exploit the possibilities
Showing 1 - 25 of 48 RSS Feed

Files Date: 2008-04-16

Secunia Security Advisory 29761
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for redhat-ds-admin. This fixes some vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | 8c12dab937d23d491310405bcfe526be
Secunia Security Advisory 29785
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose sensitive information, or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 44845a6a5d3aa394f71082ee9f9066e6
Zero Day Initiative Advisory 08-022
Posted Apr 16, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the regular expression compiler (JavaScriptCore/pcre/pcre_compile.cpp) in WebKit. When nesting regular expressions with large repetitions, a heap overflow occurs resulting in a condition allowing the execution of arbitrary code.

tags | advisory, remote, overflow, arbitrary
systems | apple
advisories | CVE-2008-1026
MD5 | 8c59082cde3c46c9f1624a17dd595252
cadsm-activex.txt
Posted Apr 16, 2008
Authored by Ken Williams | Site www3.ca.com

CA products that implement the DSM gui_cm_ctrls ActiveX control contain a vulnerability that can allow a remote attacker to cause a denial of service or execute arbitrary code. The vulnerability is due to insufficient verification of function arguments by the gui_cm_ctrls control. An attacker can execute arbitrary code under the context of the user running the web browser.

tags | advisory, remote, web, denial of service, arbitrary, activex
advisories | CVE-2008-1786
MD5 | 0459d642cca948564271c7536b495555
carboncom-multi.txt
Posted Apr 16, 2008
Authored by AmnPardaz Security Research Team | Site bugreport.ir

Carbon Communities Forum versions 2.4 and below suffer from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | 8caee564899aa2600476555db24e0de2
bsplayer-overflow.txt
Posted Apr 16, 2008
Authored by j0rgan | Site jorgan.users.cg.yu

BS.Player version 2.27 Build 959 .SRT file buffer overflow exploit.

tags | exploit, overflow
MD5 | 198c713ca85cc6c329fd4374d39dfb07
iDEFENSE Security Advisory 2008-04-15.1
Posted Apr 16, 2008
Authored by iDefense Labs, Joxean Koret | Site idefense.com

iDefense Security Advisory 04.15.08 - Local exploitation of a design error vulnerability in Oracle Corp.'s Application Express web application development tool allows attackers to gain elevated privileges. The vulnerability exists in "run_ddl" function within the "wwv_execute_immediate" package. This package is included in the "flows_030000" schema. This function allows attackers to execute SQL commands as any database user, such as SYS. iDefense confirmed the existence of this vulnerability in Oracle Application Express version 3.0.1.00.08, which is installed by default with Oracle Database 11g R1 (version 11.1.0.6.0). Previous versions may also be affected. However, Oracle Database 10g R2 does not install Oracle Application Express by default.

tags | advisory, web, local
advisories | CVE-2008-1811
MD5 | 1e409ad2d78ffd4cf194be4d198943f6
Cisco Security Advisory 20080416-nac
Posted Apr 16, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Cisco Network Admission Control (NAC) Appliance that can allow an attacker to obtain the shared secret that is used between the Cisco Clean Access Server (CAS) and the Cisco Clean Access Manager (CAM).

tags | advisory
systems | cisco
advisories | CVE-2008-1155
MD5 | f0a4beb6ab4ff7f5a8cf2431ee424f93
INFIGO-2008-04-08.txt
Posted Apr 16, 2008
Authored by Leon Juranic | Site infigo.hr

INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).

tags | advisory, remote, overflow
MD5 | c38cbe7ca06aa48e9bbb69dd2592ca5c
oracle-hardcode.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 9i Release 1 through 10g Release 2 suffer from a hard coded password vulnerability.

tags | advisory
MD5 | 7da99c4cc36e57e505c23ea26d775a44
oraclesdogeom-sql.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 9i Release 1 through 10g Release 1 suffer from a SQL injection vulnerability in the SDO_GEOM package.

