what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2009-02-12

Security Assessment Of The Transmission Control Protocol
Posted Feb 12, 2009
Authored by Fernando Gont | Site ietf.org

The United Kingdom's Centre for the Protection of National Infrastructure document entitled "Security Assessment of the Transmission Control Protocol (TCP)".

tags | paper, tcp, protocol
SHA-256 | 44dc58c211bb1352cd020643a92ef5268a0eb859d3199842caa9f1cd57484e42
From Boot To Remote Root
Posted Feb 12, 2009
Authored by b0nd

Whitepaper called From Boot to Remote Root - How I owned the network.

tags | paper, remote, root
SHA-256 | 1a588e4d805936eee393c484afd2b76ff7c29819ab3cd06638e6d84686263080
From Legal Frame Injection To Illegal Redirect
Posted Feb 12, 2009
Authored by p3Lo

Whitepaper called From Legal Frame Injection To Illegal Redirect.

tags | paper
SHA-256 | 1932efdcb260e088e8506743defaac5713b0bd721444bef458f897c63e340921
Gentoo Linux Security Advisory 200902-4
Posted Feb 12, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200902-04 - An error in the processing of special sequences in xterm may lead to arbitrary commands execution. Paul Szabo reported an insufficient input sanitization when processing Device Control Request Status String (DECRQSS) sequences. Versions less than 239 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2008-2383
SHA-256 | 0131e76876c7cebbb97deee77a4673733c286d37eb16cfe9f06ef660692c0383
Gentoo Linux Security Advisory 200902-3
Posted Feb 12, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200902-03 - An untrusted search path vulnerability in Valgrind might result in the execution of arbitrary code. Tavis Ormandy reported that Valgrind loads a .valgrindrc file in the current working directory, executing commands specified there. Versions less than 3.4.0 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2008-4865
SHA-256 | 75a6bce8f765b9f7d40c28eb61f9aa4b9f47555fdf157d4e90dc3535d6589745
Gentoo Linux Security Advisory 200902-2
Posted Feb 12, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200902-02 - An error in the OpenSSL certificate chain validation might allow for spoofing attacks. The Google Security Team reported that several functions incorrectly check the result after calling the EVP_VerifyFinal() function, allowing a malformed signature to be treated as a good signature rather than as an error. This issue affects the signature checks on DSA and ECDSA keys used with SSL/TLS. Versions less than 0.9.8j are affected.

tags | advisory, spoof
systems | linux, gentoo
advisories | CVE-2008-5077
SHA-256 | f13499deaa027a65c3d9771c2e9479aff96cdfb004eaf1507e2bcfc5c18d1863
Baran CMS 1.0 File Upload / SQL Injection / XSS
Posted Feb 12, 2009
Authored by Pouya Server

Baran CMS version 1.0 suffers from file upload, cross site scripting, SQL injection, cookie manipulation, and database disclosure vulnerabilities.

tags | exploit, vulnerability, xss, sql injection, file upload
SHA-256 | 16990994f77c72a74621ea1b02449b8f745086850ed573d04fa0b2870c179533
Ubuntu Security Notice 720-1
Posted Feb 12, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-720-1 - A significant amount of vulnerabilities in PHP 5 have been addressed. These range from security bypass to denial of service issues.

tags | advisory, denial of service, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3996, CVE-2007-5900, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658
SHA-256 | a31f39cf30e5eb073f9dc121d4e40f5b0fdbb62143587c9dc60669c009e7c708
Ubuntu Security Notice 719-1
Posted Feb 12, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-719-1 - It was discovered that pam_krb5 parsed environment variables when run with setuid applications. A local attacker could exploit this flaw to bypass authentication checks and gain root privileges. Derek Chan discovered that pam_krb5 incorrectly handled refreshing existing credentials when used with setuid applications. A local attacker could exploit this to create or overwrite arbitrary files, and possibly gain root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2009-0360, CVE-2009-0361
SHA-256 | ccb390c7c8ac7375711ca07de825f8151af54f882f27007ed7f3ab0cf68d877d
Free Joke Script 1.0 SQL Injection
Posted Feb 12, 2009
Authored by Muhacir

