what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2010-10-08

Mandriva Linux Security Advisory 2010-198
Posted Oct 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-198 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include memory disclosure, denial of service, NULL pointer dereference and privilege escalation issues.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2010-1088, CVE-2009-3228, CVE-2010-0415, CVE-2009-3620, CVE-2010-0622, CVE-2009-2287, CVE-2009-3722, CVE-2009-4308, CVE-2009-2846, CVE-2010-2521, CVE-2008-7256, CVE-2010-1162, CVE-2010-1643, CVE-2010-1173, CVE-2010-1187, CVE-2010-1173, CVE-2010-2248, CVE-2010-2492
SHA-256 | 9b5198e025901d7e83cb9d7ed6a8a856074baa405387532a1558ef7da79896f5
Ubuntu Security Notice 1002-2
Posted Oct 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1002-2 - USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-3433
SHA-256 | 085a6581138140094c3a3e7e5218e13c206bda65a3d3ed3d068b202fda63e0ba
Ubuntu Security Notice 1003-1
Posted Oct 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1003-1 - It was discovered that OpenSSL incorrectly handled return codes from the bn_wexpand function calls. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. It was discovered that OpenSSL incorrectly handled certain private keys with an invalid prime. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-3245, CVE-2010-2939
SHA-256 | b2e715ef6350c014f2ef81d22da60aa3be6b6ec9f0721564b45fce3833ccb3a8
Ubuntu Security Notice 1002-1
Posted Oct 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1002-1 - It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.

tags | advisory, remote, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2010-3433
SHA-256 | d38447e625136f99a89cecd34849184cf00b07d42061e2c9072142a231c9438c
Visual Synapse Directory Traversal
Posted Oct 8, 2010
Authored by Felipe Daragon | Site syhunt.com

Visual Synapse HTTP server suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
advisories | CVE-2010-3743
SHA-256 | 038f38bdf4e7117803ec5bc6d22f030c1807fe0e79f28bb04eb182d7d342adfb
Mandos Encrypted File System Unattended Reboot Utility 1.2.2
Posted Oct 8, 2010
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: This is a minor release to fix compilation of the client with non-Linux kernels.
tags | remote, root
systems | linux
SHA-256 | f3245eea6c63f8271309ec0e19713906d8cbec8278a5dd9bc25b21e63493ae10
Multiple Vendors libc/glob(3) Resource Exhaustion
Posted Oct 8, 2010
Authored by Maksymilian Arciemowicz

libc/glob(3) suffers from a resource exhaustion vulnerability. Proof of concept code included. Affected includes OpenBSD 4.7, NetBSD 5.0.2, FreeBSD 7.3/8.1, Oracle Sun Solaris 10 and GNU Libc (glibc).

tags | exploit, proof of concept
systems | netbsd, solaris, freebsd, openbsd
advisories | CVE-2010-2632
SHA-256 | 0fe71b6c891ef4cf59d9008f85704335ab1de299aa1ecc8f4f06ae19461af5cd
xWeblog 2.2 SQL Injection
Posted Oct 8, 2010
Authored by KnocKout

xWeblog version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8643efd51e38d75481766b28531e836163d65c18f2c844aa1ee8213d43c8c046
Adobe Reader 9.3.4 Multiple Memory Corruption Issues
Posted Oct 8, 2010
Authored by Brett Gervasoni | Site senseofsecurity.com.au

Adobe Reader version 9.3.4 is vulnerable to multiple memory corruption vulnerabilities. By sending specially crafted PDF files it is possible to cause memory corruption in the 3difr and AcroRd32.dll modules. Both issues trigger a null pointer condition which results in an access violation. The issue in AcroRd32.dll is triggered when Adobe Reader is closed.

tags | advisory, vulnerability
advisories | CVE-2010-3630
SHA-256 | 8cc088f240fc45c266a250afb545cea36a5bbe247a4e721a59aa2a79ae7d9a37
MD5 Online Site Cracker
Posted Oct 8, 2010
Authored by FuRt3X

This shell script takes in a md5 sum and uses various online cracking resources to try and figure out what was hashed.

tags | shell, cracker
SHA-256 | b4bde0e95d3672d6aed81e49a5aa2f7653d49d7b9b0fce5ca6c48c4dddb8ae3b
Joomla Lurm Remote File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla Lurm component suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c798d1cbdb22f152a28b8bd6c936a82b28aa77f627e846a09f05d0e5a0f4b403
Joomla Picasa2 Local File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla Picasa2 component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d9a82f924418130b64f5ae0233801712dad5665af836941b8425d3eccc74a4f5
Joomla Jeformcr Local File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla Jeformcr component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 85a8a5289f334c23cc2fa7f75e1dc8527dfd8d072f937043429b999db34b25c6
Joomla JCS Remote File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla JCS component suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | dda225cbfdfcdcc3cd7386333663c1d8f093c903de62c95cd1954507ab155ffd
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close