exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 83 RSS Feed

Files Date: 2006-04-29 to 2006-04-30

Zero Day Initiative Advisory 06-011
Posted Apr 29, 2006
Authored by Tipping Point | Site zerodayinitiative.com

ZDI-06-011: Mozilla Firefox Table Rebuilding Code Execution Vulnerability: This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail.

tags | advisory, web, arbitrary, code execution
SHA-256 | 70ec9a4add873515b39c5531866ba5b0da716b3456083b4b73454101b5fb0135
Gentoo Linux Security Advisory 200604-18
Posted Apr 29, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200604-18 - Several vulnerabilities were found in Mozilla Suite. Version 1.7.13 was released to fix them. Versions less than 1.7.13 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | 0f05885b0d6cf2099e850bbe9a2ead3eba2b6b3b7d02580d9ab67c1854431cac
Ubuntu Security Notice 275-1
Posted Apr 29, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 275-1: multiple vulnerabilities in mozilla.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 245fc0962bafd2ac2ab825291eaa2f5ac86aaf7b5579ab0ee787f227f4f9ebfc
Ubuntu Security Notice 274-1
Posted Apr 29, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 274-1: A logging bypass was discovered in the MySQL query parser. A local attacker could exploit this by inserting NUL characters into query strings (even into comments), which would cause the query to be logged incompletely.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | b62c335f8187d3d48d3a6cef6ee2682316c7d0db09ea706236c499c774645dc3
Debian Linux Security Advisory 1046-1
Posted Apr 29, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1046-1: several security related problems have been discovered in Mozilla.

tags | advisory
systems | linux, debian
SHA-256 | c2f0c9e203162fb84f6b688dccec9383a68497b59eb532ef2e5cace16e088da6
Debian Linux Security Advisory 1045-1
Posted Apr 29, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1045-1: Hendrik Weimer discovered that OpenVPN, the Virtual Private Network daemon, allows to push environment variables to a client allowing a malicious VPN server to take over connected clients.

tags | advisory
systems | linux, debian
SHA-256 | 7e56f1abf9d34d6fdbd18f7cf9d97721361848c944083e1ba23c6524ac565f49
Gentoo Linux Security Advisory 200604-17
Posted Apr 29, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200604-17 - Ethereal is vulnerable to numerous vulnerabilities, potentially resulting in the execution of arbitrary code. Versions less than 0.99.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
SHA-256 | 274c34275604ba38466f25c5349e68a8a12a9f894906491dc9ee4c7542cf0d1a
Gentoo Linux Security Advisory 200604-16
Posted Apr 29, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200604-16 - Federico L. Bossi Bonin discovered that when handling MPEG streams xine-lib fails to make a proper boundary check of the input data supplied by the user before copying it to an insufficiently sized memory buffer. Versions less than 1.1.2_pre20060328-r1 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 531ceaff9013caccdc626f88d42dcc301d411606a8899d31b399c17c9643a162
Gentoo Linux Security Advisory 200604-15
Posted Apr 29, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200604-15 - Ludwig Nussel discovered that xine-ui incorrectly implements formatted printing. Versions less than 0.99.4-r5 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 598bb82dbb0a13d0345301e976c12e42cb133a68bc17fb557bb5253daa532a58
Debian Linux Security Advisory 1044-1
Posted Apr 29, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1044-1: Several security related problems have been discovered in Mozilla Firefox.

tags | advisory
systems | linux, debian
SHA-256 | b689441635aac4e585b34c93df67a8395721260b7788928c34429803f9cb4f83
Debian Linux Security Advisory 1043-1
Posted Apr 29, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1043-1: Erik Sj

tags | advisory, overflow
systems | linux, debian
SHA-256 | 24dbde5281a263a3b0505b5c06cea313fd47b3cb6eae947c110dd6b5557834dc
Mandriva Linux Security Advisory 2006.079
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-079: A vulnerability in how ruby's HTTP module uses blocking sockets was reported by Yukihiro Matsumoto. By sending large amounts of data to a server application using this module, a remote attacker could exploit it to render the application unusable and not respond to other client requests.

tags | advisory, remote, web, ruby
systems | linux, mandriva
SHA-256 | 2a4613903a321fd77f236960aaee86901b5194f2ca53df46addbb68198bf1d02
Mandriva Linux Security Advisory 2006.079
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-079: A vulnerability in how ruby's HTTP module uses blocking sockets was reported by Yukihiro Matsumoto. By sending large amounts of data to a server application using this module, a remote attacker could exploit it to render the application unusable and not respond to other client requests.

tags | advisory, remote, web, ruby
systems | linux, mandriva
SHA-256 | 2a4613903a321fd77f236960aaee86901b5194f2ca53df46addbb68198bf1d02
Mandriva Linux Security Advisory 2006.078
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-078: A number of vulnerabilities have been discovered in the Mozilla Thunderbird email client that could allow a remote attacker to craft malicious web emails that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, or other information. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the program.