Free Joke Script version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | d6352f23b9fb17c4781ca666437d2dbcc199aa6df4c5182fa275037261b460d3
Mandriva Linux Security Advisory 2009-036
Posted Feb 12, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-036 - Multiple integer overflows exist in various versions of python. The updated Python packages have been patched to correct these issues.

tags | advisory, overflow, python
systems | linux, mandriva
advisories | CVE-2008-2315, CVE-2008-4864, CVE-2008-5031
SHA-256 | 4bc7c56b44f04c83e5be7c57de9017257d3056e21d5866a60447ee4c5deced03
PHP Krazy Image Host Script 1.01 SQL Injection
Posted Feb 12, 2009
Authored by X0r

PHP Krazy Image Host Script version 1.01 suffers from a remote SQL injection vulnerability in viewer.php.

tags | exploit, remote, php, sql injection
SHA-256 | 68827498d8b9331f4ba810bbec89a9ad06716e07b2c8eb264c3d6c0df7b60775
Debian Linux Security Advisory 1723-1
Posted Feb 12, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1723-1 - Michael Brooks discovered that phpMyAdmin, a tool to administrate MySQL over the web, performs insufficient input sanitizing allowing a user assisted remote attacker to execute code on the webserver.

tags | advisory, remote, web
systems | linux, debian
advisories | CVE-2008-5621
SHA-256 | 0ce8623c3eb2df117c5ee0aa0b3dbaa95f8eddf9d15ced49b7924312e3411fd2
Secunia Security Advisory 33917
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libpam-krb5. This fixes some vulnerabilities, which can be exploited by malicious, local users to overwrite files and to gain escalated privileges.

tags | advisory, local, vulnerability
systems | linux, debian
SHA-256 | 4b308d431a19d6e32c51108994802e1e8f9a73d12f4ff8a2a4296f3e946b09b5
Secunia Security Advisory 33891
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - david.vorel has reported a vulnerability in Trend Micro InterScan Web Security Suite and Trend Micro InterScan Web Security Virtual Appliance, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, web
SHA-256 | 1812723500b3c21417fcfae1d842739342aa0f9171fca401a25eef2313d30332
Secunia Security Advisory 33803
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in FAST ESP, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | f0e7c8546070e69be689e0078b66547f4f8cceadc1f9c62f274c33353ba6fefe
Secunia Security Advisory 33924
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dejan Levaja has reported a vulnerability in GeoVision Digital Video Surveillance System, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | c2238e0d3c0ab1e1929f842c865264c610291318ce49bfc0ecbc26945f49e569
Secunia Security Advisory 33892
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Becky! Internet Mail, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 1f808fee7fa5f64a1f40d55ce1ea9830a74f8603ab192666158ab4f9de2a4485
Secunia Security Advisory 33920
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - nuclear has reported a vulnerability in Den Dating Website Script, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 1bacf5dcc9d1144bb80dd289bf21cb5a61de2ceba83cdc7acdbead2c5a770e7a
Secunia Security Advisory 33922
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - x0r has discovered some vulnerabilities in Graugon Gallery, which can be exploited by malicious people to bypass certain security restrictions and conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | e1965ed6f356b0cb289d1b891aa98a680f5ff222250d2a6ce97a752e27f3cde0
Secunia Security Advisory 33876
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Calendarix Basic, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 88bbc3f7defae3f866741ee8c1b55bd22cbb34586c5e10cab095aff0b50a02b1
Secunia Security Advisory 33736
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Jaykishan Nirmal has reported two vulnerabilities in Calendarix Advanced, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 6e1046e4410f89ffbf7a545537779f1e89d9d88f3800b7787316b669e9c01495
Secunia Security Advisory 33919
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Advertisement module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 7ef4bd3679d8c6171e46107e8d0fdf2374908df45cba6a9b6d6429557084dc7c
Secunia Security Advisory 33912
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
systems | linux, debian
SHA-256 | 07ab8fe2440aea08956e69550b25877ea6acf88224b6c580b13e82d6786ff988
Secunia Security Advisory 33898
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Drupal, which can lead to unauthorised users performing actions with escalated privileges.

tags | advisory
SHA-256 | 321127bcafd0197ef532fd9a4d0f52f299cde9193a3a3e9be1ddec4a795406b4
Page 1 of 2
Back12Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close