what you don't know can hurt you
Showing 1 - 25 of 44 RSS Feed

Files Date: 2011-04-01

PHP-Quick-Arcade 3.0.23 SQL Injection
Posted Apr 1, 2011
Authored by kurdish hackers team | Site kurdteam.org

PHP-Quick-Arcade version 3.0.23 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 9d481c620624e86aa858ea68143350d8
HP Security Bulletin HPSBUX02639 SSRT100293
Posted Apr 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02639 SSRT100293 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2009-3563
MD5 | 791e29e9470d7a056733d8110be45ead
Bloly 1.3 Cross Site Scripting
Posted Apr 1, 2011
Authored by kurdish hackers team | Site kurdteam.org

Bloly version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d0a759a2a52c1378e40cd6c407a1328c
Mandriva Linux Security Advisory 2011-061
Posted Apr 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-061 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted file that triggers an infinite loop. The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted AVI file that triggers a divide-by-zero error. Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. Fix memory corruption in WMV parsing. libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service via a crafted.ogg file, related to the vorbis_floor0_decode function. Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebM file, related to buffers for Fix heap corruption crashes. Fix invalid reads in VC-1 decoding. And several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-4632, CVE-2009-4633, CVE-2009-4634, CVE-2009-4635, CVE-2009-4636, CVE-2009-4639, CVE-2009-4640, CVE-2010-3429, CVE-2010-3908, CVE-2010-4704, CVE-2011-0480, CVE-2011-0722, CVE-2011-0723
MD5 | 2f094e286762afe93bfaedf95287e34c
Ubuntu Security Notice USN-1101-1
Posted Apr 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1101-1 - It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a man in the middle attack to view sensitive information or alter encrypted communications. These were placed on the certificate blacklist to prevent their misuse.

tags | advisory, web
systems | linux, ubuntu
MD5 | 1d723f0ed7d8619cca96c7de1aa6536f
Mandriva Linux Security Advisory 2011-060
Posted Apr 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-060 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted AVI file that triggers a divide-by-zero error. Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service via a crafted.ogg file, related to the vorbis_floor0_decode function. And several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-4632, CVE-2009-4633, CVE-2009-4634, CVE-2009-4635, CVE-2009-4639, CVE-2009-4640, CVE-2010-3429, CVE-2010-4704
MD5 | dfa7a0d99fd9a30b7b891b03c883152b
HP Security Bulletin HPSBUX02646 SSRT100396
Posted Apr 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02646 SSRT100396 - A potential security vulnerability have been identified with HP-UX. The vulnerability could be exploited locally to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-0891
MD5 | e990c873fc4d0c932fb95e8bff8beb7a
HP Security Bulletin HPSBUX02645 SSRT100387
Posted Apr 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02645 SSRT100387 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server. These vulnerabilities could be exploited remotely to disclose information, allow cross-site scripting (XSS), or create a Denial of Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability, xss
systems | hpux
MD5 | 4ca53171912f27b4ed3f10416d138e15
Mandriva Linux Security Advisory 2011-059
Posted Apr 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-059 - Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted AVI file that triggers a divide-by-zero error. And several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-4634, CVE-2009-4635, CVE-2009-4639
MD5 | cd31b20e36275db225fa39e0ba6242db
AR Web Content Manager 2.2 Cross Site Scripting
Posted Apr 1, 2011
Authored by Antu Sanadi | Site secpod.com

