceee7ef5a7cb090
Secunia Security Advisory 28504
Posted Jan 18, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Scary-Boys and S.W.A.T. have discovered a vulnerability in Mini File Host, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | fc1381ce0f08d0fa47028dcb051358953a8ed95d15c2394ee24239c08acbd981
Secunia Security Advisory 28508
Posted Jan 18, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Citrix Presentation Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 6189fc8cf1ca4fa033140786ae511fa69905ffe7b417b007071df679341e7147
Secunia Security Advisory 28509
Posted Jan 18, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in MyBB, which can be exploited by malicious users to conduct SQL injection attacks, and by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
SHA-256 | e62aca97614d16fd5bca55c79455092eb88ea5c2ad3c163d44a65c46a0cdbaaf
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close