what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2009-09-07

GNU Privacy Guard 2.0.13
Posted Sep 7, 2009
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: 2048-bit RSA keys are now generated by default. The default hash algorithm preferences have changed to prefer SHA-256 over SHA-1. Writing of keys to v2 OpenPGP cards was enhanced. Several environment variables are now passed to the Pinentry to make SCIM work. A --batch mode was added to the GPGSM command --gen-key command. Several other enhancements and minor bugs were fixed.
tags | encryption
SHA-256 | d9b3d71f8f2930483d7b7b56276ebe954175b72b34128c6669d0fc00d289aa2e
Linux sock_sendpage() NULL Pointer Dereference
Posted Sep 7, 2009
Authored by Ramon de C Valle | Site risesecurity.org

Linux 2.4 and 2.6 kernel sock_sendpage() NULL pointer dereference exploit. This newer version of the exploit also works with Linux kernel versions that implement COW credentials (e.g. Fedora 11). For SELinux enforced systems, it automatically searches in the SELinux policy rules for types with mmap_zero permission it can transition, and tries to exploit the system with that types.

tags | exploit, kernel
systems | linux, fedora
SHA-256 | e7a0caddf89d8627bd0b835e2b2cdebadbbcb4d666e016dac2a4f3f13979e955
Debian Linux Security Advisory 1881-1
Posted Sep 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1881-1 - It was discovered that the SIEVE component of cyrus-imapd, a highly scalable enterprise mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. Due to incorrect use of the sizeof() operator an attacker is able to pass a negative length to snprintf() calls resulting in large positive values due to integer conversion. This causes a buffer overflow which can be used to elevate privileges to the cyrus system user. An attacker who is able to install SIEVE scripts executed by the server is therefore able to read and modify arbitrary email messages on the system.

tags | advisory, overflow, arbitrary
systems | linux, debian
SHA-256 | 4dbb891cf168c0f7a2bc7cccc3d456dab123abd15c3057dad702ee6c76058555
VMWare VMnc Codec Mismatched Dimensions Buffer Overflow
Posted Sep 7, 2009
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in various VMWare products, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the VMnc codec (vmnc.dll) and can be exploited to cause a heap-based buffer overflow via a specially crafted video file with mismatched dimensions. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-0199
SHA-256 | 98e5779cd33d22ed50f6e62e505b39329741b8a8e9298122fffb91d95633ff4e
Gentoo Linux Security Advisory 200909-2
Posted Sep 7, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200909-02 - A processing error in libvorbis might result in the execution of arbitrary code or a Denial of Service. Lucas Adamski reported that libvorbis does not correctly process file headers, related to static mode headers and encoding books. Versions less than 1.2.3 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2009-2663
SHA-256 | 3db46e8f6b021b9aa675c9ea1c2d0d31850c43c186f9bcd7061f1cd61c7f6fb4
Gentoo Linux Security Advisory 200909-1
Posted Sep 7, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200909-01 - An error in the handling of user names of Linux-PAM might allow remote attackers to cause a Denial of Service or escalate privileges. Marcus Granado reported that Linux-PAM does not properly handle user names that contain Unicode characters. This is related to integer signedness errors in the pam_StrTok() function in libpam/pam_misc.c. Versions less than 1.0.4 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2009-0887
SHA-256 | f689910344730f64cedc83a43ba7c375638246dfee7417bdcbf897b81cd39b26
Pidgin IRC TOPIC Message Denial Of Service
Posted Sep 7, 2009
Authored by Cristofaro Mune | Site icysilence.org

Pidgin version 2.6.1 suffers from a remote denial of service vulnerability when receiving a malformed IRC TOPIC message from a malicious IRC server.

tags | advisory, remote, denial of service
advisories | CVE-2009-2703
SHA-256 | 7ab8b43ac2c2acb3ad6eba05eb13a7a79ce2e4e84598528d24915d411c6ce887
VMware Security Advisory 2009-0012
Posted Sep 7, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - Several security issues are resolved with the latest VMnc codec. Affected are VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE.

tags | advisory
advisories | CVE-2009-0199, CVE-2009-2628
SHA-256 | dd5696c1d34d1408df31d1ca016b4f3885fb1dbc2e002879fa1d594acc1f3087
The Rat CMS Shell Upload
Posted Sep 7, 2009
Authored by Securitylab Security Research | Site securitylab.ir

The Rat CMS suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | 8cf5a008e05a86e15c72267929685f573318bfa4d3fbe7a2815f5fbb046742ac
Trafscrambler Anti-Sniffer For OS X
Posted Sep 7, 2009
Authored by Maxim Bourmistrov | Site en.roolz.org

Trafscrambler is an anti-sniffer/IDS NKE (Network Kernel Extension) for Mac OS X. Author tested this on x86 OS X versions 10.5.6 and 10.5.7. It should work on PPC and older releases as well.

