what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files Date: 2005-10-06 to 2005-10-07

Secunia Security Advisory 15745
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in Webroot Desktop Firewall, which can be exploited by malicious, local users to gain escalated privileges or bypass certain security restrictions.

tags | advisory, local, vulnerability
SHA-256 | 9f53939db942acae7d3c9f70213ae298eb4855057ca9ad097844a58c1fa0bdeb
Secunia Security Advisory 16852
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in various HAURI anti-virus products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, virus
SHA-256 | fd54b3fe7a89bedebaa6c55605875e577b537df6e435a49255fc2b743de6ae18
Secunia Security Advisory 17055
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, php, vulnerability, sql injection
SHA-256 | 98432a2a29430319759cf8df521047634b50c0a802ea0b69ca8da54e183eea58
Secunia Security Advisory 17064
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Laszlo Toth has discovered a security issue in Windows XP, which can be exploited by malicious, local users to gain access to certain sensitive information.

tags | advisory, local
systems | windows
SHA-256 | d620fa514513f2e4bc103e123f953fcb8e1317ba0aaccb513dba99a19da5dbd3
Secunia Security Advisory 17071
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tom Ferris has discovered a weakness in Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e12638a11c49d2f265912c0893562589db2aeadae6dfa59654c3dbfe03e5b6b8
Secunia Security Advisory 17074
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | e56716359e69675f452db39ec4c64492388bdb2537f50dc575801d005a72b28e
Secunia Security Advisory 17075
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Hiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 73b5e61253a0144d0a6faa55a5eaa34790b4e4b6f3802cb734ee1236a3726e30
Secunia Security Advisory 17078
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Donnie Werner has reported two vulnerabilities in Tellme, which can be exploited by malicious people to conduct cross-site scripting attacks or disclose certain system information.

tags | advisory, vulnerability, xss
SHA-256 | bde9d26e3d13f47a71e9aeef77f773a053b0025b1df42b825a3a36ebca6039ca
Secunia Security Advisory 17082
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Defa has reported a vulnerability in the Additional Images module for osCommerce, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 5aca21c173c629a002b37ca8a2292970a7a692f18c0425187696eb8b8755743c
Secunia Security Advisory 17084
Posted Oct 6, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mason. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, debian
SHA-256 | 07d8077db2bd076bafe97049f9bff1cb7e4807ef07d355bdaeb4fd72b950b34c
dietsniff-0.2a.tar.gz
Posted Oct 6, 2005
Authored by Hynek Schlawack | Site ularx.de

dietsniff is a tiny tool for analyzing traffic on a network. It is not intended to replace well-known tools like tcpdump or ethereal. It is intended for the case when a small and especially static sniffer is required. Accordingly, it is also by far not that powerful, and is also bound to Linux as a platform.

Changes: Bug fix release.
tags | tool, sniffer
systems | linux
SHA-256 | 35abce5f6f8ce8d5a6c0a4d6da390156fc91e9fca47e9de4c53bc0bacd76da82
prozilla.c
Posted Oct 6, 2005

ProZilla versions 1.3.7.4 and below ftpsearch results handling client-side buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2005-2961
SHA-256 | 38a4ad22cee290ee9af6ec0eb1a39417ce825b8b8606b04d60e0ab093c3a4c8e
Exploit Labs Security Advisory 2005.15
Posted Oct 6, 2005
Authored by Donnie Werner, Exploit Labs | Site exploitlabs.com

TellMe versions 1.2 and below are susceptible to cross site scripting attacks.

tags | exploit, xss
SHA-256 | e0d8d19326916e2fc873564e971c288d15bf3ace0da18692fdb232e9bac8d1fb
secunia-ALZip.txt
Posted Oct 6, 2005
Authored by Tan Chew Keong | Site secunia.com

Secunia Research has discovered a vulnerability in ALZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to multiple boundary errors when reading the filename of a compressed file from ALZ, ARJ, ZIP, UUE or XXE archives. This can be exploited to cause a stack-based buffer overflow (ALZ), or a heap-based buffer overflow (ARJ / ZIP / UUE / XXE). Successful exploitation allows execution of arbitrary code when a malicious ALZ / ARJ archive is opened, or when a ZIP / UUE / XXE archive is extracted.

tags | advisory, overflow, arbitrary, xxe
SHA-256 | bffe2f2d11e5e5ac7d2a13dfed0e4b832c4f3cf66166441b3fe900aaf6803f3a
sqlinference.pdf
Posted Oct 6, 2005
Authored by David Litchfield | Site ngssoftware.com

Whitepaper entitled 'Data-Mining With SQL Injection and Inference'. Paper is based on a talk given earlier this year at Blackhat Europe. It divides SQL injection data theft attacks into three classes - inband, out-of-band and inference. The first, in-band, uses the existing connection to get data out; the second, out-of-band, uses another channel, e.g. smtp by using builtin database mail functions; and lastly inference.

