exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2007-11-16 to 2007-11-17

Mandriva Linux Security Advisory 2007.221
Posted Nov 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in kpdf. An attacker could create a malicious PDF file that would cause kpdf to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
SHA-256 | 5892f55d39db5175066b50606277442cbd55457c7ece2f3dc989861b04e657c6
Mandriva Linux Security Advisory 2007.220
Posted Nov 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in gpdf. An attacker could create a malicious PDF file that would cause gpdf to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
SHA-256 | 8a28188238054dc22c3e3b02e4cec0465ebabb7e550bbba1425252d618648e2c
Mandriva Linux Security Advisory 2007.219
Posted Nov 16, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Alin Rad Pop found several flaws in how PDF files are handled in xpdf. An attacker could create a malicious PDF file that would cause xpdf to crash or potentially execute arbitrary code when opened.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
SHA-256 | 99546d27939433796467df61148f5135aec855b704c2ef4efc6f14747d7f224c
RISE-2007004.txt
Posted Nov 16, 2007
Authored by Ramon de C Valle, Adriano Lima | Site risesecurity.org

There exists a vulnerability within an architecture dependent function of the Apple Mac OS X 10.4.x kernel, which when properly exploited can lead to local compromise of the vulnerable system. Proof of concept code included.

tags | exploit, kernel, local, proof of concept
systems | apple, osx
SHA-256 | a2f42affdf7e92cfb45ee12031a066c7505e5f3fb2f05c870d00879bbf8cb294
ProCheckUp Security Advisory 2007.26
Posted Nov 16, 2007
Authored by ProCheckUp, Jan Fry | Site procheckup.com

The Aruba 800 is vulnerable to a persistent cross site scripting vulnerability on the administrator login screen.

tags | exploit, xss
SHA-256 | 3e73dcdf74055dee74b222dec88feb100ce0260e700825e3d8fd7ec82381a1cf
ProCheckUp Security Advisory 2007.2
Posted Nov 16, 2007
Authored by Adrian Pastor, ProCheckUp | Site procheckup.com

The Liferay Portal login page is vulnerable to a cross site scripting vulnerability within the "login" field processed by the "/c/portal/login" server-side script.

tags | exploit, xss
SHA-256 | c5b4c300ba8f9b20584c800933c0325a4d4d46f7e96b287d9a80d0e033cff5fd
Secunia Security Advisory 27559
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for zope-cmfplone. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 376557c77bbb66154df16a680a576333870344cab046cf83ecfa4511c0ca93de
Ubuntu Security Notice 544-1
Posted Nov 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 544-1 - Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service. Alin Rad Pop of Secunia Research discovered that nmbd did not properly check the length of netbios packets. When samba is configured as a WINS server, a remote attacker could send multiple crafted requests resulting in the execution of arbitrary code with root privileges.

tags | advisory, remote, denial of service, overflow, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2007-5398, CVE-2007-4572
SHA-256 | 8794e30d017c457d435c1cd66eb1dc2b13305d4ad05862bf79e3c41da34f5325
Ubuntu Security Notice 543-1
Posted Nov 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 543-1 - Neel Mehta and Ryan Smith discovered that the VMWare Player DHCP server did not correctly handle certain packet structures. Remote attackers could send specially crafted packets and gain root privileges. Rafal Wojtczvk discovered multiple memory corruption issues in VMWare Player. Attackers with administrative privileges in a guest operating system could cause a denial of service or possibly execute arbitrary code on the host operating system.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-4496, CVE-2007-4497
SHA-256 | 24d86ab8d123ae4acdd9b4e09f53f8f65320bd6ed8e974fdbde5b8a7e9ec56dc
Ubuntu Security Notice 542-2
Posted Nov 16, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 542-2 - USN-542-1 fixed a vulnerability in poppler. This update provides the corresponding updates for KWord, part of KOffice. Secunia Research discovered several vulnerabilities in poppler. If a user were tricked into loading a specially crafted PDF file, a remote attacker could cause a denial of service or possibly execute arbitrary code with the user's privileges in applications linked against poppler.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
SHA-256 | e9318627f214f231de15eea94149771dd037cc830d63ac842e1656b9659673a3
EEYE-flac.txt
Posted Nov 16, 2007
Authored by Greg Linares | Site eeye.com

eEye Digital Security has discovered 14 vulnerabilities in the processing of FLAC (Free-Lossless Audio Codec) files affecting various applications. Processing a malicious FLAC file within a vulnerable application could result in the execution of arbitrary code at the privileges of the application or the current user (depending on OS).

tags | advisory, arbitrary, vulnerability
SHA-256 | fd4435d88053e876b0e64335d16dd5e50c862e15e3ae435c244329d2b41a39f6
TKADV2007-001.txt
Posted Nov 16, 2007
Authored by Tobias Klein | Site trapkit.de

