what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files Date: 2011-10-05

LibPRNGWrap 2.0.0
Posted Oct 5, 2011
Authored by Folkert van Heusden | Site vanheusden.com

libprngwrap is a preload-library (so that it doesn't require any changes to the software it alters) which replaces the libc rand() random() and *rand48() calls by code that gets data from /dev/urandom. This might be a little bit more secure.

Changes: This release adds compatibility fixes and implements all re-entrant PRNG functions from libc.
tags | library
systems | linux
SHA-256 | bd7181b8ddfe0b52535c4df2b68e7a9ec4ab1a76ae6db8aada616d8f081e09fb
Mandriva Linux Security Advisory 2011-143
Posted Oct 5, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-143 - Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. Additionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise Server 5 updated perl-URPM and lzma packages are being provided to support upgrading to Mandriva Linux 2011. The updated packages have been patched to correct these issues.

tags | advisory, arbitrary, perl
systems | linux, mandriva
advisories | CVE-2011-3378
SHA-256 | 9afe9111ff11f1fe617d84ce97c27e7f82377af4c75082382f765bcd773acb62
WordPress Redirection 2.2.9 Persistent Cross Site Scripting
Posted Oct 5, 2011
Authored by dotxed

WordPress Redirection plugin versions 2.2.9 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ab2d18144287f46585dad95c8c266dff06ece77b1a0fd6c6ca81e764c06595a0
Debian Security Advisory 2317-1
Posted Oct 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2317-1 - Mariusz Mlynski discovered that websites could open a download dialog - which has "open" as the default action -, while a user presses the ENTER key. Benjamin Smedberg, Bob Clary and Jesse Ruderman discovered crashes in the rendering engine, which could lead to the execution of arbitrary code. Mark Kaplan discovered an integer underflow in the javascript engine, which could lead to the execution of arbitrary code. Boris Zbarsky discovered that incorrect handling of the window.location object could lead to bypasses of the same-origin policy. Ian Graham discovered that multiple Location headers might lead to CRLF injection.

tags | advisory, arbitrary, javascript
systems | linux, debian
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
SHA-256 | 1a4df24469eb25808167402b1be7d9843f78f3a3727327cd85ba4fb79fbb297a
Debian Security Advisory 2316-1
Posted Oct 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2316-1 - Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several vulnerabilities in Quagga, an Internet routing daemon.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, CVE-2011-3326, CVE-2011-3327
SHA-256 | 226eeb090aa5146956e6b044b5a8e27c4ae8962d7002eb3d05759fccd255ed83
vTiger CRM 5.2.1 Blind SQL Injection
Posted Oct 5, 2011
Authored by Aung Khant | Site yehg.net

vTiger CRM version 5.2.1 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3547ffd282cb4924816d21c9d1ae936d1867e9dc0d5116605d781c387fe03604
Debian Security Advisory 2315-1
Posted Oct 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2315-1 - Red Hat, Inc. security researcher Huzaifa Sidhpurwala reported multiple vulnerabilities in the binary Microsoft Word (doc) file format importer of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft(R) Office.

tags | advisory, vulnerability
systems | linux, redhat, debian
advisories | CVE-2011-2713
SHA-256 | 7e12e472d04dd6a6d14e0ca41b6ada38d2f210a8a678b5e04950aec0a8c3778f
Cyrus IMAPd NTTP Authentication Bypass
Posted Oct 5, 2011
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused by an error in the authentication mechanism of the NNTP server. This can be exploited to bypass the authentication process and execute commands intended for authenticated users only by sending an "AUTHINFO USER" command without a following "AUTHINFO PASS" command. Versions 2.4.10 and 2.4.11 are affected.

tags | advisory
SHA-256 | a527d453cfb32475e8deb8f919bc978fc3f901cd5b277252506bccdd46d12b1f
VMware Security Advisory 2011-0011
Posted Oct 5, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0011 - Hosted product updates address a remote code execution vulnerability in the way UDF file systems are handled.

