what you don't know can hurt you
Showing 1 - 25 of 34 RSS Feed

Files Date: 2012-02-13

FASM AES Implementation 1.0
Posted Feb 13, 2012
Authored by belial | Site nullsecurity.net

This is an AES-128, AES-192 and AES-256 implementation for FASM. It uses the x86 32-bit instruction set and operates completely on the stack. No additional data segments are necessary which makes it easy to integrate the AES functions in any existing project. The implementation is not optimized for speed but for easy maintainability.

tags | x86, encryption
systems | unix
MD5 | 759cb6bc3f28cfe7283ccfa82e27c444
Worstpreviews SQL Injection
Posted Feb 13, 2012
Authored by Th4 MasK

Worstpreviews suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2135431eacbadd8f07dc8e39d9f3121d
EditWRX CMS Remote Code Execution
Posted Feb 13, 2012
Authored by chippy1337

EditWRX CMS suffers from a remote code execution vulnerability due to a mishandling of data passed to open().

tags | exploit, remote, code execution
MD5 | 699f214ce4bd4c490dad7a30ed840a34
Skype 5.x.x Information Disclosure
Posted Feb 13, 2012

Even if a user has their security settings with no history enabled, Skype 5.x.x fails to securely remove chat messages stored in the sqlite3 database.

tags | exploit, info disclosure
MD5 | c4d32e6a422eb5b37e409613e6b14f8e
Weibo.com Cross Site Scripting
Posted Feb 13, 2012
Authored by Yuping Li

Weibo.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 214c7683facfadc5aade2d004dfaf0bd
Red Hat Security Advisory 2012-0126-01
Posted Feb 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0126-01 - The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2009-5029, CVE-2009-5064, CVE-2010-0830, CVE-2011-1089, CVE-2011-4609
MD5 | 04aac618203b70bf0f18fb8d24c46efc
Red Hat Security Advisory 2012-0128-01
Posted Feb 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0128-01 - The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially-crafted URI. The httpd server included the full HTTP header line in the default error page generated when receiving an excessively long or malformed header. Malicious JavaScript running in the server's domain context could use this flaw to gain access to httpOnly cookies.

tags | advisory, web, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2011-3607, CVE-2011-3639, CVE-2011-4317, CVE-2012-0031, CVE-2012-0053
MD5 | ce67abb6802590c6f0b99d3695455e2c
Red Hat Security Advisory 2012-0125-01
Posted Feb 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0125-01 - The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2009-5029, CVE-2009-5064, CVE-2010-0296, CVE-2010-0830, CVE-2011-1071, CVE-2011-1089, CVE-2011-1095, CVE-2011-1659, CVE-2011-4609
MD5 | 864ed57afca2c884fc017d61f81beecf
Red Hat Security Advisory 2012-0127-01
Posted Feb 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0127-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. This update fixes several vulnerabilities in the MySQL database server. These updated packages upgrade MySQL to version 5.0.95.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0114, CVE-2012-0484, CVE-2012-0490
MD5 | 1372a5828d5ed19753f5897c86faba07
Slackware Security Advisory - glibc Updates
Posted Feb 13, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New glibc packages are available for Slackware 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2009-5029
MD5 | 0dfad9230759393a2e6b425a59df2fd1
Slackware Security Advisory - php Updates
Posted Feb 13, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2012-0830
MD5 | 91ba3488deec5dce7eccf25bba3dc38b
Slackware Security Advisory - httpd Updates
Posted Feb 13, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. The apr-util package has also been updated to the latest version.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
MD5 | d61005b7a9566d651c56b41407ab7467
Ubuntu Security Notice USN-1359-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1359-1 - It was discovered that Tomcat incorrectly performed certain caching and recycling operations. A remote attacker could use this flaw to obtain read access to IP address and HTTP header information in certain cases. This issue only applied to Ubuntu 11.10. It was discovered that Tomcat computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. A remote attacker could cause a denial of service by sending many crafted parameters. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2011-3375, CVE-2011-4858, CVE-2012-0022, CVE-2011-3375, CVE-2011-4858, CVE-2012-0022
MD5 | 3ea378aa2d14bd07f4ba62946f58cce1
Ubuntu Security Notice USN-1364-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1364-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207, CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207
MD5 | 81c901a7230d414992297f7d2373c766
Ubuntu Security Notice USN-1363-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1363-1 - A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207, CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207
MD5 | 5272d68bea7e1475f014348307a446fd
Debian Security Advisory 2408-1
Posted Feb 13, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2408-1 - Several vulnerabilities have been discovered in PHP, the web scripting language.

tags | advisory, web, php, vulnerability
systems | linux, debian
advisories | CVE-2011-1072, CVE-2011-4153, CVE-2012-0781, CVE-2012-0788, CVE-2012-0831
MD5 | 30572e2d3b9b0da8c4758495a306b3fe
Ubuntu Security Notice USN-1362-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1362-1 - Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-3353, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044, CVE-2011-3353, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044
MD5 | c8bd4f245aecf49a5f4e2269db3087ad
Ubuntu Security Notice USN-1361-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1361-1 - Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-3353, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044, CVE-2011-3353, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044
MD5 | fa193661ffe5a12b89efc1f4e8c772b7
Ubuntu Security Notice USN-1358-2
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1358-2 - USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magic_quotes_gpc setting was not correctly reflected when calling the ini_get() function. Various other issues were also addressed.

tags | advisory, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0831, CVE-2011-4885, CVE-2012-0830, CVE-2011-4153, CVE-2012-0057, CVE-2012-0788, CVE-2012-0831, CVE-2011-0441
MD5 | afb798bff046c3e88238eb395ad62b28
Ubuntu Security Notice USN-1360-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1360-1 - Andrew McCreight and Olli Pettay discovered a use-after-free vulnerability in the XBL bindings. An attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-0452, CVE-2012-0452
MD5 | a9fb128e7008b88b8da7f2f72a143016
Secunia Security Advisory 47935
Posted Feb 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Zero Install, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 2fb4fe1b84c83eb62c21e58dab66bc13
Secunia Security Advisory 48017
Posted Feb 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for proftpd. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
systems | linux, slackware
MD5 | 9e66a526b0a88175a9846e64e1c19a14
Secunia Security Advisory 47948
Posted Feb 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in PBBoard, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 566bb5ab7f2920a78534452471dee633
Secunia Security Advisory 48021
Posted Feb 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in NetSurf, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
MD5 | ff2e75d8e02a2c3406255b4bea7a682a
Secunia Security Advisory 47798
Posted Feb 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported a vulnerability in D-Link DAP-1150, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | f6ce2565ff09200b6ec2c27b99f19420
Page 1 of 2
Back12Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    17 Files
  • 20
    Nov 20th
    15 Files
  • 21
    Nov 21st
    10 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close