what you don't know can hurt you
Showing 1 - 25 of 28 RSS Feed

Files Date: 2011-02-18

Forgotten World - Corporate Business Application Systems
Posted Feb 18, 2011
Authored by Val Smith, Sh2kerr

Whitepaper called Forgotten World - Corporate Business Application Systems. This paper will describe some basic and advanced threats and attacks on Enterprise Business Applications – the core of many companies. Both the paper and Blackhat DC presentation are included in this archive.

tags | paper
systems | linux
MD5 | 749bcfc8f3e2ab51464f7114af8ae6c4
Mandriva Linux Security Advisory 2011-029
Posted Feb 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-029 - Multiple vulnerabilities have been discovered and fixed in the Linux 2.6 kernel. The X.25 implementation does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed data, a different vulnerability than CVE-2010-4164. The bcm_connect function Broadcast Manager in the Controller Area Network implementation in the Linux creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename. The install_special_mapping function in mm/mmap.c does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. Various other issues have also been addressed.

tags | advisory, remote, denial of service, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3873, CVE-2010-4565, CVE-2010-4346, CVE-2010-4158, CVE-2010-3874, CVE-2010-4163, CVE-2010-4164, CVE-2009-4307, CVE-2010-4162, CVE-2010-3015, CVE-2010-4258, CVE-2010-3875, CVE-2010-3067, CVE-2010-4248, CVE-2010-3437, CVE-2010-3877, CVE-2009-2406, CVE-2010-3859, CVE-2010-4073, CVE-2010-4072, CVE-2010-3705, CVE-2010-4165, CVE-2010-3310, CVE-2010-3698
MD5 | b09673d46bd0c26aeac9afa523e5a306
WSN Guest 1.24 SQL Injection
Posted Feb 18, 2011
Authored by Aliaksandr Hartsuyeu | Site evuln.com

WSN Guest version 1.24 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a326f8e87062f3c90aa0a2ad6bb9097d
phpBugTracker 1.0.5 Cross Site Scripting
Posted Feb 18, 2011
Authored by LiquidWorm | Site zeroscience.mk

phpBugTracker version 1.0.5 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | aef873c23931701a5f4a1ca4f43fa905
Zero Day Initiative Advisory 11-089
Posted Feb 18, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks Configuration Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the novell-tftp.exe component which listens by default on UDP port 69. When handling a request the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the ZenWorks user.

tags | advisory, remote, arbitrary, udp
advisories | CVE-2010-4323
MD5 | 5ce4cc81459637a23893dc8744054f36
Joomla MyGarage SQL Injection
Posted Feb 18, 2011
Authored by Fl0riX

The Joomla MyGarage component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cf4b098c705af36eafe7bad6b4779a56
MNS Portal SQL Injection
Posted Feb 18, 2011
Authored by d3c0der

MNS Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a2c895b2efa8bd4e05e115ef34d9abb6
Ubuntu Security Notice USN-1067-1
Posted Feb 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1067-1 - It was discovered that Gabble did not verify the from field of google jingleinfo updates. This could allow a remote attacker to perform man in the middle attacks (MITM) on streamed media.

tags | advisory, remote
systems | linux, ubuntu
MD5 | 5352d071ada5553c404e45f9fcaa1179
Ubuntu Security Notice USN-1066-1
Posted Feb 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1066-1 - It was discovered that Django did not properly validate HTTP requests that contain an X-Requested-With header. An attacker could exploit this vulnerability to perform cross-site request forgery (CSRF) attacks. It was discovered that Django did not properly sanitize its input when performing file uploads, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, web, vulnerability, xss, file upload, csrf
systems | linux, ubuntu
advisories | CVE-2011-0696, CVE-2011-0697
MD5 | 04edf46e81e8526c2ecb6fab7417cecf
FlatNux 2011-01.26 Denial Of Service / Path Disclosure
Posted Feb 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

FlatNux version 2011-01.26 suffers from denial of service and path disclosure vulnerabilities.

tags | exploit, denial of service, vulnerability, info disclosure
MD5 | ed193221e352e7ff729938796128c10e
Coppermine 1.5.12 Path Disclosure
Posted Feb 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Coppermine version 1.5.12 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | f24131f4ed8d6bfa6e96b59ad3712e4d
Secunia Security Advisory 43363
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some weaknesses and a vulnerability, which can be exploited by malicious, local users to disclose certain system information and gain escalated privileges.

tags | advisory, kernel, local
systems | linux, redhat
MD5 | 0773144df740c779bd0473ecd19e70c4
Secunia Security Advisory 43337
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Oracle Database, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | e592f58a2a6aa68a0271a86d2b25f34a
Secunia Security Advisory 43388
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for openoffice.org. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.

tags | advisory, local, vulnerability
systems | linux, fedora
MD5 | 1d3209f2a83e6e978ee1cd3dd170fe66
Secunia Security Advisory 43323
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for ffmpeg-debian. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, debian
MD5 | f0d0a4096803c294aedee8e6540ab36e
Secunia Security Advisory 43393
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Security Agent, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | cisco
MD5 | a75ab2de69e9040395c65c1d1310f7e1
Secunia Security Advisory 43366
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, redhat
MD5 | d333e69a75cf07904fb229c3bb3866df
Secunia Security Advisory 43365
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for bash. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, bash
systems | linux, redhat
MD5 | 902b6301707f1b76edb2c22aa12d95dd
Secunia Security Advisory 43264
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe ColdFusion, which can be exploited by malicious people to disclose certain information, conduct cross-site scripting, HTTP header injection, and session fixation attacks.

tags | advisory, web, vulnerability, xss
MD5 | b86556a0dddfbc289acf25419bd3bdcb
Secunia Security Advisory 43256
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Enable Media Replace plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
MD5 | 827041d48fac8f8cb867c49260780b27
Secunia Security Advisory 43345
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for shadow. This fixes a vulnerability, which can be exploited by malicious, local users to manipulate certain data.

tags | advisory, local
systems | linux, debian
MD5 | 27c46fa25ab02a547262137bcbf66d4f
Secunia Security Advisory 43367
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for ccs. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, redhat
MD5 | 391f2d4ee27b9cdb393c8c6c716647a0
Secunia Security Advisory 43400
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged a vulnerability in HP NonStop Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 2d999166e40a7c00af56b1f8c0b7460d
Secunia Security Advisory 43369
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Telepathy Gabble, which can be exploited by malicious people to conduct hijacking attacks.

tags | advisory
MD5 | c736c08c989a80999ef1251582a0295b
Secunia Security Advisory 43316
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for telepathy-gabble. This fixes a vulnerability, which can be exploited by malicious people to conduct hijacking attacks.

tags | advisory
systems | linux, ubuntu
MD5 | dcb85699f1544cc6a0d198ef7a6ec0e9
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close