what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 34 RSS Feed

Files Date: 2009-03-12

editeurscripts.com Cross Site Scripting
Posted Mar 12, 2009
Authored by Jonathan Salwan | Site shell-storm.org

Multiple modules from editeurscripts.com suffer from cross site scripting vulnerabilities.These include EsContacts version 1.0, EsBaseAdmin version 2.1, EsPartenaires version 1.0, and EsNews version 1.2.

tags | exploit, vulnerability, xss
SHA-256 | e4a77e182ebd28e3bcdd28d8554e8d48021f0e44f50f3e23fe007cc32c2ac2cd
HP Security Bulletin HPSBMA02413 SSRT080040
Posted Mar 12, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP WMI Mapper for Windows Server 2003 and Windows Server 2008 for Itanium-based Servers. The vulnerabilities could be exploited remotely to allow unauthorized access to data or locally to gain unauthorized access.

tags | advisory, vulnerability
systems | windows
advisories | CVE-2009-0712, CVE-2009-0173
SHA-256 | fac97c2232cea288f1ae15b9586ab301885e7de4cfea8731cd6a342eba984fe1
SlySoft ElbyCDIO.sys Denial Of Service
Posted Mar 12, 2009
Authored by Nikita Tarakanov | Site securitylab.ru

Multiple products from SlySoft suffer from a ElbyCDIO.sys related denial of service vulnerability. These include AnyDVD versions 6.5.2.2 and below, Virtual CloneDrive versions 5.4.2.3 and below, CloneDVD versions 2.9.2.0 and below, and CloneCD versions 5.3.1.3 and below.

tags | advisory, denial of service
advisories | CVE-2009-0824
SHA-256 | 0ce75cc8c75a32c60529ae528a90d4590e31aac42ede1863d10a2a91bea510e8
Open Source CERT Security Advisory 2008.15
Posted Mar 12, 2009
Authored by Will Drewry, Open Source CERT | Site ocert.org

Base64 encoding and decoding functions in glib suffer from vulnerabilities during memory allocation which may result in arbitrary code execution when processing large strings. A number of other GNOME-related applications which predate glib are vulnerable due to the commonality of this flawed code.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2008-4316, CVE-2009-0585, CVE-2009-0586, CVE-2009-0587
SHA-256 | 53bba693225b9b5a30ee3d26bab42447350b5931b378ef7725720712448ef169
TOORCAMP 2009 Call For Participation
Posted Mar 12, 2009
Site toorcamp.org

ToorCamp 2009 Call For Participation - ToorCamp is the United State's first ever full-scale hacker camp. Modelled after the camps in Holland and Germany, ToorCamp will focus on all of the technology topics that ToorCon has become famous for but will expand out into other areas of society. It will be held at the Titan-1 Missile Silo July 2nd through the 5th, 2009.

tags | paper, conference
SHA-256 | d0b076a65cb2da67e5e5a6efcd7cb7aca595d14747944364dbe47986247af196
Trellis Desk Cross Site Scripting
Posted Mar 12, 2009
Authored by larry

Trellis Desk version 1.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 6b438cff3035675417c83f1396c5f42b3459799ba5633c2a10ec6b3076dffaac
KSplice Linux Kernel Updater
Posted Mar 12, 2009
Authored by Anders Kaseorg | Site ksplice.com

Ksplice is practical technology for updating the Linux kernel without rebooting. It enables you to avoid the disruptive process of rebooting for kernel security updates and bugfixes. By making it easy to keep your systems up to date, Ksplice helps you avoid the security and stability risks of running out-of-date software.

Changes: Fixed a bug where Ksplice relocations were sometimes written pointing to the middle of patched sections. Fixed a Makefile bug where the Ksplice core module was compiled twice. Renamed or reorganized several data structures in the Ksplice kernel code. Changed the Ksplice module names from primary/helper to old_code/new_code.
tags | kernel
systems | linux
SHA-256 | efcee59eb467289e86ccf490a1471c9e7ccdb6d6b0c1e788abed12d698702ac9
TikiWiki 2.2 Cross Site Scripting
Posted Mar 12, 2009
Authored by iliz