tags | advisory, remote, web, arbitrary, local, spoof, vulnerability
systems | linux, mandriva
SHA-256 | 5f84e7e68f4ac060eaeb03eb4c2872d421dcf6d6993ff57259ec7a4ae3449829
Mandriva Linux Security Advisory 2006.078
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-078: A number of vulnerabilities have been discovered in the Mozilla Thunderbird email client that could allow a remote attacker to craft malicious web emails that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, or other information. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the program.

tags | advisory, remote, web, arbitrary, local, spoof, vulnerability
systems | linux, mandriva
SHA-256 | 5f84e7e68f4ac060eaeb03eb4c2872d421dcf6d6993ff57259ec7a4ae3449829
Mandriva Linux Security Advisory 2006.077
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-077: A number of vulnerabilities have been discovered in the Ethereal network analyzer. These issues have been corrected in Ethereal version 0.99.0

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | 2e95063752443adee9e5ceec80c60e69aaabf4074246e81446192a4bf1a3a64f
Mandriva Linux Security Advisory 2006.077
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-077: A number of vulnerabilities have been discovered in the Ethereal network analyzer. These issues have been corrected in Ethereal version 0.99.0

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | 2e95063752443adee9e5ceec80c60e69aaabf4074246e81446192a4bf1a3a64f
Mandriva Linux Security Advisory 2006.076
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-076: A number of vulnerabilities have been discovered in the Mozilla Suite that could allow a remote attacker to craft malicious web pages that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, cookies, or other information from web pages. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the browser.

tags | advisory, remote, web, arbitrary, local, spoof, vulnerability
systems | linux, mandriva
SHA-256 | 168a1f3d0fc4663f82b500b6b14843de5fdc405aa30aad5679303bb2f2c7c45c
Mandriva Linux Security Advisory 2006.076
Posted Apr 29, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-076: A number of vulnerabilities have been discovered in the Mozilla Suite that could allow a remote attacker to craft malicious web pages that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, cookies, or other information from web pages. As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the browser.

tags | advisory, remote, web, arbitrary, local, spoof, vulnerability
systems | linux, mandriva
SHA-256 | 168a1f3d0fc4663f82b500b6b14843de5fdc405aa30aad5679303bb2f2c7c45c
Nmap Scanning Utility 4.03
Posted Apr 29, 2006
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. Full changelog available here.

Changes: Various bug fixes including a memory leak.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 9692f249baeb4bbb9f81a666c733fb764b56550ed79fdd4056698cf470de4774
lsof_4.77.tar.gz
Posted Apr 29, 2006
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It is useful for pinpointing which process is using each network socket. FAQ available here.

Changes: Bug fixes. Supports the newest operating systems.
tags | tool, intrusion detection
systems | unix
SHA-256 | 41f192381511c4e82aef6daa212eff9e3ccf81b8bf2ecf5b03928de33c9e0449
EMC-Retrospect.txt
Posted Apr 29, 2006
Site kb.dantz.com

EMC Insignia has released an update to Retrospect 6.5 and 7.0 Windows to address several recently identified security vulnerabilities.

tags | advisory, vulnerability
systems | windows
SHA-256 | 64c45ce149d42ad3c25dcc9eac64f21f35f2c9559dbccf5aa9e897b26f08a006
NetAccess-na75.txt
Posted Apr 29, 2006
Authored by Ralph Moonen

Multiple vulnerabilities have been identified in IP3 Networks 'NetAccess' NA75 appliance. Vulnerabilities include SQL injection, command execution, and information disclosure.

tags | advisory, vulnerability, sql injection, info disclosure
SHA-256 | 480eafdfcc9a703dadbe001fe7bfc64ba155dfcf0aade9d2d1ca07bd25fce829
m0rtix.c
Posted Apr 29, 2006
Authored by jeremy still

m0rtix.c is a simple C linux backdoor which bind a shell to a port with tty fork. The processes are hidden and it contains a kernel version detector which tell you what local root exploit you must use to root the system.

tags | tool, shell, kernel, local, root, rootkit
systems | linux, unix
SHA-256 | dd97d5b150059d75f024e99f8576e32a171c4a1e79fea55224c739fef7a891e6
astathome.txt
Posted Apr 29, 2006
Authored by Francois Harvey

Two vulnerabilities was found in the ARI package included in the asterisk@home Distribution versions 0.7.15 and lower. These vulnerabilities allow a user to listen to voicemail from any other users and and to disclose configuration password.

tags | advisory, vulnerability
SHA-256 | 59890f2b941cdebd235dc7cd0cf208a2602022c8cf0d754796a8130687c7ccbf
Page 3 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close