what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 56 RSS Feed

Files Date: 2006-08-28 to 2006-08-29

Debian Linux Security Advisory 1158-1
Posted Aug 28, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1158-1 - Ulf Harnhammer from the Debian Security Audit Project discovered that streamripper, a utility to record online radio-streams, performs insufficient sanitizing of data received from the streaming server, which might lead to buffer overflows and the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2006-3124
SHA-256 | 79b17945e83f816d8035ffde0a69190a4c687d09b4a110f7462c9d0311ef6878
Debian Linux Security Advisory 1157-1
Posted Aug 28, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1157-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to the bypass of security restrictions or denial of service.

tags | advisory, denial of service, vulnerability, ruby
systems | linux, debian
advisories | CVE-2006-3694, CVE-2006-1931
SHA-256 | 80f0c222dedc9f7ade77c3e9a5db07f4a0afb9e56c2f6e35d20d8ec5a70b59bc
Debian Linux Security Advisory 1156-1
Posted Aug 28, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1156-1 - Ludwig Nussel discovered that kdm, the X display manager for KDE, handles access to the session type configuration file insecurely, which may lead to the disclosure of arbitrary files through a symlink attack.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2006-2449
SHA-256 | 7a3174cbb354a44f382da2a695d7fbcbcb184aea1ea2108b8518fe21141298a4
PI-2006-001.txt
Posted Aug 28, 2006
Authored by Daniel Tumalad | Site pinoyinfosec.org

PinoyInfosec Advisory - Web500 does not have proper input validation in the fronteditor script which allows an attacker to execute arbitrary SQL commands. This allows an attacker to manipulate data on the CMS by passing specially crafted SQL statements through the Dbcountry variable. Version 2.80 is affected.

tags | advisory, arbitrary
SHA-256 | c21efbbbf9fd70686ef57f3fc963c25651d1b660b64e1078d6560f06bd2f90d5
Gentoo Linux Security Advisory 200608-24
Posted Aug 28, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200608-24 - AlsaPlayer contains three buffer overflows: in the function that handles the HTTP connections, the GTK interface, and the CDDB querying mechanism. Versions less than or equal to 0.99.76-r3 are affected.

tags | advisory, web, overflow
systems | linux, gentoo
SHA-256 | 586936fc7a5a278e9e2591603a785b1dfa14bd40b0d331fc9b1683518e541742
AlstraSoftRFI.txt
Posted Aug 28, 2006
Authored by Night_Warrior

AlstraSoft Video Share Enterprise suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 44f4de33c2139c98322515851a2d18dddf44ad04de2c284de32a575ae621c24a
bigace182.txt
Posted Aug 28, 2006
Authored by Vampire | Site hackerz.ir

Bigace version 1.8.2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | f015a2f71f0026b6fc7d567962c9db3976c0cc94831ca0bb6fda61f3c78983ea
comcomprofiler.txt
Posted Aug 28, 2006
Authored by Matdhule

The Mambo/Joomla com_comprofiler component versions 1.0 RC2 and below suffer from a remote file inclusion flaw.

tags | exploit, remote, file inclusion
SHA-256 | 58f08abd605ae986060aaebd3c96cdfb32811b3ae797f3bc7981f3682fb844dd
ciscoNAC.txt
Posted Aug 28, 2006
Authored by Andreas Gal, Joachim Feise | Site andreasgal.com

The Cisco NAC appliance (formerly Cisco Clean Access) versions 3.6.4.1 and below suffer from an agent installation bypass vulnerability.

tags | advisory, bypass
systems | cisco
SHA-256 | f2be702b7454c6348869203ef0cfa6c04914797d53c56d08d225f268c708633a
jetboxCMSinclude.txt
Posted Aug 28, 2006
Authored by D3nGeR

Jetbox CMS suffers from a remote file inclusion flaw in search_function.php.

tags | exploit, remote, php, file inclusion
SHA-256 | f6684f3e2bf0edc185b1c2a86096fe0ad530b962cc219ae60b367d232ba93f38
jupiterCMSinclude.txt
Posted Aug 28, 2006
Authored by D3nGeR

Jupiter CMS version 1.1.5 suffers from a remote file inclusion flaw in index.php.

tags | exploit, remote, php, file inclusion
SHA-256 | b205a17e47e4e3db6d3b2661eedbd410b5e58dda86ee689c0c733611daff4d84
xoopsSQL.txt
Posted Aug 28, 2006
Authored by Omid | Site hackers.ir

Xoops version 2.0.14 suffers from a SQL injection flaw.

tags | advisory, sql injection
SHA-256 | 49ed5fad7c363db7fdcee0f73adf8e43078a555168a78a8906d37787401a5f3c
mambojoomlaSQL.txt
Posted Aug 28, 2006
Authored by Omid | Site hackers.ir

Mambo 4.6 RC2 and Joomla 1.0.10 both suffer from SQL injection flaws.

tags | advisory, sql injection
SHA-256 | 97dcb1422bb569b80b8886a497adaf2c74b10c2253535c14120e6aefba507552
Mandriva Linux Security Advisory 2006.152
Posted Aug 28, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-152 - Vulnerabilities in the SCSI, DHCP, and SSCOP dissectors were discovered in versions of wireshark less than 0.99.3, as well as an off-by-one error in the IPsec ESP preference parser if compiled with ESP decryption support.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2006-4330, CVE-2006-4331, CVE-2006-4332, CVE-2006-4333
SHA-256 | 0f85f842e1a82ec97af5a9d241d008298bfeef91b08d5de2ce089c3e3b651f8a
cutenews13.txt
Posted Aug 28, 2006
Authored by rUnViRuS | Site worlddefacers.de

