what you don't know can hurt you
Showing 1 - 25 of 37 RSS Feed

Files Date: 2013-02-12

Microsoft Security Bulletin Summary For February, 2013
Posted Feb 12, 2013
Site microsoft.com

This bulletin summary lists 12 released Microsoft security bulletins for February, 2013.

tags | advisory
SHA-256 | ca4f180fcc30f1a0c1312bb662c5ff4944c9af058711a83d03b97cbe6ff25737
BlackNova Traders SQL Injection
Posted Feb 12, 2013
Authored by ITTIHACK

BlackNova Traders, a web-based game similar to the BBS game TradeWars, suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 28605edf410233103f0f7af8034f289dd39d1d7fabc070d6319ec0488810bf6c
strongSwan IPsec Implementation 5.0.2
Posted Feb 12, 2013
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The strongSwan Trusted Network Connect functionality supports all IETF Standard PA-TNC attributes and a new OS IMC/IMV pair using these attributes to transfer Linux or Android operating system information. Interoperability with Windows XP has been improved by supporting PKCS#7 certificate containers and legacy NAT traversal protocols. The test framework has been migrated from User Mode Linux to KVM, making it faster and more robust.
tags | tool, encryption, protocol
systems | linux, unix, freebsd, apple, osx
SHA-256 | d46f91e8a8f6bd9102156d1ee6efb61bd15b3a8b8b5c619bc91c1c61474727b6
Red Hat Security Advisory 2013-0253-01
Posted Feb 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0253-01 - The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and Policy services. It was found that an excessive amount of information was logged when invalid tokens were requested, resulting in large log files. An attacker could use this flaw to consume an excessive amount of disk space by requesting a large number of invalid tokens. The CVE-2013-0247 issue was discovered by Dan Prince of Red Hat.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2013-0247
SHA-256 | 3609debda144b85ffbeb2e910d12baa8f24886fd4bf2b73e852a613dada75eb1
Ubuntu Security Notice USN-1716-1
Posted Feb 12, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1716-1 - It was discovered that gnome-screensaver did not start automatically after logging in. This may result in the screen not being automatically locked after the inactivity timeout is reached, permitting an attacker with physical access to gain access to an unlocked session.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-1050
SHA-256 | c2a128c3f51b44d4c83326e6592e43fa51214b47348406805d460874c5902ba7
Ubuntu Security Notice USN-1717-1
Posted Feb 12, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1717-1 - Sumit Soni discovered that PostgreSQL incorrectly handled calling a certain internal function with invalid arguments. An authenticated attacker could use this issue to cause PostgreSQL to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-0255
SHA-256 | 20cf4f803d114437c08a6861881b9d0d7260a4f3222f7384bb0040444ef5a824
Ubuntu Security Notice USN-1719-1
Posted Feb 12, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1719-1 - It was discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating the origin on Netlink messages. An untrusted local user can cause a denial of service of Linux guests in Hyper-V virtualization environments. Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2669, CVE-2012-4508, CVE-2013-0190, CVE-2012-2669, CVE-2012-4508, CVE-2013-0190
SHA-256 | 6de26ef41062f19fa61e79d4002edf1eee71915e490a7fd9a002c826f84ae65a
Secunia Security Advisory 52147
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VirusScan Enterprise and Host Intrusion Prevention, which can be exploited by malicious, local users to potentially gain escalated privileges.

tags | advisory, local
SHA-256 | 7b050158066c31453c80ebb37f6571a5144f11028aee3494326f8865aaf4bf95
Secunia Security Advisory 52163
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 908c252e9e4c85d926b4ea189e18fa5aa19e4536830d399983ceddc3978dcaef
Secunia Security Advisory 52150
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 5db6bb4c8dea5aaeb9c3f3e8bbab27563200633b4f24cd7256e2411814fb4dbb
Secunia Security Advisory 52122
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 8d996bb5f9d4404e6146182e394f4494a2005b337524497e2a1c7c3f6707b22d
Secunia Security Advisory 52143
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | c86c583fc2f5899875547d8e6356bc5ca526987e28c341d781626d87ea330dc5
Secunia Security Advisory 52136
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft FAST Search Server 2010 for SharePoint, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 6d694a174e316a4fd22309b3a0346e0013f211192808344f1157db0ef360fb82
Secunia Security Advisory 52162
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | windows
SHA-256 | 9856f6722a91178b5c4bd2802c71f64b0d0c0a0f070332760b1700a5a055c840
Secunia Security Advisory 52164
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

tags | advisory, vulnerability
systems | windows
SHA-256 | 1c5db0b63458cadb955529e474231a1a030f04ac0156a146f4ac3a3c80b92f04
Secunia Security Advisory 52166
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player and AIR, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | ef5c229dfc8c9d191724d0c78188027e34f1a64dbe15c12b8876456cfdd264ee
Secunia Security Advisory 52156
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local, vulnerability
systems | windows
SHA-256 | e9bd7d8d1d042882e7f0e41baaaba92bb805622e4b2e6963394119a865874d4d
Secunia Security Advisory 52158
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | windows
SHA-256 | bc1cb1a66861cb01447e1f729a022548895c441cf333e9e15163a6b5861c0cb3
Secunia Security Advisory 52157
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local, vulnerability
systems | windows
SHA-256 | 8580800ae4bda757870fdb5d48db2174cf25daa8caede8ad8890b9eb01387af0
Secunia Security Advisory 52129
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 82a68d048e4bfd25c7f565d1220455b79b5f5b928571b84342f991dd46af773d
Secunia Security Advisory 52138
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | windows
SHA-256 | 5917d54b06aec6a14a258ad2eb2ffa9e6ae65488dc8303dc3126afbc5980279a
Secunia Security Advisory 52148
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gnutls. This fixes a vulnerability, which can be exploited by malicious people to potentially cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 2383e2bf6443f36b67ca12f5a36d7ecb319121023ea637cdc21fa6101b152fad
Bluefog 0.0.4
Posted Feb 12, 2013
Authored by Tom Nardi | Site digifail.com

Bluefog is a tool that can generate an essentially unlimited number of phantom Bluetooth devices. It can be used to test Bluetooth scanning and monitoring systems, make it more difficult for attackers to lock onto your devices, or otherwise complicate the normal operation of Bluetooth devices. Technically, Bluefog can work with just one Bluetooth adapter, but it works much better when you connect multiple adapters. Up to four radios are currently supported simultaneously.

Changes: Improvements to random MAC generation. A "Loiter" mode has been added.
tags | tool, wireless
systems | unix
SHA-256 | e6482eaf54e126116978d4f8508615c1b1bf12c2da74b5d55ef7bf05cb74bde8
Huawei Mobile Partner Poor Permissions
Posted Feb 12, 2013
Authored by Myo Soe

The Huawei Mobile Partner application suffers from having extremely loose access permissions allowing for anyone to replace the files with malicious binaries. Version 23.007.09.00.203 is affected.

tags | exploit
SHA-256 | 293dca6309dc7013be9f809e31e314d539fdfa96c54c16f41c22d76ba79ed4d6
PHP Kit 1.0
Posted Feb 12, 2013
Authored by infodox

PHPkit is a simple PHP based backdoor, leveraging include() and php://input to allow the attacker to execute arbitrary PHP code on the infected server. The actual backdoor contains no suspicious calls such as eval() or system(), as the PHP code is executed in memory by include().

Changes: Code clean up.
tags | tool, arbitrary, php, rootkit
systems | unix
SHA-256 | 9ae6f1db9ff8c94146491368c999d0b4d6a0a9cfe7316a6f72a899025250bf36
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close