what you don't know can hurt you
Showing 1 - 25 of 36 RSS Feed

Files Date: 2009-05-21

Mandriva Linux Security Advisory 2009-121
Posted May 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-121 - Multiple security vulnerabilities has been identified and fixed in Little CMS. A memory leak flaw allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted image file. Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow. Multiple stack-based buffer overflows allow remote attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel. A flaw in the transformations of monochrome profiles allows remote attackers to cause denial of service triggered by a NULL pointer dereference via a crafted image file. This update provides fixes for these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability, memory leak
systems | linux, mandriva
advisories | CVE-2009-0581, CVE-2009-0723, CVE-2009-0733, CVE-2009-0793
MD5 | 9aaa6e5338f13acaf3205e37a5a22ca6
Mandriva Linux Security Advisory 2009-120
Posted May 21, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-120 - Multiple security vulnerabilities has been identified and fixed in OpenSSL. The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. The updated packages have been patched to prevent this.

tags | advisory, remote, denial of service, vulnerability, memory leak
systems | linux, mandriva
advisories | CVE-2009-1377, CVE-2009-1378
MD5 | 40411a2c25d7fd9f6200712d9f70d18c
Article Directory SQL Injection
Posted May 21, 2009
Authored by Hakxer

Article Directory suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | c12c1f4808e1303485e28367920a5e8b
Job Script 2.0 Shell Upload
Posted May 21, 2009
Authored by Hakxer

Job Script version 2.0 suffers from an arbitrary shell upload vulnerability.

tags | exploit, arbitrary, shell, file upload
MD5 | 5245a601d40ab4035909b482f64b600e
Bypassing Authentication With Reverse Engineering
Posted May 21, 2009
Authored by Jonathan Salwan | Site shell-storm.org

Whitepaper called Bypassing Authentication with Reverse Engineering in Linux x86. Written in French.

tags | paper, x86
systems | linux
MD5 | 19c50bb676b1d10a4180966e99a16b50
ASP Inline Corporate Calendar XSS / SQL Injection
Posted May 21, 2009
Authored by Bl@ckbe@rd

ASP Inline Corporate Calendar suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, asp
MD5 | d4427407dd890bd7747e1e11f99a2229
Vicidial Call Center SQL Injection
Posted May 21, 2009
Authored by Striker7

Vicidial Call Center Suite suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 6f9d072d28046233760d43790aa5835c
Digital Defense VRT Advisory 2009.25
Posted May 21, 2009
Authored by Digital Defense, r@b13$, David Marshall | Site digitaldefense.net

The web interface on tcp port 8090 of IPsession suffers from a SQL injection vulnerability.

tags | advisory, web, tcp, sql injection
MD5 | a9e4c0a0fb5a55991acaf2f0e3c218fe
ChinaGames Code Execution
Posted May 21, 2009
Authored by etirah

ChinaGames Active-X related remote code execution exploit.

tags | exploit, remote, code execution, activex
MD5 | b4e4a1135cd48de152edfc62d0d34df2
BaoFeng Code Execution
Posted May 21, 2009
Authored by etirah

BaoFeng Active-X related remote code execution exploit.

tags | exploit, remote, code execution, activex
MD5 | 747e205acea99eae101b09eac2147010
Microsoft IIS 6.0 WebDAV Bypass
Posted May 21, 2009
Authored by Andrew Orr, Ron Bowes | Site skullsecurity.org

Remote authentication bypass exploit for the WebDAV vulnerability in Microsoft IIS 6.0.

tags | exploit, remote, bypass
MD5 | 88f5c6917ad436df1a16908de6c90d8f
Secunia Security Advisory 35118
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Mac OS X, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | apple, osx
MD5 | a77ad1ce5141b21edefe2d6313d97f1e
Secunia Security Advisory 35153
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for ipsec-tools. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, debian
MD5 | 69a06e27186c2b82307189ef05e292e1
Secunia Security Advisory 35119
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | 9050efc0f60c369897e60d26563b160e
Secunia Security Advisory 35152
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for acroread. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 241e55ebfd19c2586e9f14383b74eba5
Secunia Security Advisory 35183
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for nsd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, debian
MD5 | 600d89f2bc8e11019b6fced0ec77d7a4
Secunia Security Advisory 35179
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Cisco products, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.

tags | advisory
systems | cisco
MD5 | 545f5ad5fd10cc170b510f72b6134471
Secunia Security Advisory 35185
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), disclose potentially sensitive information and by malicious people to potentially compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
MD5 | e74d6121b2a331e4acc315f9af1aaee8
Secunia Security Advisory 32474
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sun Java System Communications Express, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, java, vulnerability, xss
MD5 | a48c02534dc727c7de938f10a0847c4c
Secunia Security Advisory 35170
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ThE g0bL!N has discovered some vulnerabilities in NC GBook, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | b377eca933fae0f3410d1f31f76b98fd
Secunia Security Advisory 35172
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ByALBAYX has reported a vulnerability in exJune Office Message System, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 903e3dc93747aa8aa1bff507ce360646
Secunia Security Advisory 35139
Posted May 21, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Snakespc has reported a vulnerability in bSpeak, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 2aa5b2b4a63bc96ebedc028b40f8a8b7
iDEFENSE Security Advisory 2009-05-19.1
Posted May 21, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 05.19.09 - Local exploitation of a file overwrite vulnerability in IBM Corp.'s Advanced Interactive eXecutive (AIX) could allow an attacker to overwrite arbitrary files and execute arbitrary code. The AIX libc implementation of malloc includes a debugging mechanism that is initiated by setting the MALLOCTYPE and MALLOCDEBUG environment variables. This debugging feature writes to a user-specified log file under certain conditions. There is a gap in time between the checks to see if the file is a symbolic link and the process of opening the file. If an attacker can change the file to be a symbolic link to another file within this time frame, it is possible to cause a set-uid binary to write to files owned by privileged users. iDefense confirmed the existence of this vulnerability in IBM Corp.'s AIX version 5.3. Other versions may also be affected.

tags | advisory, arbitrary, local
systems | aix
MD5 | f5df636d3549f48d5c7b51f6d5d3826e
Core Security Technologies Advisory 2009.0109
Posted May 21, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - Several cross site scripting vulnerabilities were found in the following files/urls of the Sun Java System Communications Express system.

tags | exploit, java, vulnerability, xss
advisories | CVE-2009-1729
MD5 | 66cba81d15ed53317ac0960af46eaf8b
Cisco Security Advisory 20090520-cw
Posted May 21, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - CiscoWorks Common Services contains a vulnerability that could allow an unauthenticated remote attacker to access application and host operating system files.

tags | advisory, remote
systems | cisco
advisories | CVE-2009-1161
MD5 | 36b09d3bf0be6807065752275ed88f69
Page 1 of 2
Back12Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close