the original cloud security
Showing 1 - 25 of 872 RSS Feed

Files Date: 2009-11-01 to 2009-11-30

Ubuntu Security Notice 862-1
Posted Nov 27, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 862-1 - Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dba_replace function. If a script passed untrusted input to the dba_replace function, an attacker could truncate the database. It was discovered that PHP did not properly handle certain malformed images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the tempnam function. An attacker could exploit this issue to bypass safe_mode restrictions. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the posix_mkfifo function. An attacker could exploit this issue to bypass open_basedir restrictions. Bogdan Calin discovered that PHP did not limit the number of temporary files created when handling multipart/form-data POST requests. A remote attacker could exploit this flaw and cause the PHP server to consume all available resources, resulting in a denial of service.

tags | advisory, remote, denial of service, php
systems | linux, osx, ubuntu
advisories | CVE-2008-7068, CVE-2009-3291, CVE-2009-3292, CVE-2009-3557, CVE-2009-3558, CVE-2009-4017, CVE-2009-4018
MD5 | 43d50612434fbd4b8c923a8b6beac063
Serenity Audio Player Buffer Overflow
Posted Nov 27, 2009
Authored by mr_me

Serenity Audio Player playlist buffer overflow exploit that creates a malicious .m3u file. Versions 3.2.3 and below are affected.

tags | exploit, overflow
MD5 | 0d5ccd038d4d630629baef93f693c5e1
phpBazar 2.1.1fix SQL Injection
Posted Nov 27, 2009
Authored by MizoZ

phpBazar versions 2.1.1fix and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 489762af1f6fadc7f5eada367701202b
Joomla Lyftenbloggie SQL Injection
Posted Nov 27, 2009
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla Lyftenbloggie component version 1.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cb9da27b63591515c16b9f892ee1dd0a
Mandriva Linux Security Advisory 2009-304
Posted Nov 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-304 - Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO. Additionally BIND has been upgraded to the latest point release or closest supported version by ISC.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2009-4022
MD5 | c8fbf818bbf185917fccf79da8519a38
Gentoo Linux Security Advisory 200911-6
Posted Nov 27, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200911-6 - An input sanitation error in PEAR Net_Traceroute might allow remote attackers to execute arbitrary commands. Pasquale Imperato reported that the $host parameter to the traceroute() function in Traceroute.php is not properly sanitized before being passed to exec(). Versions less than 0.21.2 are affected.

tags | advisory, remote, arbitrary, php
systems | linux, gentoo
advisories | CVE-2009-4025
MD5 | 55f456c6df96434e2cdfce9599d58ccd
Cacti 0.8.7e Cross Site Scripting
Posted Nov 27, 2009
Authored by Moritz Naumann

Cacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2009-4032
MD5 | c9b52762868a585b0277459094ec071e
Debian Linux Security Advisory 1940-1
Posted Nov 27, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1940-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292
MD5 | b2fb41b3070c564c6d204476172d0ad2
BolinTech Dream FTP Server 1.02 Format String
Posted Nov 27, 2009
Authored by Patrick Webster | Site metasploit.com

This Metasploit module exploits a format string overflow in the BolinTech Dream FTP Server version 1.02. Based on the exploit by SkyLined.

tags | exploit, overflow
advisories | CVE-2004-2074
MD5 | 55e93a8c4908c4d63480497ce0fc8a2a
Secunia Security Advisory 37497
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for PEAR-Net_Traceroute. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
MD5 | 141a53809bd87d66954ed25399db738d
Secunia Security Advisory 37478
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in RADIO istek scripti, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | e8937e686b7317a02444366b31d66ae3
Secunia Security Advisory 37476
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the GCalendar component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 836039b4b8890ac1898d83d9d54f4061
Secunia Security Advisory 37498
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for php5. This fixes multiple vulnerabilities, some of which have unknown impact and others that can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | ee44a9d6aaa2b47c6cfaafbe96f94cb5
Secunia Security Advisory 37499
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - kaMtiEz has discovered a vulnerability in the LyftenBloggie component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 58122dba9470a1b1ffaf288857a01d42
Secunia Security Advisory 37480
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability and a weakness have been reported in DotNetNuke, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

tags | advisory, xss
MD5 | 4a40d018bf71aa1bf11d1587c112ea0f
Secunia Security Advisory 37473
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - leinakesi has reported a vulnerability in XM Easy Personal FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | e1d1858e0569853d9cd04027d15b2a93
Secunia Security Advisory 37452
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - The Wee Free Men have discovered a vulnerability in Robo-FTP, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | e1d71c493fb0c0b5f9f3cb3b95418929
Secunia Security Advisory 37409
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
MD5 | 3f827bb76718776767dbe5609fc20698
Secunia Security Advisory 37502
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for php-pear-Net-Ping. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, php
systems | linux, fedora
MD5 | 4403405c6048c27e8b896032e200e4ab
Secunia Security Advisory 37445
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Dstat, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | 57f0838769358e02aac2e3b97787bece
Secunia Security Advisory 37454
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in IBM DB2, which can potentially be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
MD5 | f37011f422bffecb9030a831114ba2a4
Secunia Security Advisory 37457
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for dstat. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, gentoo
MD5 | 7f2470be61c4e8597a73fbf8caa7caad
Secunia Security Advisory 37506
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | solaris
MD5 | a82c58cb3699b6b547076e97aaaabf8a
Secunia Security Advisory 37501
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for OpenSSL in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | hpux
MD5 | 1bec7e9d647b3fd272c507b5259ca28b
Secunia Security Advisory 37491
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
systems | solaris
MD5 | d382c2e2c110e7b89c583a8c12235852
Page 1 of 35
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close