The xnu kernel of Mac OS X contains a vulnerability in the code that handles TIOCSETD ioctl requests. Exploitation of this vulnerability can lead to denial of service and code execution.

tags | advisory, denial of service, kernel, code execution
systems | apple, osx
advisories | CVE-2007-4686
SHA-256 | 2833de13f87382fc1d46e30eeeb20f7f1d0014c4948730f08163022e37c4a526
Technical Cyber Security Alert 2007-319A
Posted Nov 16, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-319A - Apple has released Mac OS X 10.4.11 and Security Update 2007-008 to address multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. The most serious of these vulnerabilities may allow a remote attacker to execute arbitrary code. Attackers may take advantage of the less serious vulnerabilities to bypass security restrictions or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | apple, osx
SHA-256 | 7bf8719665dba3119b6580b22a2fb49b5af08f3a3e1b2a6fb65ab5923550332c
stproxy-0.9.1.tar.gz
Posted Nov 16, 2007
Authored by Adam Hurkala

stproxy is small and simple single-threaded HTTP/SSL proxy server released under the GNU General Public License (GPL). stproxy uses as little resources as possible, while still being very fast and efficient.

Changes: Added support for HEAD method.
tags | web
SHA-256 | 502c1cf67367a493af1d9d9ddce76442a9f3bb04215820ed5f86d54ddded2a1b
flexgrid-overflow.txt
Posted Nov 16, 2007
Authored by Elazar Broad

The FlexGrid component version 7.1 suffers from stack overflows.

tags | exploit, overflow
SHA-256 | 0ff229f87cd6fa0c9432eaced5da9a0aa2036ea3bd8a333141d685b0b728b1c6
secunia-netbios.txt
Posted Nov 16, 2007
Site secunia.com

Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "reply_netbios_packet()" function in nmbd/nmbd_packets.c when sending NetBIOS replies. This can be exploited to cause a stack-based buffer overflow by sending multiple specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request. Samba version 3.0.26a is affected.

tags | advisory, overflow
advisories | CVE-2007-5398
SHA-256 | 0d8f18d022ed10d9b2f2f18b1e118ebbf1137681dd01fadae9f56046a140eb21
samba-nmbdexec.txt
Posted Nov 16, 2007
Site samba.org

Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the "wins support" parameter has been enabled in smb.conf. Samba versions 3.0.0 through 3.0.26a are affected.

tags | advisory, arbitrary
advisories | CVE-2007-5398
SHA-256 | 7a6aaa8cc3ce4cf137b54f1d068c43453788e1a7634e15e4e06912ccca08983b
aida-disclose.txt
Posted Nov 16, 2007
Authored by MC Iglo

Aida-Web may suffer from some information exposure vulnerabilities.

tags | advisory, web, vulnerability, info disclosure
SHA-256 | e587c3e182da944a2faf4da8b977583f590c7942f033316beb04ee707240cf12
sshutout-1.0.4.tar.gz
Posted Nov 16, 2007
Authored by Bil DuPree | Site techfinesse.com

sshutout is a daemon that periodically monitors log files, looking for multiple failed login attempts via the Secure Shell daemon. The daemon is meant to mitigate what are commonly known as "dictionary attacks," i.e. scripted brute force attacks that use lists of user IDs and passwords to effect unauthorized intrusions. The sshutout daemon blunts such attacks by creating firewall rules to block individual offenders from accessing the system. These rules are created when an attack signature is detected, and after a configurable expiry interval has elapsed, the rules are deleted.

tags | shell, encryption
SHA-256 | 246877651e6ded3a85f1a0d91ec894828570c202c8de25ff66b1be65d0fda400
Secunia Security Advisory 27565
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for horde3. This fixes some vulnerabilities, which can be exploited by malicious people to conduct phishing and cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | fe0664295433188ac623aa1597028ce7c49775128db89bd5fa80d534504d7723
Secunia Security Advisory 26276
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Peter Ohlerich has reported a vulnerability in Lantronix SCS3200, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e1f3b3256e11a18b945c48c9e3c4772031a3878a34ca95951df865918c15beac
Secunia Security Advisory 27450
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Samba, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 1b942f2c7e8efd8c5f0f33d6ef96a53d72fca8e966c42742ba100d86e1938d8a
Secunia Security Advisory 27597
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for django. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | 0caa1782147a12cf4182f3f1749cc6752194480b1a847bfb38f2a3a709421901
Secunia Security Advisory 27612
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mono. This fixes a vulnerability with an unknown impact.

tags | advisory
systems | linux, fedora
SHA-256 | 32f93037901fd25dfe0a6ebf4bba46cb68fe4b103b1c63bcfe757adb7726444a
Secunia Security Advisory 27614
Posted Nov 16, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
SHA-256 | 7a3c326c58be7a87971c92b200088b3beb2d5bced95be6b8d60c8df9e7cfbb65
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close