what you don't know can hurt you
Showing 1 - 25 of 26 RSS Feed

Files Date: 2012-05-24

Debian Security Advisory 2480-1
Posted May 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2480-1 - Several vulnerabilities were discovered in Request Tracker, an issue tracking system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-2082, CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458, CVE-2011-4459, CVE-2011-4460
MD5 | 91cf3c458efc7119cf62e3311412f636
Social Engine 4.2.2 Cross Site Request Forgery / Cross Site Scripting
Posted May 24, 2012
Authored by Tiago Natel de Moura

Social Engine version 4.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2012-2216
MD5 | 46affb7ec997a27515c12a50d78d65f6
Apache Commons Compress / Apache Ant Denial Of Service
Posted May 24, 2012
Authored by David Jorm

Apache Commons Compress versions 1.0 through 1.4 and Apache Ant versions 1.5 through 1.8.3 suffer from a denial of service vulnerability. The bzip2 compressing streams in Apache Commons Compress and Apache Ant internally use sorting algorithms with unacceptable worst-case performance on very repetitive inputs. A specially crafted input to Compress' BZip2CompressorOutputStream or Ant's <bzip2> task can be used to make the process spend a very long time while using up all available processing time effectively leading to a denial of service.

tags | advisory, denial of service
advisories | CVE-2012-2098
MD5 | 17555b0ed05795db50cf85fee87064ec
EMC AutoStart Multiple Buffer Overflows
Posted May 24, 2012
Site emc.com

EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2012-0409
MD5 | fb1561d446cdadd9b434d1682bdede11
Mandriva Linux Security Advisory 2012-081
Posted May 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-081 - Security issues were identified and fixed in mozilla firefox. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. Various other issues have also been addressed.

tags | advisory
systems | linux, windows, mandriva, vista, 7
advisories | CVE-2012-0468, CVE-2012-0467, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2012-0479
MD5 | 1b834a8034e8e9eb2a5c612ce032d3ce
Uncovering ZeroDays And Advanced Fuzzing
Posted May 24, 2012
Authored by Kingcope

This is a presentation called Uncovering ZeroDays and Advanced Fuzzing. It has one PDF of the presentation and one of the full script used during the presentation. This was presented at AthCon 2012.

tags | paper
systems | linux
MD5 | 8812c3bbcb41fdcdf442c0a5cee60b06
Wireshark DIAMETER Denial Of Service
Posted May 24, 2012
Authored by Wireshark

Wireshark versions 1.4.0 through 1.4.12 and 1.6.0 through 1.6.7 suffer from a DIAMETER dissector denial of service vulnerability.

tags | exploit, denial of service
systems | linux
MD5 | d94ce6017c8d48224a7a09c0a77c7c0e
Wireshark Dissector Denial Of Service
Posted May 24, 2012
Authored by Laurent Butti

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from multiple dissector related denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | linux
MD5 | b69533c3c9d8a81ed6f166ce32f3088d
Wireshark Misaligned Memory Denial Of Service
Posted May 24, 2012
Authored by Klaus Heckelmann

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from a misaligned memory denial of service vulnerability.

tags | exploit, denial of service
systems | linux
advisories | CVE-2012-2394
MD5 | e44a652926a9f450c49f6ecbc1a0cd3c
Jaow 2.4.5 Blind SQL Injection
Posted May 24, 2012
Authored by kallimero

Jaow versions 2.4.5 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6e6b513afde6050a95045e553840c8c1
bsnes 0.87 Denial Of Service
Posted May 24, 2012
Authored by Pr0T3cT10n

bsnes version 0.87 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | e1b422d8ffa4c0e558e83d2d33d761f7
Mandriva Linux Security Advisory 2012-080
Posted May 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory
systems | linux, mandriva
MD5 | c74ea7a4613c2f33de2b3617a94f24e7
Mobius Forensic Toolkit 0.5.13
Posted May 24, 2012
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: This release adds support for Skype 5.x log files (main.db), makes the Hive extension show Protected Storage as a subtree under the PSSP registry key, and adds an Internet Explorer Autocomplete report.
tags | tool, python, forensics
systems | unix
MD5 | 33930047d029b619ec2ceb1db936c20a
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Posted May 24, 2012
Site metasploit.com

This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.

tags | exploit, arbitrary, code execution
systems | windows, xp
advisories | CVE-2008-0320, OSVDB-44472
MD5 | c768b9282de90ed20180d7ae12452941
appRain CMF Arbitrary PHP File Upload Vulnerability
Posted May 24, 2012
Authored by EgiX, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in appRain's Content Management Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php file, a malicious user can upload a file to the uploads/ directory without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2012-1153, OSVDB-78473
MD5 | 326c66024ed2135e3da4e6dab3059464
Red Hat Security Advisory 2012-0688-01
Posted May 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2012-0779
MD5 | 303bfd8a63a2f5011bc9e38379b9414c
Debian Security Advisory 2479-1
Posted May 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2479-1 - Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2011-3102
MD5 | 9282bb237d5b7b043dfa59345223b853
Debian Security Advisory 2478-1
Posted May 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2478-1 - It was discovered that sudo misparsed network masks used in Host and Host_List stanzas. This allowed the execution of commands on hosts, where the user would not be allowed to run the specified command.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2337
MD5 | 0fb35332f786e3a43d2bfaed445f35b4
Ubuntu Security Notice USN-1450-1
Posted May 24, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1450-1 - It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-2141
MD5 | fc7e4c8b3d02e35280c65897ee9c5736
Secunia Security Advisory 49285
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Quickr for Domino, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 76f2ee5fd9d9da4d3d010433390350b8
Secunia Security Advisory 49266
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Jaow CMS, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 31b172d5abed047580788d18a2459847
Secunia Security Advisory 49243
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, debian
MD5 | aae8916f7b49d081cd0d88caa37466f5
Secunia Security Advisory 49191
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
MD5 | 7fc60c457daee5125db7f563b684dcee
Secunia Security Advisory 49238
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Taxonomy List module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 2f08acccc054ac43da832b8ea4625891
Secunia Security Advisory 49244
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, debian
MD5 | 8dc4488111930a690046e8cd56a07d0d
Page 1 of 2
Back12Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    37 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close