the original cloud security
Showing 1 - 25 of 60 RSS Feed

Files Date: 2008-02-06

Secunia Security Advisory 28723
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Kierznowski has reported a vulnerability in Livelink ECM, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | b3d0e5ce7e6f5b1eb2f29d4d78de19d8
Gentoo Linux Security Advisory 200802-2
Posted Feb 6, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200802-02 - Luigi Auriemma discovered multiple buffer overflows in the D_NetPlayerEvent() function, the Msg_Write() function and the NetSv_ReadCommands() function. He also discovered errors when handling chat messages that are not NULL-terminated (CVE-2007-4642) or contain a short data length, triggering an integer underflow (CVE-2007-4643). Furthermore a format string vulnerability was discovered in the Cl_GetPackets() function when processing PSV_CONSOLE_TEXT messages (CVE-2007-4644). Versions less than or equal to 1.9.0-beta5.2 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4642, CVE-2007-4643, CVE-2007-4644
MD5 | 65fd343ccba638b72b11d03f55c43216
Gentoo Linux Security Advisory 200802-1
Posted Feb 6, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200802-01 - The LWZReadByte() function in file IMG_gif.c and the IMG_LoadLBM_RW() function in file IMG_lbm.c each contain a boundary error that can be triggered to cause a static buffer overflow and a heap-based buffer overflow. The first boundary error comes from some old vulnerable GD PHP code (CVE-2006-4484). Versions less than 1.2.6-r1 are affected.

tags | advisory, overflow, php
systems | linux, gentoo
advisories | CVE-2007-6697, CVE-2008-0544
MD5 | 482a29deac6a61b9ebe3fd9350656d94
Mandriva Linux Security Advisory 2008-036
Posted Feb 6, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Wei Wang found that the SNMP discovery backend in CUPS did not correctly calculate the length of strings. If a user could be tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code. As well, the fix for CVE-2007-0720 in MDKSA-2007:086 caused another denial of service regression within SSL handling.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4045, CVE-2007-5849
MD5 | 353883d4cd49a9b873d5af1744f2627d
Secunia Security Advisory 28789
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alexander Concha has reported a vulnerability in WordPress MU, which can be exploited by malicious users to bypass certain security restrictions and to compromise a vulnerable system.

tags | advisory
MD5 | fc91220b18c44b4b840a8389feb4178d
Secunia Security Advisory 28810
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Pablo Gaston Milano has reported a vulnerability in Documentum Administrator and Documentum Webtop, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | d1ae6ace5f6be9929c9f1ed7fc3a9cb0
Zero Day Initiative Advisory 08-03
Posted Feb 6, 2008
Authored by Tipping Point, Titon | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Backup Exec System Recovery Manager. Authentication is not required to exploit this vulnerability. Backup Exec System Recovery Manager versions 7.0 and 7.0.1 are affected.

tags | advisory, remote, arbitrary
advisories | CVE-2008-0457
MD5 | be7b33818fa9723d29f832bc0b43af58
wsftp-disclose.txt
Posted Feb 6, 2008
Authored by Luigi Auriemma | Site aluigi.org

WS_FTP Server versions 6.1.0.0 and below and Ipswitch What's Up Gold version 11.03 suffer from source disclosure and authorization bypass vulnerabilities.

tags | exploit, vulnerability, info disclosure
MD5 | 81b64097e04c318bfabd766d172695cb
Secunia Security Advisory 28698
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for postgresql. This fixes some vulnerabilities, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 3489c6c8adf4aaf46399e14bd3f6271c
Secunia Security Advisory 28791
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - An update has been released for Skype, which implements security enhancements to prevent compromise of users' systems.

tags | advisory
MD5 | 5c5b0afc5d0ccbe60a47ce24d32d993f
aircrack-ng-0.9.2.tar.gz
Posted Feb 6, 2008
Site aircrack-ng.org

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: aireplay-ng now works with rtc_cmos and has a compilation fix. Various support was added to airmon-ng. Other fixes have been added to the other tools as well.
tags | tool, wireless
MD5 | 13fbe2f39730eb5f48f256b20714e2b4
Debian Linux Security Advisory 1483-1
Posted Feb 6, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1483-1 - The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2007-5846
MD5 | 4d7aaaa50c6883af98328e3d067c37e3
mihalism-sql.txt
Posted Feb 6, 2008
Authored by Moubik | Site rstzone.org

