what you don't know can hurt you
Showing 1 - 25 of 42 RSS Feed

Files Date: 2012-07-31

Ubuntu Security Notice USN-1521-1
Posted Jul 31, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1521-1 - Chamal De Silva discovered that the IcedTea-Web Java web browser plugin could dereference an uninitialized pointer. A remote attacker could use this to craft a malicious web page that could cause a denial of service by crashing the web browser or possibly execute arbitrary code. Steven Bergom and others discovered that the IcedTea-Web Java web browser plugin assumed that all strings provided by browsers are NULL terminated, which is not guaranteed by the NPAPI (Netscape Plugin Application Programming Interface). A remote attacker could use this to craft a malicious Java applet that could cause a denial of service by crashing the web browser, expose sensitive information or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, java, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3422, CVE-2012-3423, CVE-2012-3422, CVE-2012-3423
SHA-256 | 501fee417fe6ba2b16a422f5cde669441ffad8611bba304f314fbdf49e7846e3
Red Hat Security Advisory 2012-1130-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1130-01 - The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Red Hat Enterprise Linux. A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest could use this flaw to create a crafted kernel image that, when attempting to boot it, could result in an out-of-memory condition in the privileged domain.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2012-2625
SHA-256 | 42dc7fc7f4242c34b5fee2c87659f3b6aa1715f04f6efce9032ba41dce31257a
Red Hat Security Advisory 2012-1132-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1132-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. An uninitialized pointer use flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could possibly cause a web browser using the IcedTea-Web plug-in to crash, disclose a portion of its memory, or execute arbitrary code. It was discovered that the IcedTea-Web plug-in incorrectly assumed all strings received from the browser were NUL terminated. When using the plug-in with a web browser that does not NUL terminate strings, visiting a web page containing a Java applet could possibly cause the browser to crash, disclose a portion of its memory, or execute arbitrary code.

tags | advisory, java, web, arbitrary
systems | linux, redhat
advisories | CVE-2012-3422, CVE-2012-3423
SHA-256 | a5d84dba4b2247a80c32799c231d8fc28d3b015060f969744e150eb90894b4b2
Red Hat Security Advisory 2012-1131-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1131-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. An uninitialized pointer use flaw was found in the way the MIT Kerberos KDC handled initial authentication requests. A remote, unauthenticated attacker could use this flaw to crash the KDC via a specially-crafted AS-REQ request. A NULL pointer dereference flaw was found in the MIT Kerberos administration daemon, kadmind. A Kerberos administrator who has the "create" privilege could use this flaw to crash kadmind.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-1013, CVE-2012-1015
SHA-256 | fc644b1cb9cf0a8750b9b22679610ad70952fe4b170e2844397d3cea0bd64a5a
Red Hat Security Advisory 2012-1129-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1129-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2011-1083, CVE-2012-2744
SHA-256 | 6c0b4a58bbe502f34d3cdba3053094775341e381fd60d5e809bd0de7e804b918
Ubuntu Security Notice USN-1520-1
Posted Jul 31, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1520-1 - Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could free an uninitialized pointer when handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. Emmanuel Bouillon discovered that the MIT krb5 Key Distribution Center (KDC) daemon could dereference an uninitialized pointer while handling a malformed AS-REQ message. A remote unauthenticated attacker could use this to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-1015, CVE-2012-1014, CVE-2012-1013, CVE-2012-1012, CVE-2012-1012, CVE-2012-1013, CVE-2012-1014, CVE-2012-1015
SHA-256 | 230d2bccf2e221f779ebacf8edcc34a5fd7d0176f42f3af106b6b41e010163fd
Red Hat Security Advisory 2012-1125-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1125-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. This release of JBoss Enterprise SOA Platform 5.3.0 serves as a replacement for JBoss Enterprise SOA Platform 5.2.0. It includes various bug fixes and enhancements which are detailed in the JBoss Enterprise SOA Platform 5.3.0 Release Notes.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-3506, CVE-2011-3517, CVE-2011-4605, CVE-2011-4838, CVE-2012-0079, CVE-2012-0818, CVE-2012-2377
SHA-256 | b8d763d67a55bbd9739b6389ec7a18b563c208224d53204c1a9cca5f0d61037e
pBot Remote Code Execution
Posted Jul 31, 2012
Authored by bwall