tags | paper, sql injection
SHA-256 | fcb6268f83b03e6bae5da741f0a4a4a70ef1f3e89a8ac16c3c1c47f83e4853f6
xpms.pdf
Posted Oct 6, 2005
Authored by David Litchfield | Site ngssoftware.com

Whitepaper entitled 'Buffer Underruns, DEP, ASLR, and improving the Exploitation Prevention Mechanisms (XPMs) on the Windows platform'.

tags | paper
systems | windows
SHA-256 | 6a2fef57985b54e3b9a2d601af88045009dd270ff00aa613302b46f9fe35639b
Fwknop Port Knocking Utility
Posted Oct 6, 2005
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Various additions and bug fixes.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 07289220d1f6fa9897099dfaab158ed855928fe5e76bc56335f332f9b174d48d
Gentoo Linux Security Advisory 200510-4
Posted Oct 6, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200510-04 - Frank Lichtenheld has discovered that the sort_offline() function in texindex insecurely creates temporary files with predictable filenames. Versions less than 4.8-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2005-3011
SHA-256 | ba9606996859837bda720027002667013bde2a1559e4cc702034a297af5299d0
Debian Linux Security Advisory 844-1
Posted Oct 6, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 844-1 - A vulnerability in mod_auth_shadow, an Apache module that lets users perform HTTP authentication against /etc/shadow, has been discovered. The module runs for all locations that use the 'require group' directive which would bypass access restrictions controlled by another authorization mechanism, such as AuthGroupFile file, if the username is listed in the password file and in the gshadow file in the proper group and the supplied password matches against the one in the shadow file.

tags | advisory, web
systems | linux, debian
advisories | CVE-2005-2963
SHA-256 | 8181012eb3961d9159ac9f63277e30706b54df18f9e5c3b044c36c8b69f3972f
Debian Linux Security Advisory 843-1
Posted Oct 6, 2005
Authored by Debian | Site security.debian.org

Debian Security Advisory DSA 843-1 - Two vulnerabilities have been discovered in the ARC archive program under Unix. Eric Romang discovered that the ARC archive program under Unix creates a temporary file with insecure permissions which may lead to an attacker stealing sensitive information. Joey Schulze discovered that the temporary file was created in an insecure fashion as well, leaving it open to a classic symlink attack.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2005-2945, CVE-2005-2992
SHA-256 | eb2cbddd736529606b33b4da39783e988ab08f14b95f9c3258caf3b846daff7c
iDEFENSE Security Advisory 2005-10-04.2
Posted Oct 6, 2005
Authored by iDefense Labs, infamous41md | Site idefense.com

iDEFENSE Security Advisory 10.04.05-2 - Remote exploitation of a buffer overflow vulnerability in Symantec AntiVirus Scan Engine can allow remote attackers to execute arbitrary code. iDEFENSE Labs has confirmed the existence of this vulnerability in Symantec AntiVirus Scan Engine 4.0. The vendor has confirmed that the vulnerability also effects products utilizing Symantec AntiVirus Scan Engine 4.3, however Scan Engine 4.1 is not affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-2758
SHA-256 | 108341654e1a935e4d2076d655403559fe000d75561a5a6e6110ae15c2361826
iDEFENSE Security Advisory 2005-10-04.1
Posted Oct 6, 2005
Authored by iDefense Labs, infamous41md | Site idefense.com

iDEFENSE Security Advisory 10.04.05-1 - Remote exploitation of a buffer overflow vulnerability in the University of Washington's IMAP Server (UW-IMAP) allows attackers to execute arbitrary code. iDEFENSE has confirmed the existence of this vulnerability in Washington University imap-2004c1.

tags | advisory, remote, overflow, arbitrary, imap
advisories | CVE-2005-2933
SHA-256 | 7d725edae7244a458754d80ce51bdd887cb05f856c6affc066bdd5364905672b
HP Security Bulletin 2005-10.41
Posted Oct 6, 2005
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Mozilla, where the vulnerability could be exploited to allow a remote, unauthorized user to execute privileged code or to create a Denial of Service (DoS).

tags | advisory, remote, denial of service
systems | hpux
advisories | CVE-2005-2871
SHA-256 | 6630a06078216319d840bb039f6ddcc1e54966ad7749cb96f94b5d3656cf51a7
HP Security Bulletin 2005-10.40
Posted Oct 6, 2005
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with Mozilla versions prior to 1.7.11.00 running on HP-UX, where the vulnerabilities could be exploited to allow a remote, unauthorized user to execute privileged code.

tags | advisory, remote, vulnerability
systems | hpux
SHA-256 | ad7cccf808fa40ec9991ff17c03c443867075efb36508a582f3f165ca92817b3
SSRT5940.txt
Posted Oct 6, 2005
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Mozilla, where a heap overflow could be exploited to allow a remote, unauthorized user to execute privileged code.

tags | advisory, remote, overflow
systems | hpux
advisories | CVE-2005-2871, CVE-2005-0399, CVE-2005-0401, CVE-2005-0989, CVE-2004-1316
SHA-256 | 447c5def70dcb2ede956183b5047d65de70429a61059fdbdc740977e079b05e2
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close