Mihalism Multi Host Download blind SQL injection exploit that makes use of users.php.

tags | exploit, php, sql injection
MD5 | 5b6927bbcf0e839f8c6edb0234a42dda
joomlaynews-sql.txt
Posted Feb 6, 2008
Authored by Crackers_Child

The Joomla Ynews component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 774fb4451bf3f2fb4176af4e8dacba00
iDEFENSE Security Advisory 2008-02-04.1
Posted Feb 6, 2008
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 02.04.08 - Remote exploitation of a denial of service vulnerability in Hewlett-Packard's Network Node Manager product allows attackers to crash the ovtopmd process. The ovtopmd process contains an implementation error, in which it attempts to access an invalid memory address based on data within the TCP stream. By sending a specially crafted request, an attacker can cause the service to crash. iDefense has confirmed this vulnerability in HP's OpenView Network Node Manager 7.5 with all updates applied as of May 14th, 2007.

tags | advisory, remote, denial of service, tcp
advisories | CVE-2008-0212
MD5 | 194a9bd39f153deec3701786f281e4bf
planetluc-xss.txt
Posted Feb 6, 2008
Authored by SkyOut | Site core-security.net

MyNews version 1.6.x suffers from HTML and Javascript injection vulnerabilities allowing for cross site scripting attacks.

tags | exploit, javascript, vulnerability, xss
MD5 | 8d2752ce6b73a2f67e80dc34f5b19458
OpenBSD_DNS_Cache_Poisoning_and_Multiple_OS_Predictable_IP_ID_Vulnerability.pdf
Posted Feb 6, 2008
Authored by Amit Klein | Site trusteer.com

The paper describes a weakness in the pseudo random number generator (PRNG) in use by OpenBSD, Mac OS X, Mac OS X Server, Darwin, NetBSD, FreeBSD and DragonFlyBSD to produce random DNS transaction IDs (OpenBSD) and random IP fragmentation IDs.

tags | paper
systems | netbsd, freebsd, openbsd, apple, osx
MD5 | 332befca44ef5d6c54abd8159a3e667c
astanda-sql.txt
Posted Feb 6, 2008
Authored by you_kn0w | Site youknowz.info

Astanda Directory Project version 1.2 suffers from a SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 9b1d1a26513ba77736696d32b0dc7f18
mybbprivate-sql.txt
Posted Feb 6, 2008
Authored by F

MyBulletinBoard aka MyBB versions 1.2.11 and below SQL injection exploit that makes use of private.php.

tags | exploit, php, sql injection
MD5 | 574b08fc38cff78e650aa5259f3c272d
Secunia Security Advisory 28788
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the KAME Project, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | e6b8d32fc981f772ee7e9b45434d0aff
Secunia Security Advisory 28795
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Sun JRE, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | f825e79aef909a8a1f423cc10fb94061
Secunia Security Advisory 28816
Posted Feb 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | netbsd
MD5 | 25ec056678400c40cadcbab53a104e73
HP Security Bulletin 2008-00.7
Posted Feb 6, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Virtual Rooms (HPVR) running on Microsoft Windows. The vulnerability could be exploited to allow remote execution of arbitrary code.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2008-0213
MD5 | 3b7aab986bdee3f31da45f4cfdbba919
HP Security Bulletin 2007-14.74
Posted Feb 6, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential vulnerabilities have been identified with the HP Storage Essentials, Storage Resource Management (SRM) software. These vulnerabilities could be exploited remotely to allow unauthorized access to a managed device.

tags | advisory, vulnerability
advisories | CVE-2008-0215
MD5 | 8e4181d858316a7c63dbf9b65d314726
hydra-http-form.patch
Posted Feb 6, 2008
Authored by thc, deanx

The http-form module for hydra 5.4 has a problem which causes incorrect pieces of memory to be free'd. This is as a result of the memory leak plugs which have been applied to this module for this release. This patch removes the unneeded free's and allows the module to work correctly.

tags | web, memory leak
MD5 | b7d59ba8be43fc0f5ceac0a25fbc342d
Page 1 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close