exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 46 RSS Feed

Files Date: 2009-12-03

OrzHTTPD Format String
Posted Dec 3, 2009
Authored by Patroklos Argyroudis | Site census-labs.com

OrzHTTPD remote format string exploit.

tags | exploit, remote
SHA-256 | 6dba0af58e8c2b36162a84d70b04be390a5cd60b643597c4d644a6872effe278
Core Security Technologies Advisory 2009.0911
Posted Dec 3, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - DAZ Studio is a 3D figure illustration/animation application released by DAZ 3D Inc. DAZ Studio can be accessed via a scripting language which allows for quite a bit of diversity in tool creation. DAZ Studio does not ask for any confirmation from the user prior to executing a scripting file with any of the following extensions: .ds, .dsa, .dse, .dsb. An attacker could abuse the scripting interface by enticing an unsuspecting user to open a malicious scripting file, thus obtaining remote code execution. Proof of concept code included.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2009-4148
SHA-256 | bc2f5464386e3be721cdbc8b583c0470e0611c6c6ed620163db7b5157d15915b
Ubuntu Security Notice 863-1
Posted Dec 3, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 863-1 - It was discovered that QEMU did not properly setup the virtio networking features available to its guests. A remote attacker could exploit this to crash QEMU guests which use virtio networking on Linux kernels earlier than 2.6.26.

tags | advisory, remote, kernel
systems | linux, ubuntu
SHA-256 | d718ab3b40e66576dfc8b22a4d3385387c8f8dcc007a154a5dddd7e6974ca042
FreeBSD Security Advisory - freebsd-update
Posted Dec 3, 2009
Site security.freebsd.org

FreeBSD Security Advisory - A local user can read files which have been updated by freebsd-update(8), even if those files have permissions which would normally not allow users to read them. In particular, on systems which have been upgraded using 'freebsd-update upgrade', local users can read freebsd-update's backed-up copy of the master password file.

tags | advisory, local
systems | freebsd
SHA-256 | ded36262fd7c099273370d8e7b7df7dcd74a6ee0b857538117b791ae99da12b6
FreeBSD Security Advisory - rtld
Posted Dec 3, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The run-time link-editor, rtld, links dynamic executable with their needed libraries at run-time. It also allows users to explicitly load libraries via various LD_ environmental variables.

tags | advisory
systems | freebsd
advisories | CVE-2009-3555
SHA-256 | 43cd0a5c752f6ee28c98c000a73357ee02baaf6cfca10e1ff8d34ae1cd5fecd1
FreeBSD Security Advisory - SSL
Posted Dec 3, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The SSL version 3 and TLS protocols support session renegotiation without cryptographically tying the new session parameters to the old parameters.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2009-3555
SHA-256 | 83f0097f23e71e96656c550bd67180eab9bdaff2b8488afde19399d0ccd4562d
Mandriva Linux Security Advisory 2009-310
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-310 - Multiple security vulnerabilities has been identified and fixed in OpenSSL.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2009-2409
SHA-256 | 0dacbc11230717ec843f94df0a14966959ed125db03db8ada5edb5032c784039
Mandriva Linux Security Advisory 2009-309
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-309 - Requesting peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd. Packages for 2008.0 are being provided due to extended support for Corporate products. The updated packages have been patched to prevent this.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2009-0159, CVE-2009-1252
SHA-256 | 569d44718c363b879165cccc2876ddae82c144ec8ac5703c54ea660ec473034e
Mandriva Linux Security Advisory 2009-308
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-308 - gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup. A vulnerability have been discovered and corrected in GnuTLS before 2.8.2, which could allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. Packages for 2008.0 are being provided due to extended support for Corporate products. This update fixes this vulnerability.

