Exploit the possiblities
Showing 1 - 25 of 52 RSS Feed

Files Date: 2011-03-22

Zero Day Initiative Advisory 11-110
Posted Mar 22, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-110 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lotus Domino Server Controller. Authentication is not required to exploit this vulnerability. The flaw exists within the remote console functionality which listens by default on TCP port 2050. When handling A user authentication the server uses a user supplied COOKIEFILE path to retrieve stored credentials. The application then compares this data against the user provided username and cookie. The path to the COOKIEFILE can be a UNC path allowing the attacker to control both the known good credentials and the challenge credentials. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | e1e50dd7b9921a9d20b48d77bf4b8767
Apple HFS+ Information Disclosure
Posted Mar 22, 2011
Authored by Dan Rosenberg | Site vsecurity.com

VSR identified a vulnerability in HFS+, a filesystem implemented in the OS X XNU kernel. HFS+ is the default filesystem in use on many installations of the Mac OS X operating system. By exploiting this vulnerability, an unprivileged user with local access to a machine using HFS+ may be able to read raw filesystem data, bypassing file permissions and resulting in information disclosure.

tags | advisory, kernel, local, info disclosure
systems | apple, osx
advisories | CVE-2011-0180
MD5 | 88e8c75c5da3743162437db5778406bf
Immunity Debugger Buffer Overflow
Posted Mar 22, 2011
Authored by Paul Harrington | Site ngssecure.com

Immunity Debugger version 1.73 contains a buffer overflow vulnerability in its HTTP update mechanism.

tags | advisory, web, overflow
MD5 | 41323a1eef942222e99c35f563d3406b
Cisco IPSec VPN Implementation Group Name Enumeration
Posted Mar 22, 2011
Authored by Gavin Jones | Site ngssecure.com

The Cisco IPSec VPN implementation suffers from a group name enumeration vulnerability. Systems affected include the ASA 5500 Series Adaptive Security Appliances, Cisco PIX 500 Series Security Appliances, Cisco VPN 3000 Series Concentrators.

tags | advisory
systems | cisco
MD5 | ad15c4c9fa7a2b80ba090d2cc11b6ecd
Apple Mac OS X Image RAW Multiple Buffer Overflows
Posted Mar 22, 2011
Authored by Paul Harrington | Site ngssecure.com

Paul Harrington of NGS Secure has discovered a high risk vulnerability in Mac OS X Image RAW. Multiple buffer overflow issues existed in Image RAW's handling of Canon RAW images. Viewing a maliciously crafted Canon RAW image may result in an unexpected application termination or arbitrary code execution. Versions affected include Mac OS X 10.6 through 10.6.6, Mac OS X Server 10.6 through 10.6.6 with RawCamera.bundle versions prior to 3.6.

tags | advisory, overflow, arbitrary, code execution
systems | apple, osx
MD5 | 31a493568b7ae17c923b0d282a514ba6
Symantec LiveUpdate Administrator Cross Site Request Forgery
Posted Mar 22, 2011
Authored by Nikolas Sotiriu

Symantec LiveUpdate Administrator suffers from a cross site request forgery vulnerability. Proof of concept is included.

tags | exploit, proof of concept, csrf
advisories | CVE-2011-0545
MD5 | a0b242faa4183e0293c59c3643526323
Apple Mac OS X ImageIO Integer Overflow
Posted Mar 22, 2011
Authored by Dominic Chell | Site ngssecure.com

Dominic Chell of NGS Secure has discovered a High risk vulnerability in Mac OS X ImageIO. An integer overflow issue exists in ImageIO's handling of JPEG-encoded TIFF images. Viewing a maliciously crafted TIFF image may result in an unexpected application termination or arbitrary code execution. Versions affected include Mac OS X 10.6 through 10.6.6, Mac OS X Server 10.6 through 10.6.6.

