what you don't know can hurt you
Showing 1 - 25 of 69 RSS Feed

Files Date: 2011-03-03

iDEFENSE Security Advisory 2011-03-02.1
Posted Mar 3, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 03.02.11 - Remote exploitation of a heap memory corruption vulnerability in Apple Inc.'s CoreGraphics library could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs during the processing of an embedded International Color Consortium (ICC) profile within a JPEG image. A small block of heap memory may be allocated for processing certain profile data. An index value is used to reference locations within this heap block. The index value can be manipulated in a manner that results in multiple memory writes to locations outside the bounds of the heap allocated block. This condition may lead to arbitrary code execution.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0170
SHA-256 | 5d8ce00016e6e084ef0137a0b05bd32f312d8df1e68e87c3acaed784c103df61
HP Security Bulletin HPSBUX02638 SSRT100339
Posted Mar 3, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02638 SSRT100339 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to execute arbitrary code or create a Denial of Service (DoS) or an authentication bypass. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2010-4252
SHA-256 | 719f5ef4963f2e723d99432e1c22ccc24d50e19a6d7fa0dbfcfc1f74312408b3
Packet Fence 2.1.0
Posted Mar 3, 2011
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: New hardware support (Avaya, Cisco, and Nortel). Easier startup error messages and configuration verification in the Web Administration panel. Important bugfixes related to Linux Desktop support, error handling, VoIP support, and device auto-registration. A new Brazilian Portuguese translation.
tags | tool, remote
systems | unix
SHA-256 | 7bfebb8602317e796ef5b78a5ffa14317176fec2f01032aeeb928a4f548d49e6
Mandriva Linux Security Advisory 2011-040
Posted Mar 3, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-040 - It was discovered that pango did not check for memory reallocation failures in hb_buffer_ensure() function. This could trigger a NULL pointer dereference in hb_buffer_add_glyph(), where possibly untrusted input is used as an index used for accessing members of the incorrectly reallocated array, resulting in the use of NULL address as the base array address. This can result in application crash or, possibly, code execution. The updated packages have been patched to correct this issue.

tags | advisory, code execution
systems | linux, mandriva
advisories | CVE-2011-1002
SHA-256 | c5b09e373563ef82a7c5f2f1998cb4c70210c22b3280d4d73887ba393b446858
Pragyan CMS 3.0 Beta Cross Site Request Forgery / Cross Site Scripting
Posted Mar 3, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Pragyan CMS version 3.0 Beta suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 6fc288af9234dbe29d6330100758b4a53c3ecb6d42325eb4f11402bc972cca3d
xtcModified 1.05 Cross Site Scripting
Posted Mar 3, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

xtcModified version 1.05 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 23dfcf7948ec24b6566f99e0520a0a538616b45a0ebc5ecc27b42b4d1f097a59
HP Security Bulletin HPSBPI02640 SSRT100410
Posted Mar 3, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02640 SSRT100410 - A potential security vulnerability has been identified with HP MFP Digital Sending Software running on Windows. The vulnerability could cause authentication to be disabled for managed devices. This could allow access to the devices from the Digital Sending Software without authentication. Revision 1 of this advisory.

tags | advisory
systems | windows
advisories | CVE-2011-0279
SHA-256 | 5746bedad7571c5a36e7f28a7454d2f489bee5962b6c4e1ed63a7d158a676d39
iDEFENSE Security Advisory 2011-03-01.1
Posted Mar 3, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 03.01.11 - Remote exploitation of a heap memory corruption vulnerability in Apple Inc.'s CoreGraphics library could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs during the processing of an embedded International Color Consortium (ICC) profile within a JPEG image. A small block of heap memory may be allocated for processing certain profile data. An index value is used to reference locations within this heap block. The index value can be manipulated in a manner that results in multiple memory writes to locations outside the bounds of the heap allocated block. This condition may lead to arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, cgi, php
advisories | CVE-2011-0344
SHA-256 | 4e6d4aaf9f71ed1c8a1178ef8f377208f6f46c21421673d0d8e75e0af039ce4a
Debian Security Advisory 2180-1
Posted Mar 3, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2180-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Roberto Suggi Liverani discovered that the sanitizing performed by ParanoidFragmentSink was incomplete. Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue. Crashes in the layout engine may lead to the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Various other issues have also been addressed.

