what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 67 RSS Feed

Files Date: 2009-05-13

Ubuntu Security Notice 776-2
Posted May 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-776-2 - USN-776-1 fixed vulnerabilities in KVM. Due to an incorrect fix, a regression was introduced in Ubuntu 8.04 LTS that caused KVM to fail to boot virtual machines started via libvirt. This update fixes the problem. Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly validate certain messages. A remote attacker could send specially crafted VNC messages that would cause KVM to consume CPU resources, leading to a denial of service. Jan Niehusmann discovered that KVM's Cirrus VGA implementation over VNC did not correctly handle certain bitblt operations. A local attacker could exploit this flaw to potentially execute arbitrary code on the VM host or crash KVM, leading to a denial of service. It was discovered that KVM's VNC password checks did not use the correct length. A remote attacker could exploit this flaw to cause KVM to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2008-1945, CVE-2008-2004, CVE-2008-2382, CVE-2008-4539, CVE-2008-5714
SHA-256 | 494dd7a7b640d12307b6ec6753130b3f5f824fcc8ecb4f7a49332420d07598a3
Mandriva Linux Security Advisory 2009-111
Posted May 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-111-1 - Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. The recent Mozilla Firefox update missed the Firefox language packs for Mandriva Linux 2009. This update provides them, fixing the issue.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313
SHA-256 | 0b9ab0678b8f50291475ab0c369624d0ea9d246c0f33cdfab12afe730ed4f0cf
Mandriva Linux Security Advisory 2009-110
Posted May 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-110 - Multiple vulnerabilities has been identified and corrected in squirrelmail. These issues range from cross site scripting to code execution vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | linux, mandriva
advisories | CVE-2009-1578, CVE-2009-1579, CVE-2009-1580, CVE-2009-1581
SHA-256 | eb825894498d8381f7051299956731d6f8a6c53fa50672e55d2c3812e07667c6
MaxCMS 2.0 Create New Admin
Posted May 13, 2009
Authored by Securitylab Security Research | Site securitylab.ir

MaxCMS version 2.0 create new administrative account exploit that uses a SQL injection vulnerability in the cookie passed.

tags | exploit, sql injection, add administrator
SHA-256 | 113f4bedfed5d21114fd9b88db4b2ef641cc0e857fdd4305c4d4227aa5674bf7
Truecrypt Disk Encryption Software
Posted May 13, 2009
Site truecrypt.org

TrueCrypt is on-the-fly disk encryption software that can create a virtual encrypted disk within a file and mount it as a real disk. It can also encrypt an entire hard disk partition, or a storage device such as USB memory stick. It supports plausible deniability.

Changes: Several minor improvements, bugfixes, and security enhancements were made.
tags | encryption
SHA-256 | fef81746948b8e395a866509df337ec4a68475c3df755e527c2788f3111824fe
ipsec-tools Racoon Denial Of Service
Posted May 13, 2009
Authored by mu-b | Site digit-labs.org

ipsec-tools racoon frag-isakmp denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 898ae58d8c1b9defc05f54f5324236c2292838fce91ff46441b899d746e65938
Family Connections CMS 1.9 SQL Injection
Posted May 13, 2009
Authored by YEnH4ckEr

Family Connections CMS versions 1.9 and below remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 0790c50b136c6400cbb76768254eeaf9ebdf73e3e70f5681d4b209c6037fd5ee
Pinnacle Studio 12 Directory Traversal
Posted May 13, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal proof of concept exploit.

tags | exploit, proof of concept, file inclusion
SHA-256 | 140e18b7f263c208877fbd4b9e099be7be793ab75d118fc919ff39ed4291ab12
Fwknop Port Knocking Utility
Posted May 13, 2009
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Support was added for ipfw "sets" on FreeBSD and Mac OS X systems. A segfault on Debian systems that was exposed in some circumstances with older versions of libpcap was fixed. The --icmp-type and --icmp-code command line arguments were added for the fwknop client in order to manually set the ICMP type/code values when using "--Spoof-proto icmp" or "--Server-proto icmp". Support was added for multiple include/exclude test identifying strings (separated by commas).
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 5d2960bc3f4497e07183ae8c6b84acda0e456c67a5a75a98056df613c15e0466
Password Protector SD 1.3.1 Insecure Cookie
Posted May 13, 2009
Authored by Mr.tro0oqy

Password Protector SD version 1.3.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | e281cf16cdc383b69329c5073a2f6c6934f6bc7440f82f09bc1fe6b93008bea0
TinyButStrong 3.4.0 File Disclosure
Posted May 13, 2009
Authored by ahmadbady

