what you don't know can hurt you
Showing 1 - 25 of 44 RSS Feed

Files Date: 2011-12-19

Zero Day Initiative Advisory 11-350
Posted Dec 19, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-350 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Enterasys Netsight. Authentication is not required to exploit this vulnerability. The flaw exists within the nssyslogd.exe component which listens by default on UDP port 514. When parsing a new syslog message the process attempts to copy the PRIO field to an intermediate variable. The process does not properly validate the size of the destination buffer and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, udp
SHA-256 | 486c953e71cef65cd30d035468fa0961fc349af3a6271f7d414b20d2d573b443
Debian Security Advisory 2367-1
Posted Dec 19, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2367-1 - Several vulnerabilities have been discovered in Asterisk, an Open Source PBX and telephony toolkit.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-4597, CVE-2011-4598
SHA-256 | c775b80295c3642a135dbde3ae832771f511ca0cfd118f13568781aff541ad60
Red Hat Security Advisory 2011-1834-01
Posted Dec 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1834-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A buffer overflow flaw was found in the way the libXfont library, used by the X.Org server, handled malformed font files compressed using UNIX compress. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat, unix
advisories | CVE-2011-2895
SHA-256 | 0a67c0ae0cd5513a350ee578c94326bc57a4cd7ae396b3099d3505b6bcbcd181
WhatsApp Status Update / Registration Bypass / Plain Text Protocols
Posted Dec 19, 2011
Authored by G. Wagner | Site sec-consult.com

The WhatsApp tool suffers from arbitrary user status updating, registration bypass and plaintext protocol vulnerabilities.

tags | advisory, arbitrary, vulnerability, protocol
SHA-256 | 0616c7aaaea8c5766787ad6d89a5f5e1a9b8c80dda620060d4f23fe8f25ffa06
WeBaCoo (Web Backdoor Cookie) 0.2
Posted Dec 19, 2011
Authored by Anestis Bechtsoudis | Site github.com

WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.

Changes: Built in Tor proxy support. New random delimiter string for each request. Various other updates.
tags | tool, web, rootkit
systems | unix
SHA-256 | 8e6fe6a513916c776350b0cbff29427e8719a4d3095dfe4fdd3b4ad34e3bde2e
Ubuntu Security Notice USN-1313-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1313-1 - Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4081
SHA-256 | 4435468d54c71dd0bcc743da6fe654def947faedb2fcd749c5c64269c81d3846
SecCommerce SecSigner Java Applet 3.5.0 File Upload
Posted Dec 19, 2011
Authored by Johannes Greil, Elisabeth Demeter | Site sec-consult.com

The SecCommerce SecSigner Java applet version 3.5.0 suffers from a client-side remote arbitrary file upload vulnerability.

tags | advisory, java, remote, arbitrary, file upload
SHA-256 | 5c2fa4abe1884f3a0b572d67e36f2d26b087f7cd52d35a19c40e81c656d3dd40
Ubuntu Security Notice USN-1312-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1312-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4330
SHA-256 | 3aeab52346bf4f6a1ad62c8d618495f6f4e27104c5519860741dab5b42e4dde7
Ubuntu Security Notice USN-1310-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1310-1 - It was discovered that libarchive incorrectly handled certain ISO 9660 image files. If a user were tricked into using a specially crafted ISO 9660 image file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. It was discovered that libarchive incorrectly handled certain tar archive files. If a user were tricked into using a specially crafted tar file, a remote attacker could cause libarchive to crash or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1777, CVE-2011-1778
SHA-256 | bdea7bcb5147618f5647a759a8be6b8260b133e417d0c660c11e3f8aef62f6ff
Debian Security Advisory 2366-1
Posted Dec 19, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2366-1 - Several problems have been discovered in mediawiki, a website engine for collaborative work.

