the original cloud security
Showing 1 - 25 of 48 RSS Feed

Files Date: 2011-01-21

Oracle Database Vault Administrator Session ID Disclosure
Posted Jan 21, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database Server versions 10gR2, 11gR1 and 11gR2 suffer from a session id extraction vulnerability.

tags | advisory, info disclosure
advisories | CVE-2010-4420
MD5 | a537798a46d50f5a9df7a2810f2b61b3
Oracle Database Vault Administrator XSRF
Posted Jan 21, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Database Vault Administrator web console lacks any sort of cross site request forgery protection.

tags | advisory, web, csrf
advisories | CVE-2010-4421
MD5 | 179cb7fb85f40a480b0f9645b120c3bb
OracleRemExecService Command Execution
Posted Jan 21, 2011
Authored by Martin Rakhmanov | Site appsecinc.com

Team SHATTER Security Advisory - It is possible to execute arbitrary operating system commands as localsystem when certain maintenance tasks are executed. For instance, when Database Configuration Assistant is invoked or Oracle Universal Installer is used to modify features. These tools use a Windows service to execute various commands: the service itself relies on a named pipe to receive the commands. The pipe handling is not secure enough resulting in the vulnerability.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2010-4423
MD5 | ac0d1453731427cbe0e648edf443dd95
SplashID 5.5 / SplashID Lite 4.6 For iPhone Password Caching Issue
Posted Jan 21, 2011
Authored by Philip Chase

SplashID version 5.5 for iPhone and SplashID Lite version 4.6 for iPhone suffer from a password caching issue that allows for the unlock of a database.

tags | exploit
systems | apple, iphone
MD5 | 6c43ec0c2888e52164ea4ea96177810a
Gentoo Linux Security Advisory 201101-09
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4546, CVE-2009-3793, CVE-2010-0186, CVE-2010-0187, CVE-2010-0209, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182
MD5 | 9f2ff7f25d3cc3ffeb917a714d00127a
Gentoo Linux Security Advisory 201101-08
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-8 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code. Versions less than 9.4.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3632, CVE-2010-3654, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658, CVE-2010-4091
MD5 | 98e7d50f17366ee95d5d8202c8335c03
Mandriva Linux Security Advisory 2011-018
Posted Jan 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-018 - A patch for parse.c in sudo does not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2011-0008, CVE-2011-0010
MD5 | d5328b49e5861521e02e0e3336f794e8
Mandriva Linux Security Advisory 2011-017
Posted Jan 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-017 - It was discovered that tetex suffered from the same vulnerability as previously addressed in Evince with MDVSA-2011:005. As a precaution tetex has been patched to address this flaw.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-2642
MD5 | 8e10ea2c37aba7ae4698ec2674ec676b
Mandriva Linux Security Advisory 2011-016
Posted Jan 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-016 - It was discovered that t1lib suffered from the same vulnerability as previously addressed in Evince with MDVSA-2011:005.As a precaution t1lib has been patched to address this flaw.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-2642
MD5 | ba0fa487941eb026bc916a0c12e5712b
HP Security Bulletin HPSBMA02622 SSRT100342
Posted Jan 21, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02622 SSRT100342 - A potential security vulnerability has been identified with HP Business Availability Center (BAC) and Business Service Management (BSM) . The vulnerability could be remotely exploited to allow Cross Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2011-0274
MD5 | 0f93665705f361ac6ff4e84488480d7f
HP Security Bulletin HPSBUX02623 SSRT100355
Posted Jan 21, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02623 SSRT100355 - Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited remotely by an unauthorized user to modify data, prompts, or responses. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | hpux
advisories | CVE-2010-1324
MD5 | 4610d589a196742d4ea3eb2ccc4a8746
Look N Stop 2.06p4 / 2.07 Denial Of Service
Posted Jan 21, 2011
Authored by Stefan Le Berre

Look N Stop versions 2.06p4 and 2.07 local denial of service exploit.

tags | exploit, denial of service, local
MD5 | 40501a79ae6ab0520d6dfe71ff852cf9
Panda Global Protection 2010 Local Denial Of Service With Unfiltered wcscpy()
Posted Jan 21, 2011
Authored by Stefan Le Berre

Panda Global Protection 2010 version 3.01.00 local denial of service exploit with unfiltered wcscpy().

tags | exploit, denial of service, local
MD5 | b14caa15494be135e91e47a461ce430d
Panda Global Protection 2010 Local Denial Of Service
Posted Jan 21, 2011
Authored by Stefan Le Berre

Panda Global Protection 2010 version 3.01.00 local denial of service exploit.

tags | exploit, denial of service, local
MD5 | 53c359f48b4f0a1a829a68a029ff5862
PHP Lowbids Blind SQL Injection
Posted Jan 21, 2011
Authored by BorN To K!LL

PHP Lowbids suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 9c5d36950336878bb366456a64fe0769
Malmon Detection Tool 0.1b
Posted Jan 21, 2011
Authored by ShadowX | Site sourceforge.net

Malmon is a real-time exploit/backdoor detection tool for Linux that audits the integrity of files in a given directory.

tags | tool, integrity
systems | linux, unix
MD5 | 8386a5519eea6223d969429cd0397eb9
RFC6056 - Recommendations For Transport-Protocol Port Randomization
Posted Jan 21, 2011
Authored by Fernando Gont, Michael Vittrup Larsen

RFC6056 has been released and is titled Recommendations for Transport-Protocol Port Randomization.

tags | paper, protocol
MD5 | abc44d0bfb92bd17e3ca816dd1e1a6c7
BlackBerry Denial Of Service
Posted Jan 21, 2011
Site tehtri-security.com

RIM has released a patch to address the denial of service vulnerability discovered by TEHTRI-Security in BlackBerry devices.

tags | advisory, denial of service
advisories | CVE-2010-2599
MD5 | c945abcb6eda6716a0d7a92e7d2ae87b
R-U-Dead-Yet Denial Of Service Tool 2.2
Posted Jan 21, 2011
Authored by Raviv Raz | Site code.google.com

R-U-Dead-Yet is a universal DoS attack tool written in Python. It will attack all and any web applications / servers. Runs either in unattended mode using configuration file or in an interactive auto-discover-web-forms mode.

Changes: RUDY handles ports other than 80 now.
tags | web, denial of service, python
systems | unix
MD5 | 306389a496410e5be9ecfeed8f30decb
Secunia Security Advisory 42954
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Citrix Provisioning Services, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 9b2aa887c89571bd620d0b4287a982bd
Secunia Security Advisory 42992
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Outside In Technology, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | 3204af812fd776c58402fef026410107
Secunia Security Advisory 42960
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, debian
MD5 | a42026d2060088df1ba33df0124bc84b
Secunia Security Advisory 42971
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Iconfidant SSL, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 659c1d9c041496c71f12a4fe5c771e24
Secunia Security Advisory 43007
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Phpcms 2008, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 66fe83a0a9264106455c8b94a1a4fdf7
Secunia Security Advisory 42966
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libuser. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
MD5 | f25779f09f4079ca88531945ce609b5c
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close