what you don't know can hurt you
Showing 1 - 25 of 37 RSS Feed

Files Date: 2010-05-05

Secunia Security Advisory 39709
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Photoshop CS3, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 1e2b397e86d62d26bb2890b64e48c5e3
Secunia Security Advisory 39667
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in KV AntiVirus 2010, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
MD5 | 18b8fcb88e708825556df3351f94b5b6
Secunia Security Advisory 39703
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Ziepod, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 6078c0eb4a3e93337403feb08d673428
Secunia Security Advisory 39690
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in Knowledgeroot Knowledgebase, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 416c3e1041000c0067795fa34ac6e0d8
Secunia Security Advisory 39634
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in 360 Safe, which can be exploited by malicious, local users to perform certain actions with escalated privileges, cause a DoS (Denial of Service), or potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
MD5 | 96ed2935c789e8a9249fd6f30603ad6d
Secunia Security Advisory 39668
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 360 Anti-Virus and 360 Security Guard, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, virus
MD5 | 9e2365b10c27dd7ac43d9e4f339d0e72
Secunia Security Advisory 39610
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 360 Anti-Virus and 360 Security Guard, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, virus
MD5 | 06f7d002e9e842d81bd9872ccf6b507c
Secunia Security Advisory 39676
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for httpd and httpd22 for JBoss Enterprise Web Server. This fixes two vulnerabilities, which can be exploited by malicious people to gain access to potentially sensitive information or cause a DoS (Denial of Service).

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
MD5 | 4f38a4c7fad4cd15eaa922f101fce1a4
Secunia Security Advisory 39697
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, disclose potentially sensitive information, and cause a DoS (Denial of Service), and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
MD5 | be27bab20e7b7c7c6794ef7b057affc8
Samhain File Integrity Checker 2.7.0
Posted May 5, 2010
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: The login monitoring module has been enhanced to check for anomalies. The kernel integrity check now supports Linux/x86_64, as well as Linux kernels that have /dev/kmem disabled.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 862c1956de8489a14f02c6ccbcece5ba
eliteCMS 1.01 Cross Site Request Forgery
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eliteCMS version 1.01 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7bb1a38b82fc6594ae35a5d8d15be426
Zikula Application Framework 1.2.2 Cross Site Request Forgery
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Zikula Application Framework version 1.2.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | fd52d28f3cdbb626a9c5afdc5ee9875c
Core Security Technologies Advisory 2010.0427
Posted May 5, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - Prior to MS10-024 the Windows SMTP Service generated DNS queries with trivially guessable values in the transaction ID field. The issue was addressed in MS10-024 by adding a call to the 'CAsyncDns::GenerateRandWord' method when building the DNS query. Prior to MS10-024 the Windows SMTP Service did not check that the value of the ID field of a DNS response received from the network actually matched the value of the ID field of a corresponding DNS query packet previously sent. The issue was addressed in MS10-024 by adding validation logic to the 'CAsyncDns::ProcessReadIO' method.

tags | advisory
systems | windows
advisories | CVE-2010-1689, CVE-2010-1690
MD5 | 880567661ec46f1b868bdc82eb8e77c7
Mandriva Linux Security Advisory 2010-091
Posted May 5, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-091 - This update provides a new OpenOffice.org version 3.1.1. An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing. A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file. Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file. OpenOffice's xmlsec uses a bundled Libtool which might load.la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled.

tags | advisory, remote, overflow, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139, CVE-2009-2140, CVE-2009-3736
MD5 | bfbffa42ccc8de8ca867526115f1eca4
REC0N 2010 Call For Papers Reminder
Posted May 5, 2010
Authored by Recon | Site recon.cx

REC0N 2010 Call For Papers Reminder - REC0N is a security conference taking place in downtown Montreal from July 9th through the 11th.

tags | paper, conference
MD5 | 0fd998341b9eb58f7c5b230efc276aee
thEngine 0.1 Local File Inclusion
Posted May 5, 2010
Authored by TEAMELITE

thEngine version 0.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 28417b9348f51dee9ad034dc192026b1
Linux/x86 execve("/bin/bash","-p",NULL) Shellcode
Posted May 5, 2010
Authored by Jonathan Salwan

33 bytes small Linux/x86 execve("/bin/bash","-p",NULL) shellcode.

tags | x86, shellcode, bash
systems | linux
MD5 | 2ec1a8b84611e7d048b9084a13fc6d5b
Wing FTP Server 3.4.3 Directory Traversal
Posted May 5, 2010
Authored by chr1x

Wing FTP Server version 3.4.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 99358932e8dd40a1785871446b318bae
Mandriva Linux Security Advisory 2010-090
Posted May 5, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, arbitrary, local
systems | linux, mandriva
advisories | CVE-2010-0547, CVE-2010-0747
MD5 | ae59bdffeb535a58c6d96aa617891171
SQL Injection - Working With MySQL
Posted May 5, 2010
Authored by fred777

Whitepaper called SQL Injection - Working With MySQL. Written in German.

tags | paper, sql injection
MD5 | a22694a079e2fc08b732c29521256a9f
Acuity CMS 2.6.2 Cross Site Scripting
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Acuity CMS version 2.6.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 74ddc38c0f4f9b2420acd3adddb3ac2e
Technique Of Quick Exploitation Of Double Blind SQL Injection
Posted May 5, 2010
Authored by Dmitriy Evteev

Whitepaper called Technique Of Quick Exploitation Of Double Blind SQL Injection.

tags | paper, sql injection
MD5 | b87ca31d9ef9618f55bc4f419b4a0a2e
Knowledge Root 0.9.9.5 Shell Upload
Posted May 5, 2010
Authored by eidelweiss

Knowledge Root version 0.9.9.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, root
MD5 | 8383fbd1e5682632a00b99d746af02cc
eliteCMS Cross Site Scripting
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eliteCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6885cf0fb909dfb832b4236f6b3fc249
ecoCMS Cross Site Scripting
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

ecoCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 60129edf404e7ba0241cd580319bf629
Page 1 of 2
Back12Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close