what you don't know can hurt you
Showing 1 - 25 of 67 RSS Feed

Files Date: 2009-05-13

Ubuntu Security Notice 776-2
Posted May 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-776-2 - USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a regression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to boot virtual machines started via libvirt. This update fixes the problem. Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly validate certain messages. A remote attacker could send specially crafted VNC messages that would cause KVM to consume CPU resources, leading to a denial of service. Jan Niehusmann discovered that KVM's Cirrus VGA implementation over VNC did not correctly handle certain bitblt operations. A local attacker could exploit this flaw to potentially execute arbitrary code on the VM host or crash KVM, leading to a denial of service. It was discovered that KVM's VNC password checks did not use the correct length. A remote attacker could exploit this flaw to cause KVM to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2008-1945, CVE-2008-2004, CVE-2008-2382, CVE-2008-4539, CVE-2008-5714
MD5 | fd62775d76a01e0a7152815e00731ec7
Mandriva Linux Security Advisory 2009-111
Posted May 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-111-1 - Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. The recent Mozilla Firefox update missed the Firefox language packs for Mandriva Linux 2009. This update provides them, fixing the issue.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313
MD5 | cd6140c06f730bb15dc37c1d6ec72b7f
Mandriva Linux Security Advisory 2009-110
Posted May 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-110 - Multiple vulnerabilities has been identified and corrected in squirrelmail. These issues range from cross site scripting to code execution vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, mandriva
advisories | CVE-2009-1578, CVE-2009-1579, CVE-2009-1580, CVE-2009-1581
MD5 | 25ce95f6a0138a940ac6393654f522b6
MaxCMS 2.0 Create New Admin
Posted May 13, 2009
Authored by Securitylab Security Research | Site securitylab.ir

MaxCMS version 2.0 create new administrative account exploit that uses a SQL injection vulnerability in the cookie passed.

tags | exploit, sql injection, add administrator
MD5 | a8058ea534edcae098d6e97ec7c16cbe
Truecrypt Disk Encryption Software
Posted May 13, 2009
Site truecrypt.org

TrueCrypt is on-the-fly disk encryption software that can create a virtual encrypted disk within a file and mount it as a real disk. It can also encrypt an entire hard disk partition, or a storage device such as USB memory stick. It supports plausible deniability.

Changes: Several minor improvements, bugfixes, and security enhancements were made.
tags | encryption
MD5 | a55f7df7b7a85f8a1995cdaf427adde4
ipsec-tools Racoon Denial Of Service
Posted May 13, 2009
Authored by mu-b | Site digit-labs.org

ipsec-tools racoon frag-isakmp denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | f2c0039b2353671a4cbc676f11726e6c
Family Connections CMS 1.9 SQL Injection
Posted May 13, 2009
Authored by YEnH4ckEr

Family Connections CMS versions 1.9 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | abb3577aa27498e67e7ecdb11166b952
Pinnacle Studio 12 Directory Traversal
Posted May 13, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal proof of concept exploit.

tags | exploit, proof of concept, file inclusion
MD5 | fe336948e9b83ceaaca47b005fd301bc
Fwknop Port Knocking Utility
Posted May 13, 2009
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Support was added for ipfw "sets" on FreeBSD and Mac OS X systems. A segfault on Debian systems that was exposed in some circumstances with older versions of libpcap was fixed. The --icmp-type and --icmp-code command line arguments were added for the fwknop client in order to manually set the ICMP type/code values when using "--Spoof-proto icmp" or "--Server-proto icmp". Support was added for multiple include/exclude test identifying strings (separated by commas).
tags | tool, scanner, vulnerability
systems | unix
MD5 | 2a7a630ec74dd71896a4a180536b8311
Password Protector SD 1.3.1 Insecure Cookie
Posted May 13, 2009
Authored by Mr.tro0oqy

Password Protector SD version 1.3.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | f1598a84ef72118166c54815209d2cd8
TinyButStrong 3.4.0 File Disclosure
Posted May 13, 2009
Authored by ahmadbady

