seeing is believing
Showing 1 - 25 of 53 RSS Feed

Files Date: 2011-09-28

Ubuntu Security Notice USN-1210-1
Posted Sep 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1210-1 - Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. Boris Zbarsky discovered that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. This is in violation of the Same Origin Policy. A malicious website could possibly use this to access another website or the local file system. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2996, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001
MD5 | f6a9c46e28c67f6f744d937892e1a600
Mandriva Linux Security Advisory 2011-138
Posted Sep 28, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-138 - This advisory updates wireshark to the latest version (1.6.2), fixing several security issues. Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service via a malformed packet. Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service via a malformed capture file that leads to an invalid root tvbuff, related to a buffer exception handling vulnerability. The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service via a malformed packet. The updated packages have been upgraded to the latest 1.6.x version which is not vulnerable to these issues.

tags | advisory, remote, denial of service, local, root, trojan
systems | linux, mandriva
advisories | CVE-2011-3360, CVE-2011-3482, CVE-2011-3483, CVE-2011-3484
MD5 | 5e24d9230a5e85e93c1e688990e0713c
Mandriva Linux Security Advisory 2011-137
Posted Sep 28, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-137 - The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation. crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages, which allows remote attackers to cause a denial of service via out-of-order messages that violate the TLS protocol.

tags | advisory, remote, denial of service, crypto, protocol
systems | linux, mandriva
advisories | CVE-2011-1945, CVE-2011-3207, CVE-2011-3210
MD5 | d4cdd08b16fe165439352bfa6ccaf846
Mandriva Linux Security Advisory 2011-136
Posted Sep 28, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-136 - The elliptic curve cryptography subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-1945
MD5 | aad8354635e0daa4188bb666e77c1b6a
iDefense Security Advisory 09.26.11 - Novell Groupwise Memory Corruption
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a memory corruption vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs weekly. Specifically, by using a negative integer for the BYWEEKNO property, it is possible to trigger a write operation beyond the bounds of an allocated heap buffer. This can lead to the corruption of memory, and the execution of arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2662
MD5 | b37c25b14136941416b0a1e33f2d7d58
iDefense Security Advisory 09.26.11 - Novell Groupwise Memory Corruption
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a memory corruption vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs yearly. When adding a sequence of dates, it is possible to trigger an invalid array indexing vulnerability, and write beyond the bounds of a heap buffer. This can lead to the execution of arbitrary code. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2663
MD5 | 478617bafb33189462d68b2d0098051c
iDefense Security Advisory 09.26.11 - Novell Groupwise Heap Overflow
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs on weekdays. A heap based buffer overflow can be triggered due to the lack of checks to ensure that there is enough space in the buffer to hold all of the RRULE entry data. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-4325
MD5 | 915c525f385f16148dfaf4b6acefe3dd
FreeBSD Security Advisory - UNIX-domain Sockets Buffer Overflow
Posted Sep 28, 2011
Site security.freebsd.org

FreeBSD Security Advisory - When a UNIX-domain socket is attached to a location using the bind(2) system call, the length of the provided path is not validated. Later, when this address was returned via other system calls, it is copied into a fixed-length buffer. A local user can cause the FreeBSD kernel to panic. It may also be possible to execute code with elevated privileges ("gain root"), escape from a jail, or to bypass security mechanisms in other ways.

tags | advisory, kernel, local, root
systems | unix, freebsd
MD5 | 76df34e8660b58d174df2b314c648f44
FreeBSD Security Advisory - compress Boundary Checks
Posted Sep 28, 2011
Site security.freebsd.org

FreeBSD Security Advisory - The code used to decompress a file created by compress(1) does not do sufficient boundary checks on compressed code words, allowing reference beyond the decompression table, which may result in a stack overflow or an infinite loop when the decompressor encounters a corrupted file.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2011-2895
MD5 | 2da0f0fb844d408727730142ea5b6caa
Hacking Your Droid
Posted Sep 28, 2011
Authored by Aditya Gupta

A whitepaper on the basics of Android and reverse engineering of Android applications.

tags | paper
MD5 | 059517ac4338b22e446d41daf88849d8
Cisco Security Advisory 20110928-ipsla
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco IOS IP Service Level Agreement (IP SLA) feature contains a denial of service (DoS) vulnerability. The vulnerability is triggered when malformed UDP packets are sent to a vulnerable device. The vulnerable UDP port numbers depend on the device configuration. Default ports are not used for the vulnerable UDP IP SLA operation or for the UDP responder ports. Cisco has released free software updates that address this vulnerability.

tags | advisory, denial of service, udp
systems | cisco
advisories | CVE-2011-3272
MD5 | 044174eb1aecc7710d3a887fa7fb3c85
Cisco Security Advisory 20110928-smart-install
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Smart Install feature of Cisco Catalyst Switches running Cisco IOS Software that could allow an unauthenticated, remote attacker to perform remote code execution on the affected device. Cisco has released free software updates that address this vulnerability. There are no workarounds available to mitigate this vulnerability other than disabling the Smart Install feature.