This perl script attacks pBot by leveraging a hidden .eval command to delete and kill the bot.

tags | exploit, perl
SHA-256 | 19d0cd2419b1ba8636cb8720f58807484e2cd5fe55c43028edb94c4dfbfc419f
Limny 3.3.1 Blind SQL Injection
Posted Jul 31, 2012
Authored by L0n3ly-H34rT

Limny version 3.3.1 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | afe1728c22b27e47b419699f63dbddefc56b99cc5a392d1aa6cf7d85188cf1ef
Arora 0.10.0 Windows Qt 4.5.3 XSS / Denial Of Service
Posted Jul 31, 2012
Authored by Lostmon | Site lostmon.blogspot.com

Arora version 0.10.0 with Windows Qt 4.5.3 suffers from cross site scripting and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
systems | windows
SHA-256 | 418fbd0402132cfbdaaa90d41a9d3c5238d1cebdaed4fc5ee7aecbc4333d37fa
Secunia Security Advisory 45299
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | windows
SHA-256 | 07d58c8854e7f3255cc40544ea9e0bbfc67f592ba11f516d1ed5f2d4697aa452
Secunia Security Advisory 50073
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 7de256b024c9b60822698f9eba0d0f63e7593cfe90fc35e3d7a1038e34ffa08e
Secunia Security Advisory 50113
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, suse
SHA-256 | e98c080a38b886135728ae0d267f316a3e83e46d10581cf165ef148e90b9d970
Secunia Security Advisory 50002
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ipswitch WhatsUp Gold, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | d608b62cbeace30a1b81b60edce36f6ef49cf2f75e03dd19ef5654f953051769
Secunia Security Advisory 50053
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 2f50abd6cbd957060f39a5165ca9746a52b4236ce6cd5622d6074fa80683ea4e
Secunia Security Advisory 50115
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in some Siemens SIMATIC S7-400 products, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 7e6de2ddf3fb5ed462927c692e3498ebfefceb678564ff4a79eebd1f01044e88
Secunia Security Advisory 50016
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Simple Video Flash Player for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 9df20f91497034cf913395b05a7fb43d08018c030260a70ebd99396fa8c979e2
Red Hat Security Advisory 2012-1123-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1123-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An uninitialized data structure use flaw was found in BIND when DNSSEC validation was enabled. A remote attacker able to send a large number of queries to a DNSSEC validating BIND resolver could use this flaw to cause it to exit unexpectedly with an assertion failure. Users of bind are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2012-3817
SHA-256 | d67eb1d04442b76dec0ff69b83fdb0f30a725174eb0d94f934f1d7da947fb2e9
Red Hat Security Advisory 2012-1122-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1122-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. An uninitialized data structure use flaw was found in BIND when DNSSEC validation was enabled. A remote attacker able to send a large number of queries to a DNSSEC validating BIND resolver could use this flaw to cause it to exit unexpectedly with an assertion failure. Users of bind97 are advised to upgrade to these updated packages, which correct this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2012-3817
SHA-256 | bc3bb796ff58730e45372a3e38552b96f6be5def156cd38934dca68b517bfc15
Secunia Security Advisory 50095
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in SocialEngine, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | a97ca29acf0391a400db8256682379a894ac51298a22a1e4838fbd6c2fa0892f
Secunia Security Advisory 50057
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for bind97. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 0920cbe6ef2320aa0cdc3b02f1585076e3d63f31f75ee622e6c5512995dbfcc8
Secunia Security Advisory 50114
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LedgerSMB, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | fd192c27c1a662c3c39472fc60c7ce046c6de1f5d8d69b9e0bf62ba894f90934
Secunia Security Advisory 50079
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matt Andreko has discovered a vulnerability in Sysax Multi Server, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | 71fe00730c13e486b11af93f71da030e282f264f8d07e2095ab2d8eaaf66fbbf
Secunia Security Advisory 50069
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in IBM Rational Directory Server, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 81d8fa4b238559d713ead309f268dca7c154ced8fef132a7488b38bcd2c022da
Secunia Security Advisory 50022
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Ushahidi, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 99a8f203d06f8c164f18a7097ffea0575a473da502c270efe5c79dacfd5a7671
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close