TinyButStrong version 3.4.0 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 0e5c0574c274a597dce7d78554fa2300
iDEFENSE Security Advisory 2009-05-12.9
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of two related PowerPoint record types. The first record type is used to specify collaboration information for different slides. One of the fields in this record contains a 32-bit integer that is used to specify the number of a specific type of records that are present in the file. This integer is used in a multiplication operation that calculates the size of a heap buffer that will be used to store the records as they are read in from the file. The calculation can overflow, resulting in an undersized heap buffer being allocated. By providing a large value for the record count, and inserting enough dummy records, it is possible to trigger a heap based buffer overflow. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, and 2003 SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-0221
MD5 | 5ad9d99d40157d8e8a69709ef123d5b3
iDEFENSE Security Advisory 2009-05-12.8
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the Notes container inside of the PowerPoint Document stream. This container is used to hold records related to notes that appear on the slides. By inserting a value into a container, it is possible to trigger a memory corruption vulnerability. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, and 2003 SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-1130
MD5 | 39272c6d859b188a92c96a5b542e6040
iDEFENSE Security Advisory 2009-05-12.7
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of the BuildList record. This record is a container for other records that describe charts and diagrams in the PowerPoint file. By inserting multiple BuildList records with ChartBuild containers inside of them, it is possible to trigger a memory corruption vulnerability during the parsing of the ChartBuild container's contents. This allows an attacker to control an object pointer, which can lead to attacker supplied function pointers being dereferenced. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, 2003 SP3, 2007, 2007 SP1, and PowerPoint Viewer 2003.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-0224
MD5 | 7dc38eceb58b3065d0e436e8bc5477d2
iDEFENSE Security Advisory 2009-05-12.6
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of multiple stack-based buffer overflow vulnerabilities in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerabilities exist within the importer for PowerPoint 95 format files. This functionality is contained within the PP7X32.DLL. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-1128
MD5 | fdf8ea7a2c3d92692291d950f57e4a2f
iDEFENSE Security Advisory 2009-05-12.5
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of multiple stack based buffer overflow vulnerabilities in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerabilities exist within the importer for PowerPoint 95 format files. This functionality is contained within the PP7X32.DLL. The vulnerabilities occur when reading sound data from a PowerPoint file. In both cases, a value representing a record length is read in from the file. This value is then used to control the number of bytes read into a fixed size stack buffer. There is no check performed to ensure that the buffer can hold the number of bytes specified, which results in a stack buffer overflow. iDefense has confirmed the existence of these vulnerabilities in Office XP SP3, and Office 2000 SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-1129
MD5 | 76895dd63db2cc075ee8e29b4f7dbc50
iDEFENSE Security Advisory 2009-05-12.4
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of multiple stack-based buffer overflow vulnerabilities in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerabilities exist within the importer for PowerPoint 4.0 format files. This functionality is contained within the PP4X32.DLL. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-0220
MD5 | d5c973ceea6c154dddc4026ec264568c
iDEFENSE Security Advisory 2009-05-12.3
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a stack based buffer overflow vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. In particular, there is code that parses a string in the PowerPoint file. If the size of this data is greater than a certain value, then memory corruption will occur. This memory corruption can lead to the vulnerable code executing an attacker supplied address. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-0226
MD5 | e692b4d7451abbc5bd3f45ddfd820ac0
iDEFENSE Security Advisory 2009-05-12.2
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. In particular, there is code that parses structures in the PowerPoint file. If the number of these structures is greater than a certain value, then memory corruption will occur. This memory corruption leads to the executing of arbitrary code. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-0223
MD5 | dda70f10023cb45aa7a6ee81a4374bfd
iDEFENSE Security Advisory 2009-05-12.1
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. In particular, there is code that parses structures in the PowerPoint file. If the number of these structures is greater than a certain value, then memory corruption will occur. This memory corruption leads to the executing of arbitrary code. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-0227
MD5 | 3e5662125337722b41d5dd4752ed8550
Ubuntu Security Notice 776-1
Posted May 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-776-1 - Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. CVE-2008-2004) Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly validate certain messages. A remote attacker could send specially crafted VNC messages that would cause KVM to consume CPU resources, leading to a denial of service. Jan Niehusmann discovered that KVM's Cirrus VGA implementation over VNC did not correctly handle certain bitblt operations. A local attacker could exploit this flaw to potentially execute arbitrary code on the VM host or crash KVM, leading to a denial of service. It was discovered that KVM's VNC password checks did not use the correct length. A remote attacker could exploit this flaw to cause KVM to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2008-1945, CVE-2008-2004, CVE-2008-2382, CVE-2008-4539, CVE-2008-5714
MD5 | 06639815ca44a17acc0e1baa64d490e3
Ubuntu Security Notice 775-1
Posted May 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-775-1 - It was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. An authenticated remote attacker could exploit this flaw to cause bgpd to abort, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-1572
MD5 | 738d0ea6c3a9c20b490f3daabe48401b
Technical Cyber Security Alert 2009-132A
Posted May 13, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-132A - Microsoft has released updates that address vulnerabilities in Microsoft PowerPoint.

tags | advisory, vulnerability
MD5 | 6afd1336f7c7195208d935d7976e9f47
CastRipper 2.50.70 .PLS Universal Stack Overflow
Posted May 13, 2009
Authored by zAx

CastRipper version 2.50.70 universal stack overflow that creates a malicious .pls file.

tags | exploit, overflow
MD5 | 049bfcc992eb1e38e9f0d19f5903d576
CastRipper 2.50.70 .M3U Universal Stack Overflow
Posted May 13, 2009
Authored by Super Cristal | Site snakespc.com

CastRipper version 2.50.70 universal stack overflow that creates a malicious .m3u file. Written in Python.

tags | exploit, overflow, python
MD5 | ebabd62cc7d028cc56176e339220cf2f
Page 1 of 3
Back123Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close