tags | advisory, remote, code execution
systems | cisco
advisories | CVE-2011-3271
MD5 | 9a046cad44847b96a1e1ac47f472bcef
Cisco Security Advisory 20110928-zbfw
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS Software contains two vulnerabilities related to Cisco IOS Intrusion Prevention System (IPS) and Cisco IOS Zone-Based Firewall features.

tags | advisory, vulnerability
systems | cisco
advisories | CVE-2011-3273, CVE-2011-3281
MD5 | 66f438d4a26109026168d18f7cbd958f
Cisco Security Advisory 20110928-xcpcupsxml
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A denial of service (DoS) vulnerability exists in Jabber Extensible Communications Platform (Jabber XCP) and Cisco Unified Presence. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious XML to an affected server. Successful exploitation of this vulnerability could cause elevated memory and CPU utilization, resulting in memory exhaustion and process crashes. Repeated exploitation could result in a sustained DoS condition. There are no workarounds available to mitigate exploitation of this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
advisories | CVE-2011-3287, CVE-2011-3288
MD5 | d1dabfb914740f5fe569a012811187a8
Cisco Security Advisory 20110928-cucm
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Manager contains a memory leak vulnerability that could be triggered through the processing of malformed Session Initiation Protocol (SIP) messages. Exploitation of this vulnerability could cause an interruption of voice services. Cisco has released free software updates for supported Cisco Unified Communications Manager versions to address the vulnerability. A workaround exists for this SIP vulnerability.

tags | advisory, protocol, memory leak
systems | cisco
advisories | CVE-2011-2072
MD5 | 92d32bec8f7057cebc21076875e2fb9b
Cisco Security Advisory 20110928-sip
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or trigger memory leaks that may result in system instabilities. Affected devices would need to be configured to process SIP messages for these vulnerabilities to be exploitable. Cisco has released free software updates that address these vulnerabilities. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerabilities.

tags | advisory, remote, vulnerability, protocol, memory leak
systems | cisco, osx
advisories | CVE-2011-0939, CVE-2011-2072, CVE-2011-3275
MD5 | bc0662c54a51abc3c5b7b913522a0f91
PcVue 10.0 Code Execution / Overflow
Posted Sep 28, 2011
Authored by Luigi Auriemma | Site aluigi.altervista.org

PcVue versions 10.0 and below suffer from code execution, file corruption, and an array overflow.

tags | exploit, overflow, code execution
systems | linux
MD5 | e65b828fd2fcfe44c426d595e3ab3f9d
Traq 2.2 Cross Site Scripting / SQL Injection
Posted Sep 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Traq version 2.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | f02069a43b7211f89aeffbeeeeaa47c4
Novell GroupWise Calendar BYWEEKNO Memory Corruption
Posted Sep 28, 2011
Authored by Alexandre Pelletier, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "ICalProcessYearlyRule()" function within the "gwwww1.dll" component when processing a malformed "BYWEEKNO" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
MD5 | bc4052bb5ae1cf1a84f7ebdc7fcb277b
Novell GroupWise Calendar integerList Buffer Overflow
Posted Sep 28, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurParam::integerList()" function within the "gwwww1.dll" component when processing a malformed "RRULE" integer list in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
MD5 | 33b267c7db1590960d4b74c343d82c5b
FreeBSD Security Advisory - named Denial Of Service
Posted Sep 28, 2011
Site security.freebsd.org

FreeBSD Security Advisory - A logic error in the BIND code causes the BIND daemon to accept bogus data, which could cause the daemon to crash.

tags | advisory
systems | freebsd
advisories | CVE-2011-2464
MD5 | f3338b9c63df2659206ed7b58b7a0da9
Redmind Online-Shop / E-Commerce System SQL Injection
Posted Sep 28, 2011
Authored by Mbah Semar

Redmind Online Shop / E-Commerce System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f698bf91d31d1ee6f830392d26c08501
Jarida 1.0 SQL Injection
Posted Sep 28, 2011
Authored by Ptrace Security

Jarida version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 842e38650fda5654150d8e2aea9c6a37
WordPress Mingle Forum 1.0.31 SQL Injection
Posted Sep 28, 2011
Authored by Miroslav Stampar

WordPress Mingle Forum plugin versions 1.0.31 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 05e930b7612a845bf67e8dc01b14616a
Cisco Security Advisory 20110928-nat
Posted Sep 28, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of multiple protocols. Cisco has released free software updates that address these vulnerabilities.

tags | advisory, denial of service, vulnerability, protocol
systems | cisco
advisories | CVE-2011-0946, CVE-2011-3276, CVE-2011-3277, CVE-2011-3278, CVE-2011-3279, CVE-2011-3280
MD5 | 6ba80e0795d381365f8e77de9b6e0a05
Page 1 of 3
Back123Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close