ignore security and it'll go away
Showing 1 - 25 of 41 RSS Feed

Files Date: 2012-03-16

Ubuntu Security Notice USN-1400-2
Posted Mar 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1400-2 - USN-1400-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents or steal confidential data. Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered an out of bounds read vulnerability in Firefox's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues were also addressed.

tags | advisory, remote, arbitrary, javascript, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2012-0455, CVE-2012-0457, CVE-2012-0456, CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0462, CVE-2012-0464
MD5 | 64416682ed82a8a223f2643f7de51624
Ubuntu Security Notice USN-1400-1
Posted Mar 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1400-1 - Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents or steal confidential data. Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, remote, arbitrary, javascript, xss
systems | linux, ubuntu
advisories | CVE-2012-0455, CVE-2012-0457, CVE-2012-0456, CVE-2012-0451, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0462, CVE-2012-0464, CVE-2012-0451, CVE-2012-0455, CVE-2012-0457, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0461, CVE-2012-0462, CVE-2012-0464
MD5 | f631a063a403521a010a287cb336184d
Gentoo Linux Security Advisory 201203-18
Posted Mar 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-18 - An insecure temporary file usage has been reported in Minitube, possibly allowing symlink attacks. Versions less than 1.6 are affected.

tags | advisory
systems | linux, gentoo
MD5 | 14d341c679de8b1fd383e86a55e030ea
Gentoo Linux Security Advisory 201203-17
Posted Mar 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-17 - Multiple vulnerabilities have been found in HPLIP, the worst of which may allow execution of arbitrary code. Versions less than 3.11.10 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4267, CVE-2011-2722
MD5 | b626426f5fbaf98c5f5f3af003aa3844
Gentoo Linux Security Advisory 201203-16
Posted Mar 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-16 - Multiple vulnerabilities in ModPlug could result in execution of arbitrary code or Denial of Service. Versions less than 0.8.8.4 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-1574, CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915
MD5 | c762e73bd7115e0a5f0a125f59fd25ff
Gentoo Linux Security Advisory 201203-15
Posted Mar 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-15 - Multiple vulnerabilities have been found in gif2png, the worst of which might allow execution of arbitrary code. Versions less than 2.5.8 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4694, CVE-2010-4695
MD5 | 289b17a2c8685eec5bce25b2719bdd7f
Gentoo Linux Security Advisory 201203-14
Posted Mar 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-14 - Multiple vulnerabilities in Audacious Plugins could result in execution of arbitrary code or Denial of Service. Versions below 3.1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2911, CVE-2011-2912, CVE-2011-2913, CVE-2011-2914, CVE-2011-2915
MD5 | b49467c1ff54240e0b9b246fdec37557
Gentoo Linux Security Advisory 201203-13
Posted Mar 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201203-13 - Multiple vulnerabilities in Openswan may create a Denial of Service condition. Versions less than 2.6.37 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2147, CVE-2011-4073
MD5 | da7d733e046241617e1a8577613ffb4f
Clam Antivirus Toolkit 0.97.4
Posted Mar 16, 2012
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This release includes minor bugfixes, detection improvements, and initial support for on-access scanning under Mac OS X. This update is recommended for all users.
tags | tool, virus
systems | unix
MD5 | dc1e5abc093b11f120e4eac94a7f78aa
Secunia Security Advisory 48387
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VMware vSphere Client, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | d252e3a0a5bef263c31d4c229da2f4fc
Secunia Security Advisory 48419
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for chromium. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 7cfd1c0b0693d70f5996aa2c5bb59844
Secunia Security Advisory 48388
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Quagga, where some have unknown impacts and others can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 5815df6a667e65a4b89e6f7d96134a36
Secunia Security Advisory 48378
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in VMware ESX Server and VMware ESXi, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
MD5 | 1e736e757b92ab97862417447f69144d
Secunia Security Advisory 48441
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for hplip. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to manipulate certain data and by malicious people to compromise a vulnerable system.

tags | advisory, local
systems | linux, gentoo
MD5 | 912f4a56d823d5dd64aa50e4b1ab5c45
Secunia Security Advisory 48444
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has acknowledged multiple vulnerabilities in multiple VMware products, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 66b82b149ab733754b6154580f8e3243
Secunia Security Advisory 48437
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for gif2png. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
MD5 | 8579faec633d06e69d35c0ff778ec793
Secunia Security Advisory 48440
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for minitube. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, gentoo
MD5 | f341ad01bb05a71eaec8e96cd2a5ea80
Secunia Security Advisory 48439
Posted Mar 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for audacious-plugins. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
MD5 | 93d455ca317b7d5673d392d1b0178d4b
lshell 0.9.15.1
Posted Mar 16, 2012
Authored by Ignace Mouzannar | Site lshell.ghantoos.org

lshell lets you restrict a user's shell environment to limited sets of commands, choose to enable or disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restrictions, and more.

Changes: This release corrects a serious bug allowing a user to spawn another shell and get out from the restricted shell.
tags | tool, shell
systems | unix
MD5 | 0a6aca8d5f03b55289c1d3557c1bdc6d
Asterisk Project Security Advisory - AST-2012-003
Posted Mar 16, 2012
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - An attacker attempting to connect to an HTTP session of the Asterisk Manager Interface can send an arbitrarily long string value for HTTP Digest Authentication. This causes a stack buffer overflow, with the possibility of remote code injection.

tags | advisory, remote, web, overflow
MD5 | 397821839758278f437c9b144d3db54f
Asterisk Project Security Advisory - AST-2012-002
Posted Mar 16, 2012
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - Asterisk suffers from an exploitable stack buffer overflow with locally defined data.

tags | advisory, overflow
MD5 | 390b1d4b0c1913fcbd9dff825bf15166
Citrix License Server 11.6.1 Build 10007 CSRF
Posted Mar 16, 2012
Authored by Knud, Rune | Site nsense.fi

Citrix License Server version 11.6.1 build 10007 suffers from cross site request forgery and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, csrf
MD5 | 85f97d5071c893da44c89433201ae0d8
Mobile.free.fr Cross Site Scripting
Posted Mar 16, 2012
Authored by Atmon3r

Mobile.free.fr suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2f855a710c8316cbfc1f0d80308f430f
JPM Article Script 6 SQL Injection
Posted Mar 16, 2012
Authored by the_storm | Site vulnerability-lab.com

JPM Article Script 6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | da8ee548bdeefa5d8f72841f9bbb49ab
Zero Day Initiative Advisory 12-044
Posted Mar 16, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-044 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft's Remote Desktop Protocol. Authentication is not required to exploit this vulnerability. The specific flaw exists during handling of an error while loading elements into an array. This condition can cause the driver to abort a connection and part of the logic of the abort is to free an object associated with it. This will actually occur twice when each of channels are disconnected. The second time this object is freed, the driver will fetch a virtual pointer from the freed object and call it. This can lead to code execution under the context of the driver.

tags | advisory, remote, arbitrary, code execution, protocol
advisories | CVE-2012-0002
MD5 | 102242c8ee254e684a8ce0e801043151
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close