TikiWiki version 2.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 465718908149b8b9835bd5b7a672ff3964464dabbb94e989c1cbbda9572f9919
Gentoo Linux Security Advisory 200903-26
Posted Mar 12, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-26 - A buffer overflow in TMSNC might lead to the execution of arbitrary code when processing an instant message. Nico Golde reported a stack-based buffer overflow when processing a MSN packet with a UBX command containing a large UBX payload length field. Versions less than or equal to 0.3.2-r1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2008-2828
SHA-256 | aa8399afbc5e1fd3c0b45c6d6b7894da810712824d59017687a1acf90d7d6e6b
Mandriva Linux Security Advisory 2009-074
Posted Mar 12, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-074 - neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service (NULL pointer dereference and crash) via vectors related to Digest authentication and Digest domain parameter support. The updated packages have been upgraded to version 0.28.3 to prevent this.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2008-3746
SHA-256 | 7b06ee39c328279e9bacbbdce907799a1dadd04860603f6ae51c2a87c48bb224
Mandriva Linux Security Advisory 2009-073
Posted Mar 12, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-073 - Various stack buffer overflows were discovered and corrected in sarg. Additionally the previous release fixed CVE-2008-1922. The updated packages have been patched to correct these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2008-1922
SHA-256 | b5f9c0b93b3e83fb3faca8c24f2e6b883c5671f7e36cdbf59abbb106990e9190
Sun Java Communications Suite HTML Injection
Posted Mar 12, 2009
Authored by Edgard Chammas

The Sub Java Communications Suite suffers from multiple HTML injection vulnerabilities.

tags | advisory, java, vulnerability
SHA-256 | 83f368997875a3f0bb985013885e023beabf2eeac6651781603f283b3c4f7627
JDKChat 1.5 Integer Overflow
Posted Mar 12, 2009
Authored by LiquidWorm, n3tpr0b3 | Site zeroscience.mk

Proof of concept exploit for an integer overflow in JDKChat version 1.5.

tags | exploit, overflow, proof of concept
SHA-256 | fe812f22c426d9a44a757e26c411913b801f48b52c4b4e91490904b50a2bc1a8
Mandriva Linux Security Advisory 2009-072
Posted Mar 12, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-072 - The functions used to write strings into shell like configuration files by Mandriva tools were not taking care of some special characters. This could lead to some bugs (like wireless keys containing certain characters not working), and privilege escalation. This update fixes that issue by ensuring proper protection of strings. The updated packages have been patched to correct these issues.

tags | advisory, shell
systems | linux, mandriva
SHA-256 | 69ded06ff56b0a9668d7d1ee68c787f7ac277aa11d9525f06aa5ff3f2a3c76b5
PhpMySport 1.4 XSS / SQL Injection
Posted Mar 12, 2009
Authored by XaDoS

PhpMySport version 1.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | a7e5bdd5e53ecb07b1600bc6835e1b996542cf4d4f97815f2944fb48837806aa
iAntiVirus Fails In A Few Spots
Posted Mar 12, 2009
Authored by Carsten Eilers

iAntiVirus version 1.35 fails to fails to scan .sit and .dmg archives and can also be tricked to ignore archives if special characters are in the names.

tags | advisory
SHA-256 | 77d3cb6ec219d29ef53a708a22b43f77c3f33f9a4bd5d1ce112c51a9f7db7377
Secunia Security Advisory 34179
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in UMI.CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 1c96d7d475af359e5653e68e35cf45bfc2b56da27c50a1e880f2e43a39a0f517
Secunia Security Advisory 34256
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ModSecurity, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 3dbede18efb0426e215dfea0dd80183fe3667c9b5c612e0e1a5cb7ec4e597a89
Secunia Security Advisory 34235
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has acknowledged a vulnerability in tmsnc, which can potentially be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, gentoo
SHA-256 | 00971a23227a095ac7438f61052e26a49bfa811316948ca581fde4e4987c9510
Secunia Security Advisory 34223
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ZipItFast, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 2bc5fc6fdb0eb02c0b703e2ab720ed121b78a833258314020de116781d618e0c
Secunia Security Advisory 34252
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | 29c5b4c308fd60da2a4bdfecf4673b351bdd2799fdfd76c72c567d2b448e8a42
Secunia Security Advisory 34250
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for roundup. This fixes a vulnerability, which can be exploited by malicious users to manipulate certain data.

tags | advisory
systems | linux, fedora
SHA-256 | 111b9c7e6d68ced51983299d515977f8ac5ac234bc4e61fb2084e48890db37de
Secunia Security Advisory 34242
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Radiator, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 40df33c6dcbe26a41dd535c38551bf10dccc6b36d350de8cbc04f218dbc8e04f
Secunia Security Advisory 34254
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability and a security issue have been reported in Apple iTunes, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially disclose sensitive information.

tags | advisory, denial of service
systems | apple
SHA-256 | 5ef8834b33827aa369a541a1e0c22fbf0a6f615e19fb6ff29f189897beda5296
Secunia Security Advisory 34234
Posted Mar 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for courier-authlib. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
systems | linux, gentoo
SHA-256 | f5391be3cdbd3150a1cb70ed1677d3bf521efcbdd9f79551d83791d1d0a320af
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close