what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 83 RSS Feed

Files Date: 2009-04-28

iDEFENSE Security Advisory 2009-04-28.1
Posted Apr 28, 2009
Authored by iDefense Labs, Stephen Fewer | Site idefense.com

iDefense Security Advisory 04.28.09 - Remote exploitation of a stack based buffer overflow vulnerability in TIBCO Software Inc.'s SmartSockets RTserver could allow an attacker to execute arbitrary code with the privileges of the affected service. The vulnerability occurs when parsing requests on the UDP interface of the RTserver. iDefense has confirmed the existence of this vulnerability in the RTserver version 4.0.10.1. Previous versions may also be affected. The SmartSockets framework is resold to various 3rd party vendors, and in this case iDefense used the version provided with Computer Associates Enterprise Communicator.

tags | advisory, remote, overflow, arbitrary, udp
advisories | CVE-2009-1291
SHA-256 | 6d008d52e91cfd5a4ca4ff613e0e700fd8d4e1656b66671f3a7aa9fae61e7a63
Ubuntu Security Notice 765-1
Posted Apr 28, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-765-1 - It was discovered that the upstream security fixes in USN-764-1 introduced a regression which could cause the browser to crash. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-1313
SHA-256 | ab4e4559afc19125898711beb3d92a1e8e060a4eacd8ee5f206a43621376f787
Memcached ASLR Bypass Weakness
Posted Apr 28, 2009
Site positronsecurity.com

During an audit of the memcached v1.2.7 source code, it was found that the software divulges its stack, heap, and shared library memory locations. This effectively disables address space layout randomization (ASLR) protection, making potential buffer overflow vulnerabilities much easier to exploit.

tags | advisory, overflow, vulnerability, bypass
advisories | CVE-2009-1255
SHA-256 | 2f8e3cddb4d091a7628c65e9dcd58f8e254af82611e835a326c48824dc2d5d55
Debian Linux Security Advisory 1780-1
Posted Apr 28, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1780-1 - Two vulnerabilities have been discovered in libdbd-pg-perl, the DBI driver module for PostgreSQL database access (DBD::Pg).

tags | advisory, perl, vulnerability
systems | linux, debian
advisories | CVE-2009-0663, CVE-2009-1341
SHA-256 | 4c1190dcdd77d2ca4d3602c4e6b829968d63e01f45c699b76a5e0cb6aaeb75b2
Google Chrome 1.0.154.53 Denial Of Service
Posted Apr 28, 2009
Authored by Aditya K Sood | Site secniche.org

Google Chrome version 1.0.154.53 "throw exception" remote crash and denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 1fd4ca2e8e688fd3ee517eb4b6efdfa11c7e9969f30fa131e3935fb4e5fc6a4f
MIM:InfiniX 1.2.003 SQL Injection
Posted Apr 28, 2009
Authored by YEnH4ckEr

MIM:InfiniX version 1.2.003 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f43d1aad0582036b8773070a3abe01c14c13b177b3e4c21504ea040d4ea8c889
OpenNHRP NBMA Next Hop Resolution 0.10.2
Posted Apr 28, 2009
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: Additional safety measures were added to not do bad things in case of an off-NBMA routing loop. Some minor bugs were also fixed.
tags | encryption, protocol
systems | cisco, linux
SHA-256 | cf54ba8cf0525b5235b304e5262386acd66d9919b7626cd6a0bdc41ef08dd707
HP Security Bulletin HPSBUX02366 SSRT080120
Posted Apr 28, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running the useradd command. The vulnerability could be exploited locally to allow unauthorized access to directories or files.

tags | advisory
systems | hpux
advisories | CVE-2009-0719
SHA-256 | 0d43e9d2bb8529fed6d01851e133eba86bcf890386ee87229e60dfe3b353175f
webSPELL 4.2.0d Local File Disclosure
Posted Apr 28, 2009
Authored by StAkeR

webSPELL versions 4.2.0d and below local file disclosure exploit.

tags | exploit, local, info disclosure
SHA-256 | 133561498523b13aee4a2f2add63fb4c3b4b409b198a90c549f794852524b3a9
HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow
Posted Apr 28, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow in ovalarmsrv.exe and can be exploited to cause a heap-based buffer overflow via specially crafted commands sent to port 2954/TCP. Successful exploitation may allow execution of arbitrary code. HP Network Node Manager version 7.53 is affected.

