what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 116 RSS Feed

Files Date: 2006-10-04 to 2006-10-05

open_basedir_race.txt
Posted Oct 4, 2006
Site hardened-php.net

Hardened-PHP Project Security Advisory: PHP open_basedir Race Condition Vulnerability.

tags | advisory, php
SHA-256 | 49eb67c0bff58dce3693b82c5f4abd425e3367215ae98d376ea356a1d9f3368e
IPB-2.1.7.txt
Posted Oct 4, 2006
Authored by Rapigator

Several vulnerabilities in IPB exist that can force the admin to execute malicious SQL commands through the IPB SQL toolbox.

tags | exploit, vulnerability
SHA-256 | 73d6a3bf7149192a423b428e91af1ebac4c45000f392f1a0bb99a05fc01acece
YenerHaber.txt
Posted Oct 4, 2006
Authored by Dj ReMix

Yener Haber Script 2.0 suffers from an SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | b4591ca1ba3a57bd93a3d97fb34194a8b434e75f9d9a7098353108f788f72f68
Mandriva Linux Security Advisory 2006.179
Posted Oct 4, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory MDKSA-2006-179: Tavis Ormandy of the Google Security Team discovered a Denial of Service vulnerability in the SSH protocol version 1 CRC compensation attack detector. This could allow a remote unauthenticated attacker to trigger excessive CPU utilization by sending a specially crafted SSH message, which would then deny ssh services to other users or processes (CVE-2006-4924, CVE-2006-4925). Please note that Mandriva ships with only SSH protocol version 2 enabled by default.

tags | advisory, remote, denial of service, protocol
systems | linux, mandriva
SHA-256 | 31fb83ce2c362a1244555f594057b417fbdde1e1f799e524bb45fc87e23b7a67
Debian Linux Security Advisory 1188-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1188-1: Several security related problems have been discovered in mailman, the web-based GNU mailing list manager. The Common Vulnerabilities and Exposures project identifies the following problems:

tags | advisory, web, vulnerability
systems | linux, debian
SHA-256 | 5675b2de9f810a586d9dde488257810c99b62c4af96f701c4b79c5c7ee52cdc1
Gentoo Linux Security Advisory 200610-1
Posted Oct 4, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-01 - A number of vulnerabilities have been found and fixed in Mozilla Thunderbird. For details please consult the references below. Versions less than 1.5.0.7 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | ae4b2bf6a7cdc96630eee662fd2f01e20f1c3d736930c5fd01f7f7af6087b59b
Gentoo Linux Security Advisory 200610-2
Posted Oct 4, 2006
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200610-02 - The Adobe Flash Player contains multiple unspecified vulnerabilities. Versions less than 7.0.68 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | 8682b873b4449b172dafff9ad57df97004075e61bc5947bbc626fbc4da3955c8
Debian Linux Security Advisory 1190-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1190-1: Oliver Karow discovered that the WebDBM frontend of the MaxDB database performs insufficient sanitising of requests passed to it, which might lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
SHA-256 | f63cb2669b67cc9796104b9964345f84bd09f9f946fb982d59b60a5151a448a2
Debian Linux Security Advisory 1189-1
Posted Oct 4, 2006
Authored by Debian | Site debian.org

Debian Security Advisory 1189-1: Several remote vulnerabilities have been discovered in OpenSSH, a free implementation of the Secure Shell protocol, which may lead to denial of service and potentially the execution of arbitrary code.

tags | advisory, remote, denial of service, arbitrary, shell, vulnerability, protocol
systems | linux, debian
SHA-256 | 02cad4dfc6a25e2dd2ea2481faecc958bf424315d407b46f562741c0d6ea3260
Ubuntu Security Notice 357-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 357-1: Sebastian Krahmer of the SuSE security team discovered that the System.CodeDom.Compiler classes used temporary files in an insecure way. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the program. Under some circumstances, a local attacker could also exploit this to inject arbitrary code into running Mono processes.

tags | advisory, arbitrary, local
systems | linux, suse, ubuntu
SHA-256 | aa139baf703e5dc316437d811887a074ddcede04fb9a0acdbba2dcc6981ac937
Ubuntu Security Notice 353-2
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 353-2: USN-353-1 fixed several vulnerabilities in OpenSSL. However, Mark J Cox noticed that the applied patch for CVE-2006-2940 was flawed. This update corrects that patch.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | e669be9ccdea94b40360c9e75c4c166906d93b3b8fd47aa3e090fcc2fa0ecb44
Ubuntu Security Notice 358-1
Posted Oct 4, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 358-1: ffmpeg, xine-lib vulnerabilities

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 1ad4664747ea5dc9a066ea4a2a438607ea6853815349a5167e20739a794e99b3
oscommerce-page-txt
Posted Oct 4, 2006
Authored by Lostmon | Site lostmon.blogspot.com

osCommerce contains a flaw that allows a remote cross site scripting attack.This flaw exists because the application does not validate 'page' param upon submission to multiple scripts in /admin folder.This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

tags | exploit, remote, arbitrary, xss
SHA-256 | e784c526382627be9844d4f29fd4a4705c81c062f03f08b832c9eeae8976a0de
Dr.Web4.33.txt
Posted Oct 4, 2006
Authored by Jean-Sebastien Guay-Leroux

Dr.Web 4.33 antivirus LHA long directory name heap overflow: When building a special LHA archive with a long directory name in an extended directory header, a fixed size buffer on the heap is overflowed. When processing this malicious archive, it is then possible to make Dr.Web run arbitrary code by overwriting some internal malloc management informations.

