what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 65 RSS Feed

Files Date: 2010-12-08

QuickTime Track Dimensions Buffer Overflow
Posted Dec 8, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when copying track content based on the track's dimensions and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-1508
SHA-256 | 911bd4b055ba39de0bc64e6b9b69f88e96dd93acfe80f04f10e0363185f748a4
HP System Management Homepage Cross Site Scripting
Posted Dec 8, 2010
Authored by ProCheckUp | Site procheckup.com

The HP System Management Homepage suffers from multiple cross site scripting vulnerabilities. Versions 3.0.0.68, 3.0.2.77 and 6.1.0.103 have all been found affected.

tags | exploit, vulnerability, xss
SHA-256 | 53a9041c70d9e51c0569b7768b8ae8e00a154b6d73b60ce6004bc7053e66c59d
Windows XP SP3 EN Calc Shellcode
Posted Dec 8, 2010
Authored by AutoSec Tools

16 bytes small Windows XP SP3 EN calc.exe shellcode.

tags | shellcode
systems | windows
SHA-256 | aefb2d72b9392d340e4821d4b2923da53aef0f272a4b51ff933a304a08c88333
Wonderware InBatch 9.0sp1 Buffer Overflow
Posted Dec 8, 2010
Authored by Luigi Auriemma | Site aluigi.org

Wonderware InBatch versions 9.0sp1 and below suffer from a buffer overflow vulnerability. Use the related file to exploit it.

tags | advisory, overflow
SHA-256 | 2b75b40f8b5d10b1aad656254bc228553139874595ce2d6695d6663ecfb75d50
RomPager 4.07 Denial Of Service
Posted Dec 8, 2010
Authored by Ricky-Lee Birtles

Rompager version 4.07 can have a reboot triggered when a specially crafted HTTP request is sent, leading to a denial of service condition.

tags | exploit, web, denial of service
SHA-256 | 7594f2f7f7806fd97a0a21bf001a9c3d88ffab017e8560d769771dd06d977d7f
Ubuntu Security Notice USN-1029-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1029-1 - It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. It was discovered that an old bug workaround in the SSL/TLS server code allowed allowed an attacker to modify the stored session cache ciphersuite. An attacker could possibly take advantage of this to force the use of a disabled cipher. This vulnerability only affects the versions of OpenSSL in Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2008-7270, CVE-2010-4180
SHA-256 | 9b2fbabcd1055b8d1ed15df519d9bfa669f526b20580aef58d06e29402c6362a
HP Security Bulletin HPSBUX02611 SSRT090201
Posted Dec 8, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02611 SSRT090201 - A potential security vulnerability has been identified with HP-UX running threaded processes. The vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2010-4108
SHA-256 | 922de3806abca904164728339dbb93c14f664ece0f8b2ef497d0516b4d01ce76
Linux Kernel 2.6.37 Local Privilege Escalation
Posted Dec 8, 2010
Authored by Dan Rosenberg

Linux kernel local privilege escalation exploit for versions 2.6.37 and below. It leverages three separate vulnerabilities to achieve root including a NULL pointer dereference, being able to assign arbitrary Econet addresses to arbitrary interfaces, and the ability to write a NULL word to an arbitrary kernel address.

tags | exploit, arbitrary, kernel, local, root, vulnerability
systems | linux
advisories | CVE-2010-4258, CVE-2010-3849, CVE-2010-3850
SHA-256 | 90c6bf981c13631f20aedf98e74ee2ce76bde194f9c594a64c300a938f3bfa47
Ubuntu Security Notice USN-1028-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1028-1 - It was discovered that ImageMagick would search for configuration files in the current directory. If a user were tricked into opening or processing an image in an arbitrary directory, a local attacker could execute arbitrary code with the user's privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2010-4167
SHA-256 | 47056107d69306034b4114396801a61897bf2714cca55fc93cd8dfe2bfb21dc1
Ubuntu Security Notice USN-1027-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1027-1 - It was discovered that Quagga incorrectly handled certain Outbound Route Filtering (ORF) records. A remote authenticated attacker could use this flaw to cause a denial of service or potentially execute arbitrary code. The default compiler options for Ubuntu 8.04 LTS and later should reduce the vulnerability to a denial of service. It was discovered that Quagga incorrectly parsed certain AS paths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-2948, CVE-2010-2949
SHA-256 | b66d0d97d8d79ee0999d1909b27ea22768f14c676a608e4b2118ecb22443582e
Ubuntu Security Notice USN-1026-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1026-1 - It was discovered that Python Paste did not properly sanitize certain strings, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss, python
systems | linux, ubuntu
advisories | CVE-2010-2477
SHA-256 | 31267294aa4741768e640b48e59f9c9c592675a288b7328f05e47d2b1f19d61e
HP Security Bulletin HPSBMI02614 SSRT100344
Posted Dec 8, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBMI02614 SSRT100344 - A potential security vulnerability has been identified with HP webOS Contacts Application. This vulnerability could be exploited to execute arbitrary HTML or JavaScript. Revision 1 of this advisory.

