what you don't know can hurt you
Showing 1 - 25 of 45 RSS Feed

Files Date: 2008-03-20

Mandriva Linux Security Advisory 2008-074
Posted Mar 20, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Audacity creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. This issue can also be leveraged to delete arbitrary files or directories via a symlink attack.

tags | advisory, denial of service, arbitrary, local
systems | linux, mandriva
advisories | CVE-2007-6061
SHA-256 | c220f0efbae4e4a9ed716672386d7e32b546d8ea170ba357241752871f803b86
Secunia Security Advisory 29381
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in libexif included with Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | solaris
SHA-256 | 5948b719b10e9659e16b9e4fd51e0bd9a2644e9313d71493cc3032832d07c4c0
Secunia Security Advisory 29436
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has acknowledged a security issue in multiple ebuilds, which can lead to the disclosure of sensitive information.

tags | advisory
systems | linux, gentoo
SHA-256 | d9af2540bbd73403f5ec9aa466a82421974879f3a399453c16f231767dc09102
Secunia Security Advisory 29457
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 2b7dad8f6550e4eef52185bfff2319bf971153501c1ae24eaba4ccfd19c7d8ad
Secunia Security Advisory 29473
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - S@BUN has discovered a vulnerability in the Alberghi component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | b3faed5f80832ce2bf3ad6e383a3fd3c6492ee5766d0ce9f7f9fc0f636bc1b7e
xinehof.zip
Posted Mar 20, 2008
Authored by Luigi Auriemma | Site aluigi.org

Proof of concept exploit for xine-lib versions 1.1.11 and below which suffer from six heap overflow vulnerabilities.

tags | exploit, overflow, vulnerability, proof of concept
SHA-256 | c40238e829405db13c7ee310252992fbca51f179dfbe5f4c4b75ec35d593d269
xinehof.txt
Posted Mar 20, 2008
Authored by Luigi Auriemma | Site aluigi.org

xine-lib versions 1.1.11 and below suffer from six heap overflow vulnerabilities.

tags | advisory, overflow, vulnerability
SHA-256 | 6d60ac8b4dbe43a588f27309219f24260c8609a2d1b447ad77894e3effaa729b
Ubuntu Security Notice 589-1
Posted Mar 20, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 589-1 - Tavis Ormandy discovered that unzip did not correctly clean up pointers. If a user or automated service was tricked into processing a specially crafted ZIP archive, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-0888
SHA-256 | 8cc553b6a816c24515cc31acc6cf6171af40bb0e0c2cd4f80121484f410e4e20
Debian Linux Security Advisory 1526-1
Posted Mar 20, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1526-1 - Steve Kemp from the Debian Security Audit project discovered several local vulnerabilities have been discovered in xwine, a graphical user interface for the WINE emulator.

tags | advisory, local, vulnerability
systems | linux, debian
advisories | CVE-2008-0930, CVE-2008-0931
SHA-256 | fe0ba1c0dcd6222991075c0ec3af51535dfb302cc68ece7524f18b9ac75859cb
Secunia Security Advisory 29467
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - sasquatch has reported some vulnerabilities in IBM Rational ClearQuest, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | ff74939b586c08ac0467cf8186b1947dc6560691d913bb85a861a9015c1a3634
Mandriva Linux Security Advisory 2008-073
Posted Mar 20, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability in the Net::DNS perl module was found that could allow remote attackers to cause a denial of service via a crafted DNS response.

tags | advisory, remote, denial of service, perl
systems | linux, mandriva
advisories | CVE-2007-6341
SHA-256 | 2b41229fdd453f1b261dec7ce9c44685e480552457d143f449fd7c6af4a6b31f
Mandriva Linux Security Advisory 2008-072
Posted Mar 20, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The Linux kernel prior to 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allowed local users to access kernel memory via an out-of-range offset.

tags | advisory, kernel, local
systems | linux, mandriva
advisories | CVE-2008-0007
SHA-256 | a2161f24ca855dc6afcc20b198f4d133bef857767c99052fe5216cedd9f81e9d
ws100-1.00.tgz
Posted Mar 20, 2008
Site scrt.ch

Webshag is a multi-threaded, multi-platform web server audit tool. Written in Python, it gathers commonly useful functionalities for web server auditing like website crawling, URL scanning or file fuzzing. Linux and source tarballs included. Also, a Windows installer executable and a manual are included.