tags | advisory
systems | linux, debian
advisories | CVE-2011-1578, CVE-2011-1579, CVE-2011-1580, CVE-2011-1587, CVE-2011-4360, CVE-2011-4361
SHA-256 | ccb031f863a8654a0610e5409cb9c19e529fd52f0871028b9a316b81212caeb2
Ubuntu Security Notice USN-1311-1
Posted Dec 19, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1311-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326, CVE-2011-4330
SHA-256 | 079875549c90e40e46e8b48124d73c56179b8faa866f9696ddfa6d615846973d
Mandriva Linux Security Advisory 2011-191
Posted Dec 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-191 - A heap-based buffer overflow flaw was discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1778
SHA-256 | 05dca28376bee3ecaa55fc46d066d8da84282221b9756c854a8ed1f09619d503
Time-Based Blind NoSQL Injection
Posted Dec 19, 2011
Authored by Felipe Daragon | Site syhunt.com

This is a brief write up discussing time-based NoSQL injection attacks using javascript.

tags | paper, javascript, sql injection
SHA-256 | 38f29f6bb429406f5f75bcf44692f842d085e1f1bc2d98124da439be4d863cc3
Fifth IFIP Call For Papers
Posted Dec 19, 2011
Site ntms-conf.org

The fifth IFIP International Conference on New Technologies, Mobility and Security Call For Papers has been announced. It will take place from May 7th through the 10th, 2012 in Istanbul, Turkey.

tags | paper, conference
SHA-256 | 25130021c2ea8eb8aa1842b5fe239c462321ca387e930a78502275f10082c334
Gold Coast Web Design SQL Injection
Posted Dec 19, 2011
Authored by AngelParrot

Gold Coast Web Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | db6711970c527db2e9981f731ea5f0e3c00408f918538a1face2bcf27ab2c2a3
Free MP3 Player 1.0 Denial Of Service
Posted Dec 19, 2011
Authored by JaMbA

Free MP3 Player version 1.0 local denial of service exploit that creates a malicious mp3 file.

tags | exploit, denial of service, local
SHA-256 | a8d50ae173920d82786db1c55461ca701b5b672c3a52d83d4da71f924ae15cc9
PHP Booking Calendar 10e Cross Site Scripting
Posted Dec 19, 2011
Authored by G13

PHP Booking Calendar version 10e suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 482251c8f23fc16eb1e5939226f88efda2fbfdaa271fdaa4fb16a327e01775f1
Joomla Dshop SQL Injection
Posted Dec 19, 2011
Authored by CoBRa_21

The Joomla Dshop component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6a52e7d893c2665958898ad01d124ce3ebcaf1af7dd716c0efef90a5caeb521a
Joomla Tsonymf SQL Injection
Posted Dec 19, 2011
Authored by CoBRa_21

The Joomla Tsonymf component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | edeb2f41317dc25b5a733a6517099fc8d1df11868c3c4e62d35efc4912f98155
Mandriva Linux Security Advisory 2011-190
Posted Dec 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-190 - Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1777, CVE-2011-1778
SHA-256 | a7a2d6dcde530878a690f207cdebdc142e5c05f52a50d1abc8a8f87417506924
SASHA 0.2.0 Cross Site Scripting
Posted Dec 19, 2011
Authored by G13

SASHA version 0.2.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8a23db0f5a7f141b2bee4b40873219f743fd2104d3605022a95899f48646cdf6
Microsoft Windows Time Behaviour Remote Use-After-Free
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
systems | windows
SHA-256 | cba9bea32ea67c8da60c966ebfc113a9ade45175f2c308da67602f022e70e159
Microsoft Windows "datime.dll" Remote Code Execution
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
systems | windows
SHA-256 | 363771ff8fedc0e7c3eb4df5ff9a4fe0bc4f64c4b34e44157b5e85bbbd053e8e
Microsoft Windows Media Player DVR-MS Buffer Overflow
Posted Dec 19, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows Media Player. The vulnerability is caused by a buffer overflow error in the XDSCodec & Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player when processing certain fields within a DVR-MS (Digital Video Recording) file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page or a malicious ".dvr-ms" media file.

tags | advisory, remote, web, overflow
systems | windows
SHA-256 | abe71c0175b7a06c7b13a1c8e877a119177040e1b36f365f7231fe6642d78a92
Adobe Flash Player "SAlign" Memory Corruption
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.

tags | advisory, remote, web, activex
advisories | CVE-2011-2459
SHA-256 | 10561391d54ae2a2a00c408b11bdbca9246b41da1060d29b93367e7f6c836d46
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close