tags | advisory, arbitrary, javascript
advisories | CVE-2010-4109
SHA-256 | 300346358b7d27840de4d276300a90f4c5bf2302d3f2c5471046194f39f48781
Zero Day Initiative Advisory 10-262
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-262 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses directBitsRect records within a .pict file. When decompressing data within this structure, the application will allocate space for the target buffer using fields described within the file and then use a different length to decompress the total data from the file. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3800
SHA-256 | 0a777530341cc27ba50176bb4cbc81069d27fe8de07089d1c1b626878018cd9e
Zero Day Initiative Advisory 10-261
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-261 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's implementation of a custom compression algorithm. The application will trust a field within a DirectBitsRect structure which is used for an allocation, and later attempt to decompress data into this buffer. Due to the value for the allocation being different from the length of the data being decompressed a buffer overflow will occur which can lead to code execution with the privileges of the application.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-3800
SHA-256 | fe27a415bf1129d2cdcf8daf7da5a7cdc96fae5c4762eaf27cb687d10e897da4
Zero Day Initiative Advisory 10-260
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-260 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that a user must be coerced into visiting a malicious page or opening a malicious file. The specific flaw exists within Apple's support for Panoramic Images and occurs due to the application trusting a particular field for calculation of an offset. Due to the field being treated as a signed integer, the calculated offset can result in a pointer outside the bounds of the expected buffer. Upon usage of this out-of-bounds pointer, the application will write proceed to write image data to the invalid location. Successful exploitation can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3802
SHA-256 | 57ecc56fde1ce42840f9e9d4ee18fb65ce0268b41c0e2ba56800178d5c6b7d34
Zero Day Initiative Advisory 10-259
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-259 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required in that a user must be coerced into opening up a malicious document or visiting a malicious website. The specific flaw exists within the way the application parses a particular property out of a flashpix file. The application will explicitly trust a field in the property as a length for a loop over an array of data structures. If this field's value is larger than the number of objects, the application will utilize objects outside of this array. Successful exploitation can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3801
SHA-256 | 1d97f6cd8f2ac987771196e4d23b1daf775c3871a23580f7cc21416d488ac61e
Zero Day Initiative Advisory 10-258
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-258 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Quicktime.qts module responsible for parsing media files. While handling 3GP streams a function within this module a loop trusts a value directly from the media file and uses it during memory copy operations. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the user accessing the file.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-1508
SHA-256 | d1ec829fd4eaff811e23a4fe840bd69c3a66c18864010616028b8a8902cfa68b
ZRTP Protocol Library 1.5.3
Posted Dec 8, 2010
Site gnutelephony.org

ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.

Changes: Support for building the library using the Android NDK has been added, as well as C wrappers to make it easy to build with pjsip. Fixes for race conditions and better support for multi-stream mode were also added. Updated for the latest inter-operable ZRTP specs. Requires ccrtp 1.7.2 (or later), which fixes an issue with padded SRTP packets.
tags | protocol, library
systems | unix
SHA-256 | a1d0ac304ae09f5ed55684721e11fdfd45b505d65b879aa730803310aa0ad3bb
Cisco Template Manager 0.3.0
Posted Dec 8, 2010
Authored by Pavol Krigler | Site gelogic.net

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.

Changes: The CTM has better support for ACL checking. The CTM now supports the following ACL types: access list, IP access list, IPv6 access list, and MAC access list. The main difference between common section files and ACL files is the way of checking. From CTM version 0.3.0, the template ACL and Cisco ACL are compared with the diff command, which will ensure the right sequence of every ACL line.
systems | cisco, unix
SHA-256 | c0b32a95feefaf6883d8ce6334f8b09ba30e91051337331af771bd0fe446edcb
Mandriva Linux Security Advisory 2010-249
Posted Dec 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-249 - Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2010-4260, CVE-2010-4261, CVE-2010-4479
SHA-256 | d00420a0965c5f43de48674470f887dcc475ab4ccb679111164c3ca560f27022
Solarwinds Orion NPM 10.1 Cross Site Scripting
Posted Dec 8, 2010
Authored by x0skel

Solarwinds Orion NPM version 10.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 657dc482752d0c77132eaea76eb28dc4bc2621018713acc9d138fd6d6771bb89
Mandriva Linux Security Advisory 2010-248
Posted Dec 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-248 - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2010-4180
SHA-256 | 0fb80493b5de14184b37107e51a4ef79834ed23a3a5deaf0133ebe29ebebf177
VMware Security Advisory 2010-0019
Posted Dec 8, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory 2010-0019 - ESX 3.x Console OS (COS) updates for samba, bzip2, and openssl packages.

tags | advisory
advisories | CVE-2009-0590, CVE-2009-2409, CVE-2009-3555, CVE-2010-0405, CVE-2010-3069
SHA-256 | 53508d995bd3ee7696e115312bf6f130857171310cf94855d6fe67fca9362f8a
Firewall Builder With GUI 4.1.3
Posted Dec 8, 2010
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This release comes with a number of usability improvements and bugfixes, such as the addition of an Advanced User mode to reduce the number of tooltips for power users, and the addition of a new policy rule checkbox to define whether new rules have logging enabled or disabled by default. Critical bugfixes include improved support for Windows systems that use PuTTY sessions and configuration of IP broadcast addresses on interfaces. Fixes related to cluster configurations include support for import of branching rules when a cluster is created and generating NAT rules that require the iptables REDIRECT target.
tags | tool, firewall
systems | cisco, linux, unix, openbsd
SHA-256 | f8af490bc3a09124eb5ac6ce1157366530cb516cf856a398b6ece819b6e6643e
Secunia Security Advisory 42545
Posted Dec 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Processing Embed plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2fd4d7d574e412f5a18c262cae976b30536c6e2a74d37d2da7794a03af945915
Page 1 of 3
Back123Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close