tags | advisory, overflow, arbitrary, code execution
systems | apple, osx
MD5 | 90d5ec0724d8e732f03bb5fcff46a1ee
iDEFENSE Security Advisory 2011-03-21.1
Posted Mar 22, 2011
Authored by iDefense Labs, Tobias Klein

iDefense Security Advisory 03.21.11 -Remote exploitation of a memory corruption vulnerability in Apple Inc.'s OfficeImport framework could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing an Excel file with a certain maliciously constructed record. This record is used to describe a formula that is shared between multiple cells. In this record, the 'formula' field is used to specify the formula used. By corrupting certain opcodes within this formula it is possible to trigger a memory corruption vulnerability. This can lead to the execution of arbitrary code. Apple has reported Mac OS X and OS X Server 10.6 through 10.6.6 vulnerable.

tags | advisory, remote, arbitrary
systems | apple, osx
MD5 | 67158fe79635302f382084271d037e56
HP Security Bulletin HPSBMA02647 SSRT100383
Posted Mar 22, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02647 SSRT100383 - A potential security vulnerability has been identified with HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely to allow unauthorized read-only access to the data available via the SNMP protocol. Revision 1 of this advisory.

tags | advisory, protocol
systems | windows
advisories | CVE-2011-0890
MD5 | 447b72b352faec6ba614b032be4d4332
Zero Day Initiative Advisory 11-109
Posted Mar 22, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-109 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the support for parsing Office files. When handling the OfficeArtMetafileHeader the process trusts the cbSize field and performs arithmetic on it before making an allocation. As the result is not checked for overflow, the subsequent allocation can be undersized. Later when copying into this buffer, memory can be corrupted leading to arbitrary code execution under the context of the mobile user on the iPhone.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple, iphone
advisories | CVE-2011-1417
MD5 | 73c6d0ab44664ae2917de0b921def7d1
Zero Day Initiative Advisory 11-108
Posted Mar 22, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-108 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mac OS X's CFF Decoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the Type1Scaler library processes a specially formatted compact font file. When processing this file, the application will corrupt memory outside the bounds of an allocated buffer. This can lead to code execution under the context of the application that utilizes the library.

tags | advisory, remote, arbitrary, code execution
systems | apple, osx
advisories | CVE-2011-0176
MD5 | 54aebca561da9b4a51f3195682a55735
Secunia Security Advisory 43825
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has acknowledged a vulnerability in aaa_base, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, suse
MD5 | 77885eb251007581d8464cd369ed6535
Secunia Security Advisory 43807
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in CATIA V5, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
MD5 | 5b54686f87e6b9248033fa4a1da17c4d
Secunia Security Advisory 43578
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Pango, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
MD5 | a5164af4a828363a06657c91b07dcc9e
Secunia Security Advisory 43591
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in the Secure Pages module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 16c3dab5b0d9a053b3f2179efe0a973e
Secunia Security Advisory 43360
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Honeywell ScanServer ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
MD5 | a5e56bb3cbbd2d00d69fbec83926f86a
Secunia Security Advisory 43844
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for policycoreutils. This fixes a weakness, which can be exploited by malicious, local users to bypass certain security features.

tags | advisory, local
systems | linux, fedora
MD5 | a6b4e2391627d3728a9373000b0fc007
Secunia Security Advisory 43792
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Douran Portal, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 28089f6e95dd11c12dae05db7985000a
Secunia Security Advisory 43842
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for pidgin. This fixes some security issues, which can be exploited by malicious, local users to disclose potentially sensitive information.

tags | advisory, local
systems | linux, fedora
MD5 | aca967ed7d77090e4d08c95016e0bfbc
Secunia Security Advisory 43824
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Novell NetWare, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
MD5 | f8e41c3e96fdb9dd2aec2dfd922a5df8
Secunia Security Advisory 43107
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for maradns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, debian
MD5 | 430955bb8708d2a77c72a6dca679fd00
Secunia Security Advisory 43806
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some weaknesses have been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose system information.

tags | advisory, kernel, local
systems | linux
MD5 | 1ffb4f98555278916bf35bad51f098de
Secunia Security Advisory 43817
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux and linux-ec2. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 099bf1d75ecfffdcb1a135c2ce022506
Secunia Security Advisory 43598
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information and to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 0a1ec4367745bcb1c2d7102bd3906be7
Secunia Security Advisory 43449
Posted Mar 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for php5. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
MD5 | 215665cc95493415bcc0f3206de6396c
Page 1 of 3
Back123Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    28 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close