tags | advisory, sql injection
MD5 | dabec34981dd2f5a1d54d99b8c8e01a2
oraclesdoidx-sql.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 9i Release 1 through 11g Release 1 suffer from a SQL injection vulnerability in the SDO_IDX package.

tags | advisory, sql injection
MD5 | 3fc79b8d27d90d862d68b45f9a4b3040
oraclesdoutil-sql.txt
Posted Apr 16, 2008
Authored by Alexander Kornbrust | Site red-database-security.com

Oracle 10g Releases 1 and 2 suffer from a SQL injection vulnerability in the SDO_UTIL package.

tags | advisory, sql injection
MD5 | 75dd7eedfd30b5a695e6c54f8477240e
afick-2.11-1.tgz
Posted Apr 16, 2008
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Some bug fixes and additions.
tags | tool, integrity
systems | windows, unix
MD5 | 37e671d34f09a84e19deeed7b19597bf
xplod-sql.txt
Posted Apr 16, 2008
Authored by c02 | Site dz-secure.com

XplodPHP AutoTutorials versions 2.1 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0e263d2dff0fae00315d50b52be54771
Secunia Security Advisory 29734
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - cO2 has discovered a vulnerability in Lasernet CMS, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 90d978397473dcb97320364aef62e1b2
Secunia Security Advisory 29780
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - securfrog has discovered a vulnerability in DivX Player, which can potentially be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 4f6dadcd0e30bc6642528e945c39a3b5
Secunia Security Advisory 29784
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in IBM DB2, which can be exploited by malicious, local users to perform certain actions with escalated privileges or gain escalated privileges.

tags | advisory, local, vulnerability
MD5 | 9512ba9a95045197b5dd424c6c094f00
Secunia Security Advisory 29819
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Morgan ARMAND has discovered a vulnerability in DotClear, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
MD5 | 8685552fa92326fe82aa8747b5978abb
Secunia Security Advisory 29829
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported for various Oracle products. Some vulnerabilities have unknown impacts while others can be exploited by malicious users to bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability, sql injection
MD5 | b8cd33ef86351c7b632f595747903373
Secunia Security Advisory 29831
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matteo Memelli has discovered a vulnerability in BigAnt Messenger, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | ae6046d1d249b5dfba06d158be02f3dd
Secunia Security Advisory 29832
Posted Apr 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Felipe Sateler has discovered a security issue in Cecilia, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
MD5 | 372439d51d074727d97a51603b5b52f0
VMware Security Advisory 2008-0007
Posted Apr 16, 2008
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware has released updates for pcre, net-snmp, and OpenPegasus.

tags | advisory
advisories | CVE-2006-7228, CVE-2007-1660, CVE-2007-5846, CVE-2008-0003
MD5 | 9795313038836df83c8d4c9b4c4b9a51
lasernetcms-sql.txt
Posted Apr 16, 2008
Authored by c02 | Site dz-secure.com

Lasernet CMS version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ba34c8b6cc62515f8997cc28bcb03bd9
Mandriva Linux Security Advisory 2008-086
Posted Apr 16, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - The isdn_ioctl function in isdn_common.c in the Linux kernel prior to 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which trigger a buffer overflow. The do_corefump function in fs/exec.c in the Linux kernel prior to 2.6.24-rc3 did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which could possibly allow local users to obtain sensitive information. The shmem_getpage function in mm/shmem.c in the Linux kernel versions 2.6.11 through 2.6.23 did not properly clear allocated memory in certain rare circumstances related to tmps, which could possibly allow local users to read sensitive kernel data or cause a crash.

tags | advisory, denial of service, overflow, kernel, local, root
systems | linux, mandriva
advisories | CVE-2007-6151, CVE-2007-6417, CVE-2007-6206
MD5 | 3b12b60b85bd9e3f44e1959c914adee2
Page 1 of 2
Back12Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    9 Files
  • 15
    May 15th
    2 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    21 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close