tags | advisory, overflow, arbitrary, javascript, vulnerability
systems | linux, debian
advisories | CVE-2010-1585, CVE-2011-0051, CVE-2011-0053, CVE-2011-0054, CVE-2011-0055, CVE-2011-0056, CVE-2011-0057, CVE-2011-0059
SHA-256 | 54f9e96aaceb4666fbde87ab89afa2d7d4a85564efa06a363d3fde81e8d299c0
Ubuntu Security Notice USN-1050-1
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1050-1 - Multiple vulnerabilities have been addressed in the thunderbird package. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript execution in chrome documents. A malicious extension could exploit this to execute arbitrary code with chrome privileges. Jordi Chancel discovered a buffer overflow in the JPEG decoding engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program.

tags | advisory, overflow, arbitrary, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-1585, CVE-2011-0053, CVE-2011-0061, CVE-2011-0062
SHA-256 | 8836e577ee50f8d9c44c673cd6c2023b5e0e25863e404007a67ab72883b61ce8
Ubuntu Security Notice USN-1049-1
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1049-1 - Multiple vulnerabilities have been addressed in the firefox and xulrunner packages. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. Daniel Kozlowski discovered that a JavaScript Worker kept a reference to memory after it was freed. Various other issues have also been addressed.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-1585, CVE-2011-0051, CVE-2011-0053, CVE-2011-0054, CVE-2011-0055, CVE-2011-0056, CVE-2011-0057, CVE-2011-0058, CVE-2011-0059, CVE-2011-0061, CVE-2011-0062, CVE-2011-0056
SHA-256 | 11df6da5cbb40528cbeafb93b5bdd7aa9e44b8fac9ccabdb424704d5222d3bd2
Multi Threaded TCP Port Scanner 1.0
Posted Mar 3, 2011
Authored by SecPoint | Site secpoint.com

This is a basic TCP SYN scanner that is multi-threaded.

tags | tool, scanner, tcp
systems | unix
SHA-256 | 7ec41f9e7140b20deaff3b8f9290a371a5bfddcd4bf07837103b1ec7fd7f13c6
Zero Day Initiative Advisory 11-103
Posted Mar 3, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-103 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within js3250.dll. In the JSON.stringify() call chain js_HasOwnProperty() is called with an invalid pointer. The pointer becomes invalid due to being unrooted and garbage collection occurring. Dereferencing of this pointer allows a remote attacker to execute arbitrary code in the context of the user running the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-0055
SHA-256 | c15afb4e793f40a302ba89dc854e103efcea0467cf546b6e5f6afec330beeb7b
Zero Day Initiative Advisory 11-102
Posted Mar 3, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-102 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Postgres Plus Advanced Server DBA Management Server. Authentication is not required to exploit this vulnerability. The flaw exists within the DBA Management Server component which listens by default on TCP ports 9000 and 9363. When handling client authentication the server does not properly enforce restrictions on accessing the jmx-console or web-console directly. These consoles allow arbitrary instantiation of classes. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the server.

tags | advisory, remote, web, arbitrary, tcp
SHA-256 | 7f4beb3fcd56f2371370c3adbb9dd3957c4900477c1a532e05e7e6b77eab2795
Ubuntu Security Notice USN-1083-1
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1083-1 - Multiple vulnerabilities have been discovered and addressed in the Linux 2.6 kernel. Al Viro discovered a race condition in the TTY driver. Gleb Napatov discovered that KVM did not correctly check certain privileged operations. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packats. Many other issues have also been addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-0435, CVE-2010-2066, CVE-2010-2226, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2537, CVE-2010-2538, CVE-2010-2798, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3084, CVE-2010-3296, CVE-2010-3297
SHA-256 | 54cb1f4aa7b55d1d5bede6d79988ac926e5fd1c698bb4ab072e98146004d10c9
Tickling CGI Problems
Posted Mar 3, 2011
Authored by Shane A. Macaulay, Derek Callaway | Site security-objectives.com

