what you don't know can hurt you
Showing 1 - 25 of 40 RSS Feed

Files Date: 2012-01-11

Ubuntu Security Notice USN-1324-1
Posted Jan 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1324-1 - Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-2203, CVE-2011-4110
SHA-256 | d420c99ad9073f66940dc2a85179ec22b6dba31a4fecd425a05aece2638c6108
Ubuntu Security Notice USN-1325-1
Posted Jan 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1325-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-2203, CVE-2011-3353, CVE-2011-3359, CVE-2011-4110
SHA-256 | b1e4fd303c32ef48c4707df2951a82c4d83d018bba184fef1cde1f4a96af3ce5
Ubuntu Security Notice USN-1323-1
Posted Jan 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1323-1 - Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. A flaw was found in the b43 driver in the Linux kernel. An attacker could use this flaw to cause a denial of service if the system has an active wireless interface using the b43 driver. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-1162, CVE-2011-2203, CVE-2011-3359, CVE-2011-4110
SHA-256 | 57d1e72bcd7f0d58ab6553abd5907550d017fe5eb7fd3c40984523dffc29c119
Ubuntu Security Notice USN-1326-1
Posted Jan 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1326-1 - Nachi Ueno, Rohit Karajgi, and Venkatesan Ravikumar discovered that when Nova is configured to use the OpenStack API, it would not correctly enforce access controls on certain incoming requests. A remote authenticated attacker could exploit this to change resources of arbitrary tenants.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0030
SHA-256 | a768674e4752957572324743e01989fa9359ffbb82d310887b7656cbadb1d11a
RhoneWeb Cross Site Scripting
Posted Jan 11, 2012
Authored by 3spi0n

RhoneWeb suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2dcdf34ab2a59dfddb2ef83b4778520c366df4870660f45f375f04f05d21fea1
Secunia Security Advisory 47494
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.

tags | advisory, denial of service, vulnerability
SHA-256 | 42e05317fb966108e81266f0add820e8eaf3737c8ab61585334ce36f77ab11f2
Debian Security Advisory 2385-1
Posted Jan 11, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2385-1 - Ray Morris discovered that the PowerDNS authoritative sever responds to response packets. An attacker who can spoof the source address of IP packets can cause an endless packet loop between a PowerDNS authoritative server and another DNS server, leading to a denial of service.

tags | advisory, denial of service, spoof
systems | linux, debian
advisories | CVE-2012-0206
SHA-256 | 1af26261bd274f8a9c3d3be7ef287921f0c64debe3c1e32e36a9b3ed81c1b88b
Technical Cyber Security Alert 2012-10A
Posted Jan 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-10A - There are multiple vulnerabilities in Microsoft Windows and Microsoft Developer Tools and Software. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
systems | windows
SHA-256 | c9404ef20e1ea85a0199a296f3fc29a86450d8d3d82704ffccd9b3af577075ac
Zero Day Initiative Advisory 12-011
Posted Jan 11, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-011 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is not required to exploit this vulnerability. The flaw exists within the xnfs.nlm component which is used when handling NFS RPC requests. This process listens on UDP port 32779. When decoding the xdr encoded caller_name from an NLM_TEST procedure request the process uses the user supplied length as the bounds for its copy to a stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the system.

tags | advisory, remote, arbitrary, udp
SHA-256 | d0adfe915bdb4b5bd2f689ec61bba1dc633e2e638512cfdc80cb4f56d5f54ac1
Red Hat Security Advisory 2012-0011-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0011-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes two security flaws in Adobe Reader. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.7, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-2462, CVE-2011-4369
SHA-256 | 0e0748d35296ccc43f5ab63bf2c3fd23ea3d8079e013538c983a3adfd992bdcd
Red Hat Security Advisory 2012-0010-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0010-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted. The way fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload functionality on were handled could allow a remote attacker to cause a denial of service.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2011-1162, CVE-2011-2494, CVE-2011-2723, CVE-2011-2898, CVE-2011-3188, CVE-2011-3191, CVE-2011-3353, CVE-2011-3359, CVE-2011-3363, CVE-2011-3637, CVE-2011-4081, CVE-2011-4110, CVE-2011-4132, CVE-2011-4326
SHA-256 | 557893d6076de010f89965257f12c763df4474c60b2d096db7dea8c57ede5c1e
Zero Day Initiative Advisory 12-010
Posted Jan 11, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-010 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Citrix Provisioning Services. Authentication is not required to exploit this vulnerability. The flaw exists within the streamprocess.exe component. This process listens on UDP port 6905. When handling a request type 0x40020006 the process uses the user supplied length in an attempted bounds check before copying to a local stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of SYSTEM.