tags | advisory, web, overflow, arbitrary
SHA-256 | 2a30296b1d42bc902eefd52faffa18b6b2e14bb10873a005d4d3df2b73a5ab6c
CAID34661.txt
Posted Oct 4, 2006
Authored by Ken Williams | Site supportconnect.ca.com

CAID 34661: CA Unicenter WSDM File System Read Access Vulnerability: Unicenter Web Services Distributed Management 3.1 uses a known vulnerable version of Jetty WebServer, an open source java web server. An advisory describing the Jetty WebServer vulnerability can be found at http://www.securityfocus.com/bid/11330. The vulnerability allows a remote attacker to gain full read access on the install partitions file system of the Unicenter WSDM host system through a directory traversal attack

tags | advisory, java, remote, web
SHA-256 | 59d313f06c61c6c3e14d15a2c66be546acd4d72d6e7daa4d3b078b9969a8198d
iDEFENSE Security Advisory 2006-10-02.t
Posted Oct 4, 2006
Authored by iDefense Labs, iDefense | Site idefense.com

iDefense Security Advisory 10.02.06: Remote exploitation of a DoS vulnerability in Novell Inc.'s GroupWise Messenger could allow attackers to crash the Messenger server.

tags | advisory, remote, denial of service
SHA-256 | 08fe0b130f5994748693d0868c3ba77e6017f17e4f49b94a123aa2494b31d195
flokken-0.1-whore.tar
Posted Oct 4, 2006
Authored by PoWeR PoRK

FreeBSD 5.2 and prior shmat local kernel exploit.

tags | exploit, kernel, local
systems | freebsd
advisories | CVE-2004-0114
SHA-256 | f115f3bd68abfe5196acc1e163784d94ea90217661b8b2c5a61be2b9797c191e
HP Security Bulletin 2006-12.20
Posted Oct 4, 2006
Authored by Hewlett Packard | Site hp.com

HPSBUX02157 SSRT061220 rev.1 HP-UX Running Ignite-UX Server, Remote Unauthorized Access and Privilege Elevation: A potential security vulnerability has been identified in HP-UX running the Ignite-UX server. The vulnerability could be exploited to allow a remote unauthorized user to gain root access to the system running the Ignite-UX server.

tags | advisory, remote, root
systems | hpux
SHA-256 | 81346cca3f04cae58e84251e25ca121b182ae9afa2a9aca2d13b0a7cc432f9d7
HP Security Bulletin 2006-11.49
Posted Oct 4, 2006
Authored by Hewlett Packard | Site hp.com

HPSBUX02129 SSRT061149 rev.1 - HP-UX running SLP, Remote Unauthorized Access: A potential security vulnerability has been identified in HP-UX when running Service Locator Protocol (SLP).The vulnerabilit y could be exploited by a remote user of Service Locator Protocol (SLP) for unauthorized access.

tags | advisory, remote, protocol
systems | hpux
SHA-256 | f5a6eb5575a32d881bf444286af32d1ecd0a3df2602c46c2a0c43b6ad532f865
Technical Cyber Security Alert 2006-275A
Posted Oct 4, 2006
Authored by US-CERT | Site cert.org

National Cyber Alert System Technical Cyber Security Alert TA06-275A: Multiple Vulnerabilities in Apple and Adobe Products

tags | advisory, vulnerability
systems | apple
SHA-256 | 5ed461803c9cb7d5e4c286b90864ac53794a47e7cdb3892f52746d42ada972ee
Pebble2.0.0.txt
Posted Oct 4, 2006
Authored by Paolo Perego

Pebble 2.0.0 RC1 and 2 suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 08a5e732869950e08e91c781c24e82104a020041dcae765ae6d6b23413dffc6f
aimject-0.6.tar.gz
Posted Oct 4, 2006
Authored by Jon Oberheide | Site jon.oberheide.org

Aimject facilitates man-in-the-middle attacks against AOL Instant Messenger's OSCAR protocol via a simple GTK interface.

tags | tool, sniffer, protocol
SHA-256 | 5e23f13f4df0e76d70be2e7172cebdbc3306215726fa47e539dcfe6080b57cc0
Epolicy3.5.0.txt
Posted Oct 4, 2006
Authored by muts | Site remote-exploit.org

McAfee ePolicy Orchestrator 3.5.0 contains a pre-authentication buffer overflow vulnerability in NAISERV.exe. Protection Pilot 1.1.0 uses the same HTTP server, and is also vulnerable.

tags | advisory, web, overflow
SHA-256 | b10041868084225e62f4a63f86c4fb4e2f49df32ae08ccc857170b2bfe9a4c39
Informix-ids.txt
Posted Oct 4, 2006
Authored by Larry W. Cashdollar | Site vapid.dhs.org

IBM Informix (IDS) V10.0 suffers from several flaws that could allow an attacker to overwrite any file on the system or inject commands into the installer scripts.

tags | advisory
SHA-256 | e299b03aa62557f2b9a2a6bba84f0efdb77c22a8264d634d77e8361c2c039429
EasyBannerFree.txt
Posted Oct 4, 2006
Authored by abu ahmed

EasyBannerFree suffers from a remote file inclusion vulnerability in functions.php.

tags | exploit, remote, php, file inclusion
SHA-256 | 9b893740a21ec833f32fc15da276c2a776806d2a60be53cad0f0d3554f13ccb1
Page 1 of 5
Back12345Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close