tags | tool, web, scanner, python
systems | linux, windows, unix
SHA-256 | 51638e982413115a29be81cbffed0f22ae3d52007b08eee92b6ef462fd1d822b
Ubuntu Security Notice 588-1
Posted Mar 20, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 588-1 - Masaaki Hirose discovered that MySQL could be made to dereference a NULL pointer. An authenticated user could cause a denial of service (application crash) via an EXPLAIN SELECT FROM on the INFORMATION_SCHEMA table. This issue only affects Ubuntu 6.06 and 6.10. Alexander Nozdrin discovered that MySQL did not restore database access privileges when returning from SQL SECURITY INVOKER stored routines. An authenticated user could exploit this to gain privileges. This issue does not affect Ubuntu 7.10. Martin Friebe discovered that MySQL did not properly update the DEFINER value of an altered view. An authenticated user could use CREATE SQL SECURITY DEFINER VIEW and ALTER VIEW statements to gain privileges. Luigi Auriemma discovered that yaSSL as included in MySQL did not properly validate its input. A remote attacker could send crafted requests and cause a denial of service or possibly execute arbitrary code. This issue did not affect Ubuntu 6.06 in the default installation.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-7232, CVE-2007-2692, CVE-2007-6303, CVE-2008-0226, CVE-2008-0227
SHA-256 | 5a8255800f0f13ab0170873f78aa7381ffe3fa764291a6fe05ed17d87fae4f3f
Debian Linux Security Advisory 1525-1
Posted Mar 20, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1525-1 - Several remote vulnerabilities have been discovered in Asterisk, a free software PBX and telephony toolkit.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2007-6430, CVE-2008-1332, CVE-2008-1333
SHA-256 | 8a005f5ec36bdbd53917c342d96a68635121d0d7e8a082ff1e7174217e1c231c
Debian Linux Security Advisory 1506-2
Posted Mar 20, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1506-2 - A regression has been fixed in iceape's frame handling code. Several remote vulnerabilities have been discovered in the Iceape internet suite, an unbranded version of the Seamonkey Internet Suite.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2008-0412, CVE-2008-0413, CVE-2008-0414, CVE-2008-0415, CVE-2008-0417, CVE-2008-0418, CVE-2008-0419, CVE-2008-0591, CVE-2008-0592, CVE-2008-0593, CVE-2008-0594
SHA-256 | bc917c9a074c717bec02c4b74ae7fc0455b931a2e434ad745ae25f609e5fd350
Gentoo Linux Security Advisory 200803-30
Posted Mar 20, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200803-30 - Robin Johnson reported that the docert() function provided by ssl-cert.eclass can be called by source building stages of an ebuild, such as src_compile() or src_install(), which will result in the generated SSL keys being included inside binary packages (binpkgs). Versions less than 8.1.16 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2008-1383
SHA-256 | ef9e1371be972f0723c6894ed900fd024b24791d49acd335a4e13e40ae2eb07c
OpenNHRP NBMA Next Hop Resolution 0.6.1
Posted Mar 20, 2008
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: A couple of bug fixes.
tags | encryption, protocol
systems | cisco, linux
SHA-256 | 40e99e5f04ed9a89382123d88fafcb2a0222f57e39074dd3255d757502f9c54c
centerim-exec.txt
Posted Mar 20, 2008
Authored by Brian Fonfara | Site newb.kicks-ass.net

CenterIM versions 4.22.3 and below suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 30698e2ce140f80078987bdf37bf534d5d40549838646eddc2285d1f56c730e4
ypk2008.tar.gz
Posted Mar 20, 2008
Authored by Kingcope

Sun Solaris versions 10 and below rpc.ypupdated remote root exploit that makes use of an input validation vulnerability. Originally discovered in 1994 but still looms in the SunOS 5.10 source code tree.

tags | exploit, remote, root
systems | solaris
SHA-256 | c3b971dbcd12a59aecaa3d180afc2b2aa6ffed6ff18c6ba616af43efc1377386
joomladatso-sql.txt
Posted Mar 20, 2008
Authored by Cr@zy_King

The Joomla Datsogallery component version 1.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 736d45396f52015c478eb530328b6ef7024b4dc91391619e46aae1b41b60d66e
Secunia Security Advisory 28694
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | fb458a0a915f9119f57898d1c71316f5bdc252de5dfc1ab2f8678db1d4e30cb7
Secunia Security Advisory 29399
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in Gallarific, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and conduct SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | ac34d0dc786e43cd649120f0ee8598cf22631e790cd82000a99b2a27a67d1b03
Secunia Security Advisory 29401
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Collin Mulliner has reported a security issue in RaidSonic NAS-4220-B, which can be exploited by malicious people with physical access to the device to disclose potentially sensitive information.

tags | advisory
SHA-256 | d7db54e2eb49e2aecb563098496048549c40cf25530549116746645c99edb7e0
Secunia Security Advisory 29407
Posted Mar 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in WinRAR, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | c3b7f600e5cb31f92a1c831aacdd17fa43b5fd5eeaa6a629abaf9372a09dc467
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close