what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 45 of 45 RSS Feed

Files Date: 2006-11-06 to 2006-11-07

Secunia Security Advisory 22745
Posted Nov 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for librpm4. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 50431dc43e8d36bb00a574eab8c5f3b64896201cc5b35cbbc1edaa69c6c83722
Secunia Security Advisory 22746
Posted Nov 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Fedora Core, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, fedora
SHA-256 | 17b869aba08499c9cbe19958b1027e726ec66a1ae617b3a04a12781ebb838c3f
Secunia Security Advisory 22707
Posted Nov 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for screen. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
SHA-256 | 7e6a1911dda53a6ab545792251c292038d60ac6c9afd72d9fca81c5987912823
aanval-2.3-stable.tar.gz
Posted Nov 6, 2006
Site aanval.com

Aanval (pronounced: "anvil") is an advanced data management, correlation and analysis console designed specifically for Snort and Syslog data. Aanval is a complete web-based software solution designed to manage and correlate snort intrusion detection data and / or syslog device data.

Changes: Series 2 v2.3 contains look and feel enhancements, syslog support for local log files, syslog pre and post filters, snappier interface, several minor bug fixes and various other minor feature and option additions.
tags | tool, web, sniffer
SHA-256 | 8abc59399c4a41e8e0ecdd145857256816bdf72fc6d2ef36292aa025bb303e4a
IF-CMS.txt
Posted Nov 6, 2006
Authored by benjamin moss, laurent gaffie

IF-CMS suffers from a cross site scripting vulnerability in index.php.

tags | exploit, php, xss
SHA-256 | a4d731562509b4f8d739b14d6ca6aea4d3fed83e3db46f3cee3279a20f9d409d
essentia215.txt
Posted Nov 6, 2006
Authored by CorryL | Site x0n3-h4ck.org

Essentia Web Server version 2.15 suffers from a buffer overflow vulnerability. Denial of service exploit included.

tags | exploit, web, denial of service, overflow
SHA-256 | b6a275a0406f1b65144837ffc8082c6f99e97e4d2b21537d389ac4ee29f4ec45
drakeCMS.txt
Posted Nov 6, 2006
Authored by CorryL | Site x0n3-h4ck.org

Drake CMS version 0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 970ad4149dcd4090f9a11dae899e49be43d3debdada03f5c9e220dcce04a2a42
Clam AntiVirus Toolkit 0.88.6
Posted Nov 6, 2006
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various bug fixes.
tags | virus
systems | unix
SHA-256 | cc7f90983aa61b3d893c3311e3f832c5faa204467143cff597ad80bf8ad24daa
major_rls31.txt
Posted Nov 6, 2006
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

Xenis.creator CMS suffers from multiple cross site scripting and SQL injection flaws.

tags | advisory, xss, sql injection
SHA-256 | 91c6a2f2d1c37da731a8896669609f2faee49f3029488c5d48876d759906f521
major_rls30.txt
Posted Nov 6, 2006
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

admin.tool CMS versions 3 and below suffer from multiple cross site scripting flaws.

tags | advisory, xss
SHA-256 | acd0d9ced35a4c99aa390a61e004f88d41f2e7a9c141e5385e73e47bdcbd6833
iodine-0.3.3.tar.gz
Posted Nov 6, 2006
Authored by Yarrick | Site code.kryo.se

iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.

Changes: Fixed possible buffer overflow found by poplix. Reworked dns hostname encoding.
systems | unix
SHA-256 | 6b56b4536548aa932533bbd65c37fdedef6900496482214446daf96534bc55b6
Secunia Security Advisory 22687
Posted Nov 6, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft XML Core Services, which can be exploited by malicious people to compromise a users system.

tags | advisory
SHA-256 | d547b4b829e14cc64f0e85e97c9ab9f82d3ff113b9611a4e8bbaa7c506021897
Ubuntu Security Notice 378-1
Posted Nov 6, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 378-1 - An error was found in the RPM library's handling of query reports. In some locales, certain RPM packages would cause the library to crash. If a user was tricked into querying a specially crafted RPM package, the flaw could be exploited to execute arbitrary code with the user's privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-5466
SHA-256 | 46dceed57c8becd4d8ec059a3d65276ebbe5886e1adadee226e2d0614dd95fc2
Ubuntu Security Notice 377-1
Posted Nov 6, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 377-1 - Derek Abdine discovered that the NVIDIA Xorg driver did not correctly verify the size of buffers used to render text glyphs. When displaying very long strings of text, the Xorg server would crash. If a user were tricked into viewing a specially crafted series of glyphs, this flaw could be exploited to run arbitrary code with root privileges.

tags | advisory, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2006-5379
SHA-256 | ec47b737c0f599490328b2d916c5bed8392588978151ef7d0c0019bdf011b4bc
Ubuntu Security Notice 376-1
Posted Nov 6, 2006
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 376-1 - M. Joonas Pihlaja discovered that imlib2 did not sufficiently verify the validity of ARGB, JPG, LBM, PNG, PNM, TGA, and TIFF images. If a user were tricked into viewing or processing a specially crafted image with an application that uses imlib2, the flaws could be exploited to execute arbitrary code with the user's privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2006-4806, CVE-2006-4807, CVE-2006-4808, CVE-2006-4809
SHA-256 | 6cf2948be4982cc7e0d1c19c4b6b0c6bd6da9919d184d4b607e1a34c0636f3b1
maildrives.txt
Posted Nov 6, 2006
Authored by Attila Gerendi

viksoe's GMail Drive shell extension and GSpace suffers from flaws that allow for arbitrary file injection, folder creation, and more.

tags | advisory, arbitrary, shell
SHA-256 | 4eb96b9eb20c590be8dd26fa79ad868bc0295d2b185604459b85248d9aab64c7
Hardened-PHP Project Security Advisory 2006-13.138
Posted Nov 6, 2006
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

Hardened-PHP Project Security Advisory - PHP 5 versions 5.1.6 and below and PHP 4 versions 4.4.4 and below suffer from buffer overflows in htmlentities() and htmlspecialchars() which may allow for remote code execution.

tags | advisory, remote, overflow, php, code execution
SHA-256 | dd4e3c70ff80ad927aae14623932b488a0e87be06018a88e926d95737511aa1d
Hardened-PHP Project Security Advisory 2006-12.137
Posted Nov 6, 2006
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

Hardened-PHP Project Security Advisory - phpMyAdmin versions 2.9.0.2 and below suffer from a cross site scripting vulnerability in error.php.

tags | advisory, php, xss
SHA-256 | 1bae322ca8783399c8a21d7d7775c5260943a18a3e1112ed3866646ec425d742
SAP-multiple.txt
Posted Nov 6, 2006
Authored by Nicob

The SAP Web Application Server suffers from denial of service, remote file disclosure, and local privilege escalation vulnerabilities.

tags | advisory, remote, web, denial of service, local, vulnerability
SHA-256 | de3975dce143466971026afe72001d10efca62500cacd7004d823edece217251
intercept_apis_dll_redirection.pdf
Posted Nov 6, 2006
Authored by Craig Heffner | Site craigheffner.com

Short whitepaper discussing API hooking/interception via DLL redirection.

tags | paper
SHA-256 | 4f3b2999eaf8674d18053e9c19ddc2690f09ca07ac557ea9d739cbee813c6366
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close