AR Web Content Manager (AWCM) version 2.2 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | 7b080d140a551f2738daf4ce3016e6f7
Mandriva Linux Security Advisory 2011-058
Posted Apr 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-058 - The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed Extended Communities attribute. bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service via a malformed AS_PATHLIMIT path attribute. Updated packages are available that bring Quagga to version 0.99.18 which provides numerous bugfixes over the previous 0.99.17 version, and also corrects these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2010-1674, CVE-2010-1675
MD5 | 9e3a30451376b29e063d5759ce732704
HP Security Bulletin HPSBMA02650 SSRT100429
Posted Apr 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02650 SSRT100429 - Potential security vulnerabilities have been identified in HP Operations for UNIX. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS) or unauthorized access. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
systems | unix
advisories | CVE-2011-0893, CVE-2011-0894
MD5 | db4283825d00641dae13959ebf9fd670
Webworx Technologies Lahore Pakistan PHP / ASP SQL Injection
Posted Apr 1, 2011
Authored by eXeSoul

Webworx Technologies Lahore Pakistan PHP and ASP suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection, asp
MD5 | 2b8f8ba1e1e1daa961d5ce5bca02761d
Nested IPComp Encapsulation With Deflate LZ77 RFC1951 Quine
Posted Apr 1, 2011
Authored by Tavis Ormandy

Proof of concept exploit that demonstrates a nested IPComp encapsulation with DEFLATE LZ77 RFC1951 Quine.

tags | exploit, proof of concept
advisories | CVE-2011-1547
MD5 | f90a899a08f2cd7a817a306449d5779b
BSD IPcomp Kernel Stack Overflow Testcase
Posted Apr 1, 2011
Authored by Tavis Ormandy

This exploit demonstrates the BSD IPComp kernel stack overflow testcase.

tags | exploit, overflow, kernel
systems | bsd
advisories | CVE-2011-1547
MD5 | 88f7f652d4cc378e96ace171cda32ce3
BSD IPComp Expansion Of Arbitrary Nested Payload
Posted Apr 1, 2011
Authored by Tavis Ormandy

BSD derived RFC3173 IPComp encapsulation will expand an arbitrarily nested payload.

tags | advisory
systems | bsd
advisories | CVE-2011-1547
MD5 | e052d627155cacc1f1bd3a6542dbe443
iDEFENSE Security Advisory 2011-03-31.1
Posted Apr 1, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 03.31.11 - Remote exploitation of a stack buffer overflow vulnerability in RealNetworks Inc.'s Helix DNA Server could allow an attacker to execute arbitrary code with the privileges of the affected service. The Helix DNA Server contains a vulnerability that can be triggered by an unauthenticated attacker. The vulnerability results due to the parsing of a certain type of Real Time Streaming Protocol (RTSP) request specifying a large string. The vulnerable function may perform a copy operation that results in the bounds of a stack buffer to be overflown. Helix Server and Helix Mobile Server versions 12.x, 13.x and 14.x are vulnerable.

tags | advisory, remote, overflow, arbitrary, protocol
advisories | CVE-2010-4596
MD5 | 3791f3c4f9cc7213ab18a1967d25f5ec
Secunia Security Advisory 43992
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 996764aa8ff01e538af2e1655225e26e
Secunia Security Advisory 43994
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM Tivoli Directory Server, which can be exploited by malicious users to disclose sensitive information and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | b848544604b06e1902a11f7fb71858c2
Secunia Security Advisory 43905
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for logwatch. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, suse
MD5 | 003ab69214625613fbf9b5f921bfa240
Secunia Security Advisory 43915
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported some vulnerabilities in Cetera eCommerce, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 49ce7d4e83fc586d458efe6822b81ed6
Secunia Security Advisory 43918
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for gdm. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, ubuntu
MD5 | 438603c2db1930544bf6241318905a13
Secunia Security Advisory 43925
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Cisco NAC Guest Server, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | cisco
MD5 | 6a8d52223803b36d1ced28872ca7db3c
Secunia Security Advisory 43957
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1.5.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, and compromise a vulnerable system.

tags | advisory, java, local, vulnerability
systems | linux, suse
MD5 | f0a8eccf34d73d6ba8274cfa1f040546
Secunia Security Advisory 43958
Posted Apr 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for fuse. This fixes some security issues, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, suse
MD5 | b1e6a23566f8242799a6e80c4449636e
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close