what you don't know can hurt you
Showing 1 - 25 of 45 RSS Feed

Files Date: 2008-05-06

Mandriva Linux Security Advisory 2008-096
Posted May 6, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Steve Grubb found that the vcdiff script in Emacs create temporary files insecurely when used with SCCS. A local user could exploit a race condition to create or overwrite files with the privileges of the user invoking the program.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2008-1694
MD5 | 3a0ea4e3b1b58f64a7459c160c351863
mvnforum-jsxss.txt
Posted May 6, 2008
Authored by Christian Holler | Site users.own-hero.net

mvnForum version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d933e5590c8fd0d7d111ca4018d116fb
sphider134-xss.txt
Posted May 6, 2008
Authored by Christian Holler | Site users.own-hero.net

The Sphider search engine version 1.3.4 suffers from a cross site scripting vulnerability in search.php.

tags | exploit, php, xss
MD5 | 029cdd2d90f32d53a5be827a0b7ea5fc
Ubuntu Security Notice 605-1
Posted May 6, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 605-1 - Various flaws were discovered in the JavaScript engine. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Several problems were discovered in Thunderbird which could lead to crashes and memory corruption. If a user had JavaScript enabled and were tricked into opening a malicious email, an attacker may be able to execute arbitrary code with the user's privileges.

tags | advisory, arbitrary, javascript, xss
systems | linux, ubuntu
advisories | CVE-2008-1233, CVE-2008-1234, CVE-2008-1235, CVE-2008-1236, CVE-2008-1237
MD5 | 0b243038ac4bfd44eec2a7fae256dc22
Ubuntu Security Notice 608-1
Posted May 6, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 608-1 - It was discovered that start_kdeinit in KDE 3 did not properly sanitize its input. A local attacker could exploit this to send signals to other processes and cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2008-1671
MD5 | d59d8585bfa28ce139cf8e4ff1045cad
Ubuntu Security Notice 607-1
Posted May 6, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 607-1 - It was discovered that Emacs did not account for precision when formatting integers. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly other unspecified actions. This issue does not affect Ubuntu 8.04. Steve Grubb discovered that the vcdiff script as included in Emacs created temporary files in an insecure way when used with SCCS. Local users could exploit a race condition to create or overwrite files with the privileges of the user invoking the program.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2008-1694, CVE-2007-6109
MD5 | a268f077c248e418988b3225432e51aa
AD20080506EN.txt
Posted May 6, 2008
Authored by Sowhat | Site nevisnetworks.com

The Yahoo! Assistant (3721) ActiveX control is susceptible to a remote code execution vulnerability. Versions 3.6 and below are affected.

tags | advisory, remote, code execution, activex
MD5 | 93a8a3701807b7809398c4ed10235e20
SE-2008-03.txt
Posted May 6, 2008
Authored by Stefan Esser | Site sektioneins.de

PHP versions 5.2.5 and below and 4.4.8 and below suffer from a multibyte shell command escaping bypass vulnerability.

tags | advisory, shell, php, bypass
MD5 | 75f252427e7c381d010f1b575b551982
SE-2008-02.txt
Posted May 6, 2008
Authored by Stefan Esser | Site sektioneins.de

PHP versions 5.2.5 and below and 4.4.8 and below suffer from a weak random number seed vulnerability in GENERATE_SEED().

tags | advisory, php
MD5 | 4b0cca74264389c41d1fdf9224233459
Secunia Security Advisory 30034
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
systems | linux, gentoo
MD5 | 74081be55865c0c1024b5b21247c75e4
Secunia Security Advisory 30047
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for horde. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, and by malicious users to disclose sensitive information and potentially compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | fc23121bc926911a95a15d02130845ae
Secunia Security Advisory 30053
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Common Data Format, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory
MD5 | 14c7e999aa52e907ad450fbe3cc24841
Secunia Security Advisory 30063
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Core Security Technologies has reported a vulnerability in Invensys Wonderware InTouch, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | b3398649aca07d23b0b988855e04cc12
Secunia Security Advisory 30078
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for cups. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
MD5 | e62a764ed001c572b3e5df4c293c08ab
Secunia Security Advisory 30084
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - EgiX has discovered two vulnerabilities in DeluxeBB, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 26f2039657a217fa798d2ac8e7e55f5d
Secunia Security Advisory 30085
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HaCkeR-EgY has reported a vulnerability in Miniweb, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 8162d44748f9e856555b47547b4de0e1
Secunia Security Advisory 30089
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - M.Hasran Addahroni has reported a vulnerability in Auction XL, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 508ec73af9f7830d49b08e0f5bb90b4d
Secunia Security Advisory 30093
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for b2evolution. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, debian
MD5 | c1a2f2965ea09d311868016edb4b8f56
Secunia Security Advisory 30097
Posted May 6, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for blender. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, debian
MD5 | 82d690cfbe78d7848a29e2d02e48e120
qto-upload.txt
Posted May 6, 2008
Authored by CrAzY CrAcKeR

QTOFileManager version 1.0 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 1102afcdf08d8518e0475b4d966fd17e
bugzilla-multi.txt
Posted May 6, 2008
Authored by Frederic Buclin, Max Kanat-Alexander, Bradley Baetz, Loren Butler, Marc Schumann | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla version 3.1.3 suffers from an unauthorized bug change vulnerability. Versions 2.17.2 and higher suffer from a cross site scripting vulnerability. Versions 2.23.4 and higher suffer from an account impersonation vulnerability.

tags | advisory, xss
MD5 | 13db085e595afc0bfe20386178dd1ece
phpeasydata-sql.txt
Posted May 6, 2008
Authored by InjEctOrS

PHPEasyData version 1.5.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | db0f31cf6606867f7d28653cfbd057d0
preshopping-sql.txt
Posted May 6, 2008
Authored by t0pp8uzz

Pre Shopping Mall version 1.1 suffers from a SQL injection vulnerability in search.php.

tags | exploit, php, sql injection
MD5 | 7e1ab738e24ae0bafb84b2c592643376
Debian Linux Security Advisory 1570-1
Posted May 6, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1570-1 - Andrews Salomon reported that kazehakase, a GTK+-base web browser that allows pluggable rendering engines, contained an embedded copy of the PCRE library in its source tree which was compiled in and used in preference to the system-wide version of this library. The PCRE library has been updated to fix the security issues reported against it in previous Debian Security Advisories. This update ensures that kazehakase uses that supported library, and not its own embedded and insecure version.

tags | advisory, web
systems | linux, debian
advisories | CVE-2006-7227, CVE-2006-7228, CVE-2006-7230, CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768
MD5 | 7c06871d3debf143c6fa695b70d15b23
HP Security Bulletin 2008-00.56
Posted May 6, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache with PHP. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to gain extended privileges.

tags | advisory, denial of service, php, vulnerability
systems | hpux
advisories | CVE-2007-2872, CVE-2007-3378, CVE-2007-4783, CVE-2007-4840, CVE-2007-4887, CVE-2007-5898, CVE-2007-5899, CVE-2007-5900
MD5 | 4e4fa75307ce6bdbfef3c384d368693e
Page 1 of 2
Back12Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close