what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2011-03-15

Ubuntu Security Notice USN-1079-2
Posted Mar 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1079-2 - USN-1079-1 fixed vulnerabilities in OpenJDK 6 for non-armel (ARM) architectures. This update provides the corresponding updates for OpenJDK 6 for use with the armel (ARM) architectures. Multiple openjdk-6 vulnerabilities have been addressed. It was discovered that untrusted Java applets could create domain name resolution cache entries, allowing an attacker to manipulate name resolution within the JVM. It was discovered that the Java launcher did not did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program. It was discovered that within the Swing library, forged timer events could allow bypass of SecurityManager checks. Konstantin PreiBer and others discovered that specific double literals were improperly handled, allowing a remote attacker to cause a denial of service. It was discovered that the JNLPClassLoader class when handling multiple signatures allowed remote attackers to gain privileges due to the assignment of an inappropriate security descriptor. Various other issues were also addressed.

tags | advisory, java, remote, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-4448, CVE-2010-4450, CVE-2010-4465, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4476, CVE-2011-0706
SHA-256 | c5c18368e20b050d150d2c53891f0010937af3d0d826c64263852fc25e700d30
Ubuntu Security Notice USN-1085-2
Posted Mar 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1085-2 - USN-1085-1 fixed vulnerabilities in the system TIFF library. The upstream fixes were incomplete and created problems for certain CCITTFAX4 files. This update fixes the problem. Multiple vulnerabilities related to tiff have been discovered and addressed. Sauli Pahlman discovered that the TIFF library incorrectly handled invalid td_stripbytecount fields. Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF files with an invalid combination of SamplesPerPixel and Photometric values. Nicolae Ghimbovschi discovered that the TIFF library incorrectly handled invalid ReferenceBlackWhite values. Sauli Pahlman discovered that the TIFF library incorrectly handled certain default fields. It was discovered that the TIFF library incorrectly validated certain data types. It was discovered that the TIFF library incorrectly handled downsampled JPEG data. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2482, CVE-2010-2483, CVE-2010-2595, CVE-2010-2597, CVE-2010-2598, CVE-2010-2630, CVE-2010-3087, CVE-2011-0191, CVE-2011-0192
SHA-256 | 55b184ba540a99b97525111479f1fba5ff77334bf3690f72abffaa068a8706f7
Windows Credential Editor 1.1
Posted Mar 15, 2011
Authored by Hernan Ochoa | Site ampliasecurity.com

Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks.

Changes: This new version fixes issues when running WCE via RDP/Terminal Services, reads NTLM credentials just by reading memory (no code injection needed, although the tool implements both methods), and includes a tool (getlsasrvaddr.exe) to automatically obtain the addresses needed.
tags | remote
systems | linux, windows
SHA-256 | d5947a1b05bc5936dec425b3b826c1e9cea6c3295335bf93a05f071088349b99
Secunia Security Advisory 43726
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for proftpd-dfsg. This fixes a vulnerability, which can be exploited by malicious users to manipulate certain data.

tags | advisory
systems | linux, debian
SHA-256 | 94427441774f8e8c621ff598b3958f7b5622b90a1a4901a6453dd1e535bfb65b
Secunia Security Advisory 43727
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Nucleus CMS, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 2f831c54bc22e3fc20edd1133b4e7c42c91e2b7ef4ba6e41fc2387ddb09e1e62
Secunia Security Advisory 43625
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Foxit Phantom PDF Suite, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | ab0878477d249fd8d0cda1c0fc56c2c6e56b762cec5a795ff7aed003bfe025f0
Secunia Security Advisory 43753
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | 6ba4a1a43a4848f53d0a86d4c9bca525e8f0061da45c92bcbc9e2e8b6fd06dfc
Secunia Security Advisory 43747
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | solaris
SHA-256 | 4fa457728bc98e95f6eb93c6fcf93cec6f14afe823e2404cdbc40cf36d9eb80f
Secunia Security Advisory 43724
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ABBS Audio Media Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 79c0ae37907bdab437282d4423a127f91f9b06e2459b78f3339dafefe8e8ea43
Secunia Security Advisory 43745
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact while others can be exploited by malicious people bypass certain security restrictions, disclose system information, and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 82065ae73a35bb5a06d6df49a4559778f4d969cb77fb4314c09e4468b14145a7
Secunia Security Advisory 43719
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Unik Scripts Cover Vision, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 4f401c63a98c3e266a4f56f1926cb6ed1085d1cc278d4023e9cb35f7b845b24a
Secunia Security Advisory 43729
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for wordpress. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | 0c56ed571d56f132145418f2ec84f8fcce94586e604dcb95dc943eb119ab73ba
Secunia Security Advisory 43720
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two weaknesses have been reported in Ibid, which can be exploited by malicious, local users and malicious users to disclose potentially sensitive information.