tags | advisory, remote, arbitrary, local, udp
SHA-256 | 6639c55c3938be7dce15b82072912ddf54486e00c1edb624e9e193ff0395441b
Microsoft Security Bulletin Summary For January 2012
Posted Jan 11, 2012
Site microsoft.com

This bulletin summary lists 7 Microsoft security bulletins released for January, 2012.

tags | advisory
SHA-256 | a2f94a7a869562539d7be56f4ef081c382a5176690963900a45d6f76b4942eed
Red Hat Security Advisory 2012-0007-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0007-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-1020, CVE-2011-3637, CVE-2011-4077, CVE-2011-4132, CVE-2011-4324, CVE-2011-4325, CVE-2011-4330, CVE-2011-4348
SHA-256 | 14cc28a3df69b8e6b2fc6473a6b5dacebe7c4ddbba6984ec740c93d61e9322db
Zero Day Initiative Advisory 12-009
Posted Jan 11, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-09 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Citrix Provisioning Services. Authentication is not required to exploit this vulnerability. The flaw exists within the streamprocess.exe component. This process listens on UDP port 6905. When handling a request type 0x40020000 the process uses the user supplied length in an attempted bounds check before copying to a local stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of SYSTEM.

tags | advisory, remote, arbitrary, local, udp
SHA-256 | 0255a4f2ef8b6316653251eeaf16b8b505a0a21c681598db533064319b5b09bd
Reverse Engineering SEHOP Chain Validation
Posted Jan 11, 2012
Authored by x90c

This proof of concept reverse engineering code demonstrates SEHOP chain validation.

tags | exploit, proof of concept
SHA-256 | e333c142682d7f51d57c80a04d7397a465c342670021b893a2ad3c2f1ef6da5b
SafeSEH+SEHOP All-At-Once Bypass Exploitation Method Principles
Posted Jan 11, 2012

Whitepaper called SafeSEH+SEHOP all-at-once bypass exploitation method principles.

tags | paper
SHA-256 | 209ec6ec9584ba32640f53ad2c68e710468e453169d11ebbd3a1605912e0684a
Giveaway Manager 3 Cross Site Scripting
Posted Jan 11, 2012
Authored by Am!r, H4ckCity Security Team | Site irist.ir

Giveaway Manager version 3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 83699a03d09f9c6ee6b5598503afb39e85c05b8bd5a78c8a06abd67361cc3add
Buffer Overflows: Anatomy Of An Exploit
Posted Jan 11, 2012
Authored by Joshua Hulse

Whitepaper called Buffer Overflows: Anatomy of an Exploit. A look at how systems are exploited and why these exploits exist.

tags | paper, overflow
SHA-256 | d5a0653a937271a349afae80c0cfe39ae9f07b8b49348b5380f6d83a8f5fe510
Secunia Security Advisory 47491
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in SimpleSAMLphp, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 47678fad5d00de27a5aec416e06011b6a9cb05b6cfca70c7977c8bdfff7ab8a1
Secunia Security Advisory 45166
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability, activex
SHA-256 | 5a0bf7c4dc4475cb359176df4b7139e7e02f704e20a1c2650c326eadf6978001
Secunia Security Advisory 47489
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for pdns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | abe7a5bdb947e497f069ffe8c46bbaa575b4d477fdaf39d392e79ca2b80ac3c5
Secunia Security Advisory 47495
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PowerDNS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 7e1295660f1400ca82d4a62fce8deb0265c8fd4a7488bd8d3a2c5a0a4e062f2a
Secunia Security Advisory 47502
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux. This fixes a weakness and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | 89f23d1bec88a2653f9e3012de30ea1f33e119e22a6e72ccfc7987c90f2900b5
Secunia Security Advisory 47503
Posted Jan 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Blue Coat has acknowledged multiple weaknesses, security issues and vulnerabilities in Blue Coat IntelligenceCenter, which can be exploited by malicious, local users to disclose sensitive information and bypass certain security restrictions, by malicious users to disclose sensitive information, bypass certain security restrictions, manipulate certain data, gain escalated privileges, cause a DoS (Denial of Service), and compromise a vulnerable system, and by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, spoof, vulnerability, xss
SHA-256 | 977c4a5176ac01e92709c0c97ba7825d520925c0810462dfdb2d7219891e0262
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close