tags | advisory, overflow, arbitrary, tcp
advisories | CVE-2008-2438
SHA-256 | 5c00bd4f8d352bd46081ccba370c76751442e5021a0ad1c78da44a1f3aa1c287
VisionLMS 1.0 Password Changer
Posted Apr 28, 2009
Authored by Mr.tro0oqy

VisionLMS version 1.0 remote password changing exploit that leverages changePW.php.

tags | exploit, remote, php
SHA-256 | 355b4c9b088d211fb2b41e0d50a9c7539901f3429c0cfb67173f956a4cac54b8
Formshield CAPTCHA Replay Attack
Posted Apr 28, 2009
Authored by Arvind Doraiswamy

The Formshield CAPTCHA library suffers from a replay attack vulnerability.

tags | advisory
SHA-256 | a946e21320544258614c2b1013be99c2f90585628b0865e75a0361b07e0f79ad
OWASP AppSec DC 2009 Call For Papers
Posted Apr 28, 2009
Site owasp.org

OWASP is currently soliciting papers for the OWASP AppSec DC 2009 Conference that will take place at the Walter E. Washington Convention Center in Washington, DC on November 10th through 13th of 2009.

tags | paper, conference
SHA-256 | 5a3cff1cb7be1cd6e8e708e76a685d8a293e3ee05ccefe86ec1e9daf041495ad
Linux 2.6 Kernel SCTP Memory Corruption
Posted Apr 28, 2009
Authored by sgrakkyu | Site kernelbof.blogspot.com

Linux 2.6 kernel SCTP FWD memory corruption remote exploit.

tags | exploit, remote, kernel
systems | linux
advisories | CVE-2009-0065
SHA-256 | 7ff82e6eae31c3b23fa91ab46cc7407d4e0c84cdc92265c1fdb0e74131295a27
Secunia Security Advisory 34908
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in iodine, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 5170d65b8fb4b3d11d2157f0ef94e7ea4e5b0b0e90bebd6eb42978a0a91b1cc3
Secunia Security Advisory 34903
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ThE g0bL!N has reported a vulnerability in Teraway LinkTracker, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 2f1734268f4d03bc14e43406d096c2d46dcc648969b81e24d57f219f5a2c8d79
Secunia Security Advisory 34818
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ThE g0bL!N has reported a vulnerability in Teraway FileStream, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 98937e197a1a9bee837fc139bdf0b7cd899ec962f4528991da96312737c1db68
Secunia Security Advisory 34928
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for prewikka. This fixes a weakness, which can be exploited by malicious, local users to disclose potentially sensitive information.

tags | advisory, local
systems | linux, fedora
SHA-256 | d301444b7379176b220df50f768de743c1f994eca5b4f3d2b909811a98a5cfd5
Secunia Security Advisory 34904
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SirGod has discovered a vulnerability in Flatchat, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 289910837ecbf71c579a24b7b24154a44c65a42c3ec7fbe380655471a7b77e05
Secunia Security Advisory 34898
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Samsung M8800 Innov8 and SGH-J750, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | d186cce2d7f3ab00b5ba58ab5f514455616f52073fce188e617839a323add6ea
Secunia Security Advisory 34850
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in dWebPro, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory, vulnerability
SHA-256 | 79df5af5ccbfb6160c407552b5189329f4ebf78706eed88903eec5c3ce93882b
Secunia Security Advisory 34906
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SirGod has reported a vulnerability in Thickbox Gallery, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 0020f7ad10a092ab288119e669085d349ac8e6752079475ec8f0da5baa19ad3b
Secunia Security Advisory 34922
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in MataChat, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | e00c1481af743f759130692374a2ce9ba62cae2003b1cbe3b4ac62fe8393540d
Secunia Security Advisory 34881
Posted Apr 28, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in file, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | a911a7ff9af20fca92ff381153725d33f6b006acb2c0c482af1c7f3af0500980
Ubuntu Security Notice 767-1
Posted Apr 28, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-767-1 - Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0946
SHA-256 | fcbb530895e7326fb202a6aa414fe44c0b4fd21bd3539ceb6f9c9b6147a1e569
Page 1 of 4
Back1234Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close