tags | advisory, remote, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-1417, CVE-2009-2730
SHA-256 | bcab65810e1df1bbd34d0446f0107046e9266266308d7551d40416e63d8ef9f3
Mandriva Linux Security Advisory 2009-113
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-113 - Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via strings that are used as input to the sasl_encode64 function in lib/saslutil.c. The updated packages have been patched to prevent this. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-0688
SHA-256 | 21fbbd4a48f81f37d84b4f2776bc6bb2121cf2d05871288600049d4f47db34ab
Mandriva Linux Security Advisory 2009-112
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-112 - racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue. Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-1574
SHA-256 | 69793353b8d7b35aec80d72ee1d6a92d682557bc220b3f9e674385ecead7cf16
Mandriva Linux Security Advisory 2009-108
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-108 - A stack-based buffer overflow was found in the zsh command interpreter. An attacker could use this flaw to cause a denial of service (zsh crash), when providing a specially-crafted string as input to the zsh shell. The updated packages have been patched to prevent this. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, denial of service, overflow, shell
systems | linux, mandriva
SHA-256 | 6cbc76f65146a3b8effc80987d46edcf43bda5f3ea280d051ee04d94629da92a
Mandriva Linux Security Advisory 2009-107
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-107 - The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop. The updated packages have been patched to prevent this. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, remote, denial of service
systems | linux, unix, mandriva
advisories | CVE-2009-0798
SHA-256 | a62d99de81c69b522787773310efe6c650118ee757b7f86bc21089f418655dc8
Mandriva Linux Security Advisory 2009-106
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-106 - Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file. The updated packages have been patched to prevent this. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1364
SHA-256 | 5cb44f12c77908cfbf9ca906f929f9aea4dee9928984eed0e19f2d787203cd4a
Mandriva Linux Security Advisory 2009-103
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-103 - Security vulnerabilities have been identified and fixed in udev. udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments. The updated packages have been patched to prevent this. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, denial of service, overflow, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1185, CVE-2009-1186
SHA-256 | 38de169c54c1efda77134db6247a0bf49fc5eaef401aae8c03d5516972c6e537
Mandriva Linux Security Advisory 2009-197
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-197 - Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws, and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate. This update provides the latest versions of NSS and NSPR libraries which are not vulnerable to those attacks. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, spoof, code execution
systems | linux, mandriva
advisories | CVE-2009-2408, CVE-2009-2409, CVE-2009-2404
SHA-256 | ecd423cda5abf43a8f153f67b66965b14d04a924ca31a32378cc5c2e7e74b029
Mandriva Linux Security Advisory 2009-217
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-217 - A number of security vulnerabilities have been discovered in Mozilla Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate. A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Packages for 2008.0 are being provided due to extended support for Corporate products.

tags | advisory, denial of service, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2408, CVE-2009-3720
SHA-256 | 042df619289149414468593fc222a4e12bebd8929de0148ed365c11a1e535552
DISA SRR Root Compromise
Posted Dec 3, 2009
Authored by Frank Stuart

Running DISA SRR scripts against your server can get you easily rooted. They run arbitrary binaries discovered on the filesystem as root. They apparently need another Security Readiness Review script to first audit their own Security Readiness Review scripts.

tags | exploit, arbitrary, root
SHA-256 | 13c50db414a49c32d5f4758f05426bdffeba0664c8c8b172b8b141a84fe10206
Adobe Illustrator CS4 Buffer Overflow
Posted Dec 3, 2009
Authored by Nine:Situations:Group::pyrokinesis | Site retrogod.altervista.org

Adobe Illustrator CS4 version 14.0.0 encapsulated postscript (.eps) overlong DSC comment buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 2dbc0e700b5a622ea3f8e6e9580fd2b2dab0e7bf9d96f236cb3d6ceaa60cf7a8
Debian Linux Security Advisory 1945-1
Posted Dec 3, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1945-1 - Sylvain Beucler discovered that gforge, a collaborative development tool, is prone to a symlink attack, which allows local users to perform a denial of service attack by overwriting arbitrary files.

tags | advisory, denial of service, arbitrary, local
systems | linux, debian
advisories | CVE-2009-3304
SHA-256 | 1383da289d3e1996965ea6534d01b05ec42891bd1298683faf3e32106bdfce5b
Debian Linux Security Advisory 1944-1
Posted Dec 3, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1944-1 - Mikal Gule discovered that request-tracker, an extensible trouble-ticket tracking system, is prone to an attack, where an attacker with access to the same domain can hijack a user's RT session.

tags | advisory
systems | linux, debian
advisories | CVE-2009-3585
SHA-256 | b8afd96299c13b8d33964b4f08810dbf33d994f708756d1d83ce5007438b0fc6
Debian Linux Security Advisory 1943-1
Posted Dec 3, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1943-1 - It was discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, when OpenSSL is used, does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

tags | advisory, arbitrary, spoof, protocol
systems | linux, debian
advisories | CVE-2009-3767
SHA-256 | 51089e82cdb37535b632168d923a1d7d96c2ea14a23c7475f565b440dedd4510
Secunia Security Advisory 37545
Posted Dec 3, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and some vulnerabilities have been reported in IBM WebSphere Application Server for z/OS, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 2148ba504faf3803721a44b8acf827ea27d99475088809de87bc7836819e2209
Secunia Security Advisory 37574
Posted Dec 3, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sun Java System Portal Server, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, java, vulnerability, xss
SHA-256 | 02845c05c852bc15454609631c8b5b2a2c800f0f04caeef5deb4d8970d08b99a
Secunia Security Advisory 37566
Posted Dec 3, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris and Sun Java Enterprise System, which can be exploited by malicious people to manipulate certain data.

tags | advisory, java
systems | solaris
SHA-256 | 9eb16fb207fb36596949feadcba4f38a36d92df9590050a9822ee98f8eced587
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close