tags | advisory, local
SHA-256 | a776044095d8d0a6dacabd13fe7802ccd42f537c78bc195bd04a1455694918ad
Secunia Security Advisory 43754
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ITSecTeam has reported a vulnerability in Qualitynet CMS, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 237e7b88d4b903f5a1c3daf1eedd4ffecd6eb2a137cb87410d5036b47f889d7d
Secunia Security Advisory 43576
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some weaknesses have been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.

tags | advisory, kernel, local
systems | linux
SHA-256 | 28759cd6d82272a2a2b53efc24e198c9c129bc6c2671a20de2cc77c2c34a6828
Qualitynet CMS Remote Change Admin Password
Posted Mar 15, 2011
Authored by ItSecTeam

Qualitynet CMS remote change administrative password exploit.

tags | exploit, remote
SHA-256 | 5e99a5005c3d73c54869a97a49773e97f86129efcdb8ce82354df53ed67ffec4
RealPlayer 11.0 Buffer Overflow
Posted Mar 15, 2011
Authored by KedAns-Dz

RealPlayer version 11.0 local crash exploit that creates a malicious .avi file.

tags | exploit, overflow, local
SHA-256 | 5fcde7902ae0fea8b5af642406c4a824b35e8289ad7a375e4aad8a3f184a024b
Secunia Security Advisory 43748
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | df66275207c738d2f12c12599f66db6bb8a92677733d88957f881cee9e84bc1f
Secunia Security Advisory 43707
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SAP GUI, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | d30fedecb1b9c34388d15c7f68e07333d3d17160919ad08876904dc22d34747a
Secunia Security Advisory 43715
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Direct Mail extension for TYPO3, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 5838775ff11a08d81065458227cc6c752d57d3bd0028c939cffe7b45aa3e36fb
Secunia Security Advisory 43772
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Reader/Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 415cbe29cf9c58ed818448e767cd8937d2da2701fd7ecdd8ccb50515ebeed25f
Secunia Security Advisory 43755
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ABBS Electronic Flash Cards, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | f0ab884c8b39fb472996a26189b67af8ad11056c2e02fe07763efaefe7ecd84c
Secunia Security Advisory 43751
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 80f8f8af78e8484f2493a310f3407721eee5043a7d4d65fb18e2a113718f547b
Secunia Security Advisory 43682
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and multiple vulnerabilities have been discovered in LotusCMS, which can be exploited by malicious users to disclose sensitive information and compromise a vulnerable system and by malicious people to conduct cross-site scripting and request forgery attacks, disclose sensitive information, and compromise a vulnerable system.

tags | advisory, vulnerability, xss
SHA-256 | 54d618bb2cdf94c9499d51739075584986322d04f62c330cab56e5f7f800c8b4
Secunia Security Advisory 43730
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in feedparser, which can be exploited by malicious people to cause a DoS (Denial of Service) and conduct script insertion attacks.

tags | advisory, denial of service, vulnerability
SHA-256 | a3762c6fc35faac1300249a27f282eac09e7457d7704ea3ccfed4e61cdda97d5
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close