Changes: This is a bug fixing release. Plugged mbuf leak, corrected data injection.
tags | tool, x86, kernel, intrusion detection, ppc
systems | unix, apple, osx
SHA-256 | 63f1a54386d4a4b92cc91435a781879d181cdc1b453243be6c98c029cb8cdb2e
yTNEF/Evolution Directory Traversal / Buffer Overflow
Posted Sep 7, 2009
Authored by Yorick Koster | Site akitasecurity.nl

The yTNEF and the Evolution TNEF attachment decoders suffer from directory traversal and buffer overflow vulnerabilities. Evolution version 2.62.2 and yTNEF version 2.6 are both affected.

tags | exploit, overflow, vulnerability, file inclusion
SHA-256 | fc72295298826820b54f15f505292a1f357eed26bb395249ffb5557757b9e927
Kolibri+ Webserver 2 Denial Of Service / Traversal
Posted Sep 7, 2009
Authored by Usman Saeed | Site xc0re.net

Kolibri+ Webserver 2 suffers from directory traversal and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, file inclusion
SHA-256 | 5fa8857290b16df1c4bd5fb00427d8f8d6f2303771a526a8843db0527a272d20
King CMS 0.6.0 Remote File Inclusion
Posted Sep 7, 2009
Authored by Securitylab Security Research | Site securitylab.ir

King CMS version 0.6.0 suffers from a remote file inclusion vulnerability in menu.php.

tags | exploit, remote, php, code execution, file inclusion
SHA-256 | 8b4fc58aea5227750a9fc6711b6cb0c9a7d44f9e866630d837e358e45b614734
Debian Linux Security Advisory 1880-1
Posted Sep 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory DSA 1880-1 - Several vulnerabilities have been discovered in the OpenOffice.org office suite.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139
SHA-256 | 29d09b914cb9584b866faa18a74e4edaa0df13b895e27f21ce6be1454b4c8f67
Secunia Security Advisory 36564
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mapserver. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
systems | linux, fedora
SHA-256 | 88a5ec4d02f30d5bf8fc0d472fc1c6f393496737b481c9d77620d77c32b8bcc9
Secunia Security Advisory 36518
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Adobe Flash Player for Solaris, which can be exploited by malicious people to bypass security features, gain knowledge of sensitive information, or compromise a user's system.

tags | advisory, vulnerability
systems | solaris
SHA-256 | 9e30fe0cfa5cd3a2fb796d34c2c64a3f472c16290d99a88ab7ddc134055c27f1
Secunia Security Advisory 36515
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mysql-dfsg-5.0. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 8371d96e3abc72abcbfa46a872e471c825a1953747cbcad234dd1187343eb9f5
Secunia Security Advisory 36575
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MySQL, which can be exploited to compromise a vulnerable system.

tags | advisory
SHA-256 | 695c6c2f5d014cc9a2aad1f9081def0d02167bc2afd76c180711214803fd09c6
Secunia Security Advisory 36519
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MyBuxScript PTC, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | b71b3d5eb1e57f8164fd68ce6137c98a9bf4c01b602416d5fdc8159f81459bd5
Secunia Security Advisory 36568
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - v3n0m has reported a vulnerability in PHP Live!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, php, sql injection
SHA-256 | d689bc854c5d7a531a825908a5abae9f85225ff01dd84ebd281237a61d62d1f1
Secunia Security Advisory 36468
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in KDE, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | c99a54abec09a6b6791d55ad55724d1b664fd52a3b7efa5967163a66907b2463
Secunia Security Advisory 36557
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in DotNetNuke, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss
SHA-256 | 6e2649a7b34fb918591c02b3452c6b056de83536a37c705694ca7e1cc0045be6
Secunia Security Advisory 36454
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in D-Link DIR-400 wireless router, which can be exploited to compromise a vulnerable device.

tags | advisory
SHA-256 | cb081debaaa7c550dabde53e733ed2ca797550d2af11d0a20ec90db8bab508cd
Secunia Security Advisory 36588
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in TVersity, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 7d8662f70aa1d72be6e81b368110711d9e44f5520581c00ea0ac34337d8af0fc
Secunia Security Advisory 36439
Posted Sep 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ASUS WL-500W wireless router. One vulnerability has an unknown impact while the other can be exploited to compromise a vulnerable device.

tags | advisory, vulnerability
SHA-256 | ad2911a61594f4d5737ceb289dffa2913396a2f91f03ae4f43baa6dc4025026d
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close