TinyButStrong version 3.4.0 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
SHA-256 | be78a80fd48107b4a079f935dda72f28b37c6c3f3ba470a444f4be9d5e2bf1ea
iDEFENSE Security Advisory 2009-05-12.9
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of two related PowerPoint record types. The first record type is used to specify collaboration information for different slides. One of the fields in this record contains a 32-bit integer that is used to specify the number of a specific type of records that are present in the file. This integer is used in a multiplication operation that calculates the size of a heap buffer that will be used to store the records as they are read in from the file. The calculation can overflow, resulting in an undersized heap buffer being allocated. By providing a large value for the record count, and inserting enough dummy records, it is possible to trigger a heap based buffer overflow. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, and 2003 SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-0221
SHA-256 | 84bba074996caa0939a7e44b41d9a7389b4b11a60328716bd8fa6f9a381fe0af
iDEFENSE Security Advisory 2009-05-12.8
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the Notes container inside of the PowerPoint Document stream. This container is used to hold records related to notes that appear on the slides. By inserting a value into a container, it is possible to trigger a memory corruption vulnerability. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, and 2003 SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-1130
SHA-256 | 7f7588e5d20993d1557ddc70301247408570fff65a0c66bc08fa4e5e6d678106
iDEFENSE Security Advisory 2009-05-12.7
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of the BuildList record. This record is a container for other records that describe charts and diagrams in the PowerPoint file. By inserting multiple BuildList records with ChartBuild containers inside of them, it is possible to trigger a memory corruption vulnerability during the parsing of the ChartBuild container's contents. This allows an attacker to control an object pointer, which can lead to attacker supplied function pointers being dereferenced. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, 2003 SP3, 2007, 2007 SP1, and PowerPoint Viewer 2003.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-0224
SHA-256 | 98683674d53180aca6ec380be9c8a25a413aab69fa225531f66abadcfa0bd397
iDEFENSE Security Advisory 2009-05-12.6
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of multiple stack-based buffer overflow vulnerabilities in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerabilities exist within the importer for PowerPoint 95 format files. This functionality is contained within the PP7X32.DLL. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-1128
SHA-256 | 4d2d05f1058734610733532062ed77695c73219fd1b4fe428f8e5306abe78262
iDEFENSE Security Advisory 2009-05-12.5
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of multiple stack based buffer overflow vulnerabilities in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerabilities exist within the importer for PowerPoint 95 format files. This functionality is contained within the PP7X32.DLL. The vulnerabilities occur when reading sound data from a PowerPoint file. In both cases, a value representing a record length is read in from the file. This value is then used to control the number of bytes read into a fixed size stack buffer. There is no check performed to ensure that the buffer can hold the number of bytes specified, which results in a stack buffer overflow. iDefense has confirmed the existence of these vulnerabilities in Office XP SP3, and Office 2000 SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-1129
SHA-256 | fcf13fe7cfc3b8b5e14e22a30f0bbac0017a3c2415c37fc364e4eef3583b5be9
iDEFENSE Security Advisory 2009-05-12.4
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of multiple stack-based buffer overflow vulnerabilities in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerabilities exist within the importer for PowerPoint 4.0 format files. This functionality is contained within the PP4X32.DLL. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-0220
SHA-256 | 7ce1ffb2ba312734fc860a8482e98527498becbfccdb72bf130c0baba266299e
iDEFENSE Security Advisory 2009-05-12.3
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a stack based buffer overflow vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. In particular, there is code that parses a string in the PowerPoint file. If the size of this data is greater than a certain value, then memory corruption will occur. This memory corruption can lead to the vulnerable code executing an attacker supplied address. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-0226
SHA-256 | aa746668db670cf5482d819184ba1364f23aa4473b232e3400c2f14c9eed84f8
iDEFENSE Security Advisory 2009-05-12.2
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. In particular, there is code that parses structures in the PowerPoint file. If the number of these structures is greater than a certain value, then memory corruption will occur. This memory corruption leads to the executing of arbitrary code. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-0223
SHA-256 | d46d15bace48b692d2adac056789e54ccb908fe6ccd325abcaaea4b3359934a4
iDEFENSE Security Advisory 2009-05-12.1
Posted May 13, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. In particular, there is code that parses structures in the PowerPoint file. If the number of these structures is greater than a certain value, then memory corruption will occur. This memory corruption leads to the executing of arbitrary code. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3 and XP SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-0227
SHA-256 | e3f96726fc6f8d14c3ad93532bc697410b0b18a7c8eaccbcb8df96d4b0f5eb34
Ubuntu Security Notice 776-1
Posted May 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-776-1 - Avi Kivity discovered that KVM did not correctly handle certain disk formats. A local attacker could attach a malicious partition that would allow the guest VM to read files on the VM host. CVE-2008-2004) Alfredo Ortega discovered that KVM's VNC protocol handler did not correctly validate certain messages. A remote attacker could send specially crafted VNC messages that would cause KVM to consume CPU resources, leading to a denial of service. Jan Niehusmann discovered that KVM's Cirrus VGA implementation over VNC did not correctly handle certain bitblt operations. A local attacker could exploit this flaw to potentially execute arbitrary code on the VM host or crash KVM, leading to a denial of service. It was discovered that KVM's VNC password checks did not use the correct length. A remote attacker could exploit this flaw to cause KVM to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2008-1945, CVE-2008-2004, CVE-2008-2382, CVE-2008-4539, CVE-2008-5714
SHA-256 | 58f223c2297cdd9c2c7ddb064e41a550ca946b93c8a244622b78b946d06414ff
Ubuntu Security Notice 775-1
Posted May 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-775-1 - It was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. An authenticated remote attacker could exploit this flaw to cause bgpd to abort, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-1572
SHA-256 | 443af3101cdb36466e16e3323416f91df72bbb49ad0eef51b7f6c65ef2e1eab6
Technical Cyber Security Alert 2009-132A
Posted May 13, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-132A - Microsoft has released updates that address vulnerabilities in Microsoft PowerPoint.

tags | advisory, vulnerability
SHA-256 | ddbbbb4322a8aa4e21d5e568808b1ec8619cbac1da27e82a41784bfeb0acd724
CastRipper 2.50.70 .PLS Universal Stack Overflow
Posted May 13, 2009
Authored by zAx

CastRipper version 2.50.70 universal stack overflow that creates a malicious .pls file.

tags | exploit, overflow
SHA-256 | 620b841b356a6e799144cba2248ee52c5be7feabebcb3e063c0a26b02303e987
CastRipper 2.50.70 .M3U Universal Stack Overflow
Posted May 13, 2009
Authored by Super Cristal | Site snakespc.com

CastRipper version 2.50.70 universal stack overflow that creates a malicious .m3u file. Written in Python.

tags | exploit, overflow, python
SHA-256 | a6062b7daa63ebf3f9dd0e93df4145081a26e4fb6f49acc177840bf88b24edcf
Page 1 of 3
Back123Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close