Cutenews version 1.3.x suffers from a remote file inclusion flaw.

tags | exploit, remote, file inclusion
SHA-256 | 1425de171552fe0ccd641fa80972dd6143192c3bee9061454bed919f10ca9f54
Mandriva Linux Security Advisory 2006.151
Posted Aug 28, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-151 - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2006-1066, CVE-2006-1863, CVE-2006-1864, CVE-2006-2934, CVE-2006-2935, CVE-2006-2936, CVE-2006-3468, CVE-2006-3745
SHA-256 | 680348d121ac7b42411ce9054f7d9429cb1c6b07902bddcdb5d5922ba71849e2
Mandriva Linux Security Advisory 2006.150
Posted Aug 28, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-150 - A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2006-0554, CVE-2006-0744, CVE-2006-1343, CVE-2006-1857, CVE-2006-1858, CVE-2006-1863, CVE-2006-1864, CVE-2006-2274, CVE-2006-2935, CVE-2006-2936, CVE-2006-3468, CVE-2006-3745
SHA-256 | 95cb78e528ef2037f49b5da2f654ac4a5ab2b3f77b110479c99934493514a192
fuji-xerox.txt
Posted Aug 28, 2006
Site itso.iu.edu

Indiana University Security Advisory - The Fuji Xerox Printing Systems print engine suffers from multiple vulnerabilities. An FTP bounce attack is possible when FTP printing is enabled. The embedded HTTP server allows unauthenticated access to system configuration and settings.

tags | advisory, web, vulnerability
advisories | CVE-2006-2112, CVE-2006-2113
SHA-256 | f924478b950d6fb6b8647ac3645dfe999c02dd5415fe9a6e9d89290b47cae2b9
yapigXSS.txt
Posted Aug 28, 2006
Authored by Kuon | Site Armorize.com

YaPiG version 0.95b suffers from a cross site scripting flaw in thanks_comment.php.

tags | exploit, php, xss
SHA-256 | a982a9b5ba5887ea81861b13af1b6c9cc66c2bd6a188b82d880f450e5ed84e25
NSFOCUS-SA2006-08.txt
Posted Aug 28, 2006
Authored by Hu Qianwei | Site nsfocus.com

The NSFocus Security Team has discovered a buffer overflow in Internet Explorer 6.0SP1 which allows for remote code execution via an overly-long URL.

tags | advisory, remote, overflow, code execution
advisories | CVE-2006-3869
SHA-256 | 31fc275e9263e8f91f3d87e178c5156ac1db384edfb575d3dd5c89172145c2ef
Mandriva Linux Security Advisory 2006.149
Posted Aug 28, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-149 - MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions.

tags | advisory, remote, local
systems | linux, mandriva
advisories | CVE-2006-4031, CVE-2006-4226
SHA-256 | 8a5deb764b1c633185695ddebb9ec526a1ef11db250cce81099d1e2987c38884
EEYE-MS06-042-2.txt
Posted Aug 28, 2006
Authored by Derek Soeder | Site eeye.com

eEye Digital Security has discovered a heap overflow vulnerability in the MS06-042 cumulative Internet Explorer update that would allow an attacker to execute arbitrary code on the system of a victim who attempts to access a malicious URL. Only Windows 2000 and Windows XP SP1 systems running Internet Explorer 6 SP1 with the MS06-042 patch applied are vulnerable.

tags | advisory, overflow, arbitrary
systems | windows
SHA-256 | 140740018944f8f8fb1cd1ce93819ababbcebc675a58daa37730a7bec43591c1
Mandriva Linux Security Advisory 2006.148
Posted Aug 28, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-148 - An integer overflow flaw was discovered in how xorg-x11/XFree86 handles PCF files. A malicious authorized client could exploit the issue to cause a DoS (crash) or potentially execute arbitrary code with root privileges on the xorg-x11/XFree86 server.

tags | advisory, overflow, arbitrary, root
systems | linux, mandriva
advisories | CVE-2006-3467
SHA-256 | 4bfdace4d2c45d019c5faecffdce1d7bf2feddcabcafb04dd6297b54ff0ec5f7
Gentoo Linux Security Advisory 200608-23
Posted Aug 28, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200608-23 - Yan Rong Ge discovered that the peel_netstring() function in cl_netstring.c does not validate the length parameter of user input, which can lead to an out-of-bounds memory access when processing certain Heartbeat messages. Furthermore an unspecified local DoS issue was fixed. Versions less than 2.0.7 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2006-3121, CVE-2006-3815
SHA-256 | d82d1245d8c7ce45caa059dbffc4d0bb4951f3f0b19756cc6dad5c14c2fa28a4
advisory-052006.128.txt
Posted Aug 28, 2006
Authored by Stefan Esser | Site hardened-php.net

The Zend Platform versions 2.2.1 and below suffer from multiple vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 0719bf1fa509737c893eafff775c3b21608acd3ee922f69666634439f10bd5b7
Page 2 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close