exploit the possibilities
Showing 1 - 25 of 44 RSS Feed

Files Date: 2011-10-05

LibPRNGWrap 2.0.0
Posted Oct 5, 2011
Authored by Folkert van Heusden | Site vanheusden.com

libprngwrap is a preload-library (so that it doesn't require any changes to the software it alters) which replaces the libc rand() random() and *rand48() calls by code that gets data from /dev/urandom. This might be a little bit more secure.

Changes: This release adds compatibility fixes and implements all re-entrant PRNG functions from libc.
tags | library
systems | linux
MD5 | bdd8fdbabf3984417cfcdd131e165896
Mandriva Linux Security Advisory 2011-143
Posted Oct 5, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-143 - Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. Additionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise Server 5 updated perl-URPM and lzma packages are being provided to support upgrading to Mandriva Linux 2011. The updated packages have been patched to correct these issues.

tags | advisory, arbitrary, perl
systems | linux, mandriva
advisories | CVE-2011-3378
MD5 | 15bbfea34648efa006a9a710a457bd5e
WordPress Redirection 2.2.9 Persistent Cross Site Scripting
Posted Oct 5, 2011
Authored by dotxed

WordPress Redirection plugin versions 2.2.9 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | be26c1a7013e301442b9bed5b68beaca
Debian Security Advisory 2317-1
Posted Oct 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2317-1 - Mariusz Mlynski discovered that websites could open a download dialog - which has "open" as the default action -, while a user presses the ENTER key. Benjamin Smedberg, Bob Clary and Jesse Ruderman discovered crashes in the rendering engine, which could lead to the execution of arbitrary code. Mark Kaplan discovered an integer underflow in the javascript engine, which could lead to the execution of arbitrary code. Boris Zbarsky discovered that incorrect handling of the window.location object could lead to bypasses of the same-origin policy. Ian Graham discovered that multiple Location headers might lead to CRLF injection.

tags | advisory, arbitrary, javascript
systems | linux, debian
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
MD5 | 4bcc6df353f5529680e8b4eacc49018f
Debian Security Advisory 2316-1
Posted Oct 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2316-1 - Riku Hietamaki, Tuomo Untinen and Jukka Taimisto discovered several vulnerabilities in Quagga, an Internet routing daemon.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3323, CVE-2011-3324, CVE-2011-3325, CVE-2011-3326, CVE-2011-3327
MD5 | 600b19dd77889f47237969bd3f419091
vTiger CRM 5.2.1 Blind SQL Injection
Posted Oct 5, 2011
Authored by Aung Khant | Site yehg.net

vTiger CRM version 5.2.1 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 29c67c249d4f254d4ae85906f6ece2a5
Debian Security Advisory 2315-1
Posted Oct 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2315-1 - Red Hat, Inc. security researcher Huzaifa Sidhpurwala reported multiple vulnerabilities in the binary Microsoft Word (doc) file format importer of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft(R) Office.

tags | advisory, vulnerability
systems | linux, redhat, debian
advisories | CVE-2011-2713
MD5 | 09ef1ddbc441816e1d52046ba14b2d40
Cyrus IMAPd NTTP Authentication Bypass
Posted Oct 5, 2011
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused by an error in the authentication mechanism of the NNTP server. This can be exploited to bypass the authentication process and execute commands intended for authenticated users only by sending an "AUTHINFO USER" command without a following "AUTHINFO PASS" command. Versions 2.4.10 and 2.4.11 are affected.

tags | advisory
MD5 | bdc245287c58d035977407b17f525b1b
VMware Security Advisory 2011-0011
Posted Oct 5, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0011 - Hosted product updates address a remote code execution vulnerability in the way UDF file systems are handled.

tags | advisory, remote, code execution
advisories | CVE-2011-3868
MD5 | c5f88ef1bd1b28bdaa118a71856153b4
Ubuntu Security Notice USN-1222-2
Posted Oct 5, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1222-2 - USN-1222-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 7. Firefox could be made to crash or possibly run programs as your login if it opened a malicious website. Benjamin Smedberg, Bob Clary, Jesse Ruderman, Bob Clary, Andrew McCreight, Andreas Gal, Gary Kwong, Igor Bukanov, Jason Orendorff, Jesse Ruderman, and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. Boris Zbarsky discovered that a frame named "location" could shadow the window.location object unless a script in a page grabbed a reference to the true object before the frame was created. This is in violation of the Same Origin Policy. A malicious website could possibly use this to access another website or the local file system. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2997, CVE-2011-2999, CVE-2011-3000, CVE-2011-3001, CVE-2011-3002, CVE-2011-3003, CVE-2011-3004, CVE-2011-3005, CVE-2011-3232
MD5 | fe8da750dc6f6f1bb50dab992eb82d82
DivX Plus Web Player 2.1.2.265 Buffer Overflow
Posted Oct 5, 2011
Authored by Snake

DivX Plus Web Player versions 2.1.2.265 and below file:// buffer overflow proof of concept exploit.

tags | exploit, web, overflow, proof of concept
MD5 | 4b1be038c32dbc8797dd3309dd57e278
PolicyKit 0.101 Privilege Escalation
Posted Oct 5, 2011
Authored by zx2c4

PolicyKit versions 0.101 and below local privilege escalation exploit.

tags | exploit, local
advisories | CVE-2011-1485
MD5 | 2f9af8cc142e7792fe8eda4a952fdd24
Gaming Security By Obscurity
Posted Oct 5, 2011
Authored by Dusko Pavlovic

Whitepaper called Gaming Security By Obscurity. This paper attempts to claim that obscuring information can actually improve security.

tags | paper
MD5 | fdcad303d48374ed08c148e2fecda451
Secunia Security Advisory 46271
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ezCourses, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, vulnerability
MD5 | a31d7abdc9bc40c4c0d49e6c1781ca51
Secunia Security Advisory 46301
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the RedLine theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 91098a2a981dc36c35f6ec10a2d6c309
Secunia Security Advisory 46273
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for rpm. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | 48807dc76a0c2001140abc1ec254695f
Secunia Security Advisory 46282
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered a vulnerability in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 57eae7be7fbec4c8f592f73c68c2098b
Secunia Security Advisory 46305
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the Black-LetterHead theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 3bfd86c921151db004cf858197b546df
Secunia Security Advisory 46275
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Crypt-DSA module for Perl, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, perl
MD5 | 37ad07a42681ee1fec91904a466b3307
Secunia Security Advisory 46240
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | 2c3dc0850112b39715a4a30aa86e4a2d
Secunia Security Advisory 46291
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Google Website Optimizer component for Joomla!, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | eb9640fb9f482d4f7b26bd1b509822ff
Secunia Security Advisory 46296
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the ZenLite theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | b0b3fe01aa2199ef97f6905c4b1521c4
Secunia Security Advisory 46208
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple weaknesses have been discovered in conceptcms, which can be exploited by malicious people to disclose certain system information.

tags | advisory
MD5 | 3bf4337ff5bfcba14e1d84d193992a3b
Secunia Security Advisory 46272
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the SmoothGallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | ce198cbf618aa557bf98199657bb2818
Secunia Security Advisory 46297
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the Atahualpa theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | a169be3267e7b142b959df0f2cde3863
Page 1 of 2
Back12Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close