tags | advisory, remote, code execution
advisories | CVE-2011-3868
SHA-256 | 68eb691ab38b6528cdbe2b5c9662b237090ae11982c24494de06d740bd8e8d6b
Ubuntu Security Notice USN-1222-2
Posted Oct 5, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1222-2 - USN-1222-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 7. Firefox could be made to crash or possibly run programs as your login if it opened a malicious website. Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. Boris Zbarsky discovered that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. This is in violation of the Same Origin Policy. A malicious website could possibly use this to access another website or the local file system. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2997, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3002, CVE-2011-3003, CVE-2011-3004, CVE-2011-3005, CVE-2011-3232
SHA-256 | 75a889f925846faaadd677cbb2c20dcd1e773bbcb1f56b408c02f338adcac064
DivX Plus Web Player 2.1.2.265 Buffer Overflow
Posted Oct 5, 2011
Authored by Snake

DivX Plus Web Player versions 2.1.2.265 and below file:// buffer overflow proof of concept exploit.

tags | exploit, web, overflow, proof of concept
SHA-256 | 3f62fbde7f5a2fffb02fd76f35f14af77b6699cf9619e1f8924c9bc37ac7af91
PolicyKit 0.101 Privilege Escalation
Posted Oct 5, 2011
Authored by zx2c4

PolicyKit versions 0.101 and below local privilege escalation exploit.

tags | exploit, local
advisories | CVE-2011-1485
SHA-256 | 8e1577823139cfa501ce0535ad03ba8172e54feaed9443aab35fb42423be384b
Gaming Security By Obscurity
Posted Oct 5, 2011
Authored by Dusko Pavlovic

Whitepaper called Gaming Security By Obscurity. This paper attempts to claim that obscuring information can actually improve security.

tags | paper
SHA-256 | 85ebf7cdd1837591d397da7aac2ad98c0b1f4ee658364bb7fc4fdcbb32a254d1
Secunia Security Advisory 46271
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ezCourses, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, vulnerability
SHA-256 | 36c66fd3a12794754a983130428778dad8221040d0d39d454263290b2f8c8d97
Secunia Security Advisory 46301
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the RedLine theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | bea26139c279515d644961826975a98c78fb9ad812f672dc9f1ab7835debf66f
Secunia Security Advisory 46273
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for rpm. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 43b13805375315fb678c96f570f49573ec4f00e2ccf70f575cff7a5a5db12117
Secunia Security Advisory 46282
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 413e6900b454d676456ed24fb21fcb00f67948396c5d1a3c85d8d900d7f6554b
Secunia Security Advisory 46305
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the Black-LetterHead theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 80b72e05e913c5b157b7a7d8ff135484aa496ddf4e9f8acf6f57f5d6fad3ce1c
Secunia Security Advisory 46275
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Crypt-DSA module for Perl, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, perl
SHA-256 | 1dfa195ce22d52e735ac3fbb43a352a67bf140a400c0f695d2ee2d76fa94bd9c
Secunia Security Advisory 46240
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 895eb1a6fec42ec9592025b073530ee8d280bd051859e4e1e9ec4c0e4b469b49
Secunia Security Advisory 46291
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Google Website Optimizer component for Joomla!, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | e550df9003f8dec2fbdbf456552f5e7f1ecd9df712c6457ce5250f71a47e6545
Secunia Security Advisory 46296
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the ZenLite theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 4cb106d0193aad27764bcbaf1d61664abdf0d08c9bd101522d635d6bb940b055
Secunia Security Advisory 46208
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple weaknesses have been discovered in conceptcms, which can be exploited by malicious people to disclose certain system information.

tags | advisory
SHA-256 | 3a921e9b118b512e92e2bc40eb7b50081b237dc60dd206ecb6b2fdf5e649eaa8
Secunia Security Advisory 46272
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the SmoothGallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | eeebfc3e7dd0cc34b0b65c95b936ad3c13d36cfcb70dc78ce20fbfc437798ff0
Secunia Security Advisory 46297
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the Atahualpa theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2d7fd4047492f5306b3b2d362dac1f140d2fd3c2251dec58356e4307ef84a592
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close