exploit the possibilities
Showing 1 - 25 of 41 RSS Feed

Files Date: 2011-11-12

Mandriva Linux Security Advisory 2011-173
Posted Nov 12, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-173 - On Mandriva Linux 2010.2 they provided the old openssl 0.9.8 library but without a source RPM file. This could pose a security risk for third party commercial applications that still uses the older OpenSSL library, therefore the latest stable openssl 0.9.8r library is being provided.

tags | advisory
systems | linux, mandriva
MD5 | 630cd768600e23f634e1cbf2ad639bd0
LFI Fuzzploit Tool 1.1
Posted Nov 12, 2011
Authored by nullbyt3

LFI Fuzzploit is a simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Using special encoding and fuzzing techniques, lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a local file inclusion.

Changes: A bug in the file descriptor scan function is fixed. A command shell bug is fixed.
tags | tool, local, scanner, php, vulnerability, file inclusion
systems | linux, unix
MD5 | 8adb584643536d79538aa0d7d080800d
GNU Transport Layer Security Library 3.0.8
Posted Nov 12, 2011
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release fixes an issue in ECDSA key generation and reduces timing information provided to an adversary in DTLS.
tags | protocol, library
MD5 | bce40a4e9bec343b266707eb9819132b
Secunia Security Advisory 46106
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the MediaRSS external gallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | be3e144c0af0c9161fce63923b256d95
Secunia Security Advisory 46123
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mesut Timur has discovered two vulnerabilities in TWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 7d437bf760000571228fc7bec428a748
Secunia Security Advisory 46151
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
systems | linux, ubuntu
MD5 | 5d94b931b21f367f4c4d76e880ad3553
Secunia Security Advisory 46032
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Audacious has acknowledged some vulnerabilities in Audacious Plugins, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
MD5 | 85f3980517cee6fd24a7e82e0c9a2d69
Secunia Security Advisory 46142
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.

tags | advisory, vulnerability, xss
systems | linux, redhat
MD5 | 79483249a35920ff5370cb209de33f06
Secunia Security Advisory 46012
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has reported a vulnerability in Nortel Contact Recording, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 4b533d8605ab46fbfdaa0bf0fae496d1
Secunia Security Advisory 46099
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Digital Echidna has discovered a vulnerability in ScriptFTP, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 8538a99aa725e27605438bc398d6ce91
Secunia Security Advisory 46038
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Adsense Extreme plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 3adc2b7e673f57e553ab4f3868430943
Secunia Security Advisory 46806
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for apache2. This fixes a weakness and a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | 2b2cbe162e1f84ead98229c8440e2012
Secunia Security Advisory 46818
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
MD5 | 033fc4472edbe587fec25e348632950f
Secunia Security Advisory 46791
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in IBM Lotus Domino, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user's session.

tags | advisory
MD5 | fa05679a8f13fcd7f8f1c457a69b993a
Secunia Security Advisory 46763
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Benjamin Kunz Mejri has reported a vulnerability in iGuard Biometric Access Control, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | be338f68664de41a741e39351f681bcd
Secunia Security Advisory 46820
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner-1.9.2. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, and compromise a user's system.

tags | advisory, vulnerability, xss
systems | linux, ubuntu
MD5 | 9fd86761e216bc37a054fac2cc9874a5
Secunia Security Advisory 46826
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | 7a87352f4814d3bd9f18e56452f17d4d
Secunia Security Advisory 46825
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for radvd. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | c95a1d00ea7faa39e21831611d9b141a
Secunia Security Advisory 46747
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to disclose certain sensitive information, conduct spoofing attacks, and compromise a user's device.

tags | advisory, spoof, vulnerability
systems | cisco, apple
MD5 | 66add193c17a43be4b2d167eb35528f0
strongSwan IPsec Implementation 4.6.1
Posted Nov 12, 2011
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: Because Ubuntu 11.10 activated the --as-needed ld option that discards included links to dynamic libraries that are not actually used by the charon daemon itself, the loading of plugins depending on external symbols provided by the libsimaka, libtls, or libtnccs libraries failed. As a fix, the plugins include the required libraries directly, and due to relinking during the installation, the approach of computing integrity checksums for plugins had to be changed radically by moving the hash generation from the compilation to the post-installation phase.
tags | encryption, protocol
systems | linux, unix, freebsd, apple, osx
MD5 | 87f278bb7d2bf114b96755448faa279a
Zero Day Initiative Advisory 11-328
Posted Nov 12, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-328 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server. Authentication is required to exploit this vulnerability in order to have access to the ftp command set. The specific flaw exists within how the server manages the response pool that is used to send responses from the server to the client. When handling an exceptional condition the application will fail to restore the original response pointer which will allow there to be more than one reference to the response pointer. The next time it is used, a memory corruption can be made to occur which can allow for code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
MD5 | 098867ab5a4a7b457e0798e9974fd916
Gentoo Linux Security Advisory 201111-04
Posted Nov 12, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201111-4 - phpDocumentor bundles Smarty which contains an input sanitation flaw, allowing attackers to call arbitrary PHP functions. Versions less than 1.4.3-r1 are affected.

tags | advisory, arbitrary, php
systems | linux, gentoo
advisories | CVE-2008-1066
MD5 | 943291469252729a45ff56f012221736
Debian Security Advisory 2345-1
Posted Nov 12, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2345-1 - Several vulnerabilities have been discovered in Icedove, a mail client based on Thunderbird.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3647, CVE-2011-3648, CVE-2011-3650
MD5 | bc8393b20a478498203137c18c33dfef
Suricata IDPE 1.1
Posted Nov 12, 2011
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Performance, accuracy, and stability were improved. Many HTTP rule keywords added. Several SSL keywords have been added. Event suppression support was added. SCTP decoding support was added. IPS mode was improved. An SMTP parser was added. Protocol detection was improved. Extended HTTP output was added. AF_PACKET support was added. PF_RING support was improved. Pcap logging was added. The stream engine was improved.
tags | tool, intrusion detection
systems | unix
MD5 | 8e0d1c3d04694ffcb67334f222446bd1
Kool Media Converter 2.6.0 Denial Of Service
Posted Nov 12, 2011
Authored by swami

Kool Media Converter version 2.6.0 denial of service exploit that creates a malicious .ogg file.

tags | exploit, denial of service
MD5 | f6e63319a51681fe61bfc7c72704551f
Page 1 of 2
Back12Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close