Tickling CGI Problems is a whitepaper that focuses on the security of Tcl CGI scripts.

tags | paper, cgi
SHA-256 | 1298ddc346dcf21a262702c2826861718c460a4dec46483f991250a955c817bb
BruCON 2011 Call For Papers
Posted Mar 3, 2011
Site brucon.org

The BruCON 2011 Call For Papers has been officially announced. It will be held in Brussels, Belgium from September 19th through the 20th, 2011.

tags | paper, conference
SHA-256 | abd7a7346472a70776ade9191fe7d39a130dde5cad99316c5df52a3967b7db9d
Zero Day Initiative Advisory 11-101
Posted Mar 3, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-101 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the library implements the .sort function for an array. The library will trust the implementation of a particular method which when executed can be used to manipulate elements out from underneath it. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple, iphone
advisories | CVE-2011-0154
SHA-256 | 1a550e64275a99a97c2cd144a19e10ae76d63bdb28cca95691cb8df9e59bde23
Zero Day Initiative Advisory 11-100
Posted Mar 3, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-100 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a specially formatted HTML file. When parsing a particular element that also defines the namespace of the document, the library will call a dangling pointer which is consistent but unmapped. Due to this being unmapped, if an attacker can get code loaded at that address this can can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0149
SHA-256 | afcf6790ad3bd7262a4157a6a7ba168b143bcaec19cda2c84fe69cc919215e92
Zero Day Initiative Advisory 11-099
Posted Mar 3, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-099 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the application handles floating blocks in certain situations. When performing layout operations for a floating block produced by a pseudo-element, the application will attempt to access glyph data that hasn't been fully assigned into the glyph data hashmap. Due to this type being incomplete, this can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0133
SHA-256 | 0bc533335809df4a9517760a808b2d7ea9a75bb5c2e383c1786a4c266efe8f50
Moscrack WPA Cluster Cracker 2.01b
Posted Mar 3, 2011
Authored by Ryan Babchishin | Site moscrack.sourceforge.net

Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).

Changes: Significant performance improvements were made. Variable chunk size support and a node multiplier setting were added. Auto-tuning mode was added for node multiplier. Fastest node prioritization is done. The documentation on new features was updated.
tags | cracker
systems | unix
SHA-256 | 72561acd14c84ecec909167d27343a8b27a65938523aafc053e663e0b06674fe
TIOD 1.3.3 For iPhone / iPod Touch Directory Traversal
Posted Mar 3, 2011
Authored by R3dAl3rt, Hackkey

TIOD version 1.3.3 for iPhone / iPod Touch suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
systems | apple, iphone
SHA-256 | 9296e3e7ffb834fdf597c0ac26dd65c9120722a5d5bdfe1d8db1b47c743ad7e5
Ubuntu Security Notice USN-1080-2
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1080-2 - USN-1080-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding updates for the Linux kernel for use with EC2. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4248, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
SHA-256 | 107de034a7af2d41a45827953ec1ce82649b41382c00f917b580abc858073a6c
Zero Day Initiative Advisory 11-098
Posted Mar 3, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-098 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the WebKit library implements the requirements required for a Runin box as outlined in the Visual Formatting Model listed in the CSS 2.1 Specification. When promoting a run-in element the application will incorrectly free one of the child elements of the run-in. Later, when attempting to do layout for this element, the application will access the freed element due to the dangling reference. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0132
SHA-256 | 1698af44607c7e983359480213fa0b9431e447fc69439b19fa18d46c008e671d
Zero Day Initiative Advisory 11-097
Posted Mar 3, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-097 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setOuterText method of the Webkit htmlelement library. Due to a failure to properly track DOM manipulations made within the browser, it is possible to make use of a previously freed pointer and facilitate remote code execution under the context of the user running the browser process.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0116
SHA-256 | 6498aec47d82b6262e05c5e59ae1b4032f99ce53770485187e4a4a247a6d622c
Page 1 of 3
Back123Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close