what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2008-08-15 to 2008-08-16

Pardus Linux Security Advisory 2008.24
Posted Aug 15, 2008
Authored by Pardus Linux, Pardus

Pardus Linux Security Advisory - A security issue has been reported in Amarok, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux
advisories | CVE-2008-3699
SHA-256 | d16110974dcef3470fc6cbffe3e9a7f9caf390c6bd780e26c1c6afc0a50d92f1
Cisco Security Advisory 20080814-webex
Posted Aug 15, 2008
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - An ActiveX control (atucfobj.dll) that is used by the Cisco WebEx Meeting Manager contains a buffer overflow vulnerability that may result in a denial of service or remote code execution. The WebEx Meeting Manager is a client-side program that is provided by the Cisco WebEx meeting service. The Cisco WebEx meeting service automatically downloads, installs, and configures Meeting Manager the first time a user begins or joins a meeting. When users connect to the WebEx meeting service, the WebEx Meeting Manager is automatically upgraded to the latest version. There is a manual workaround available for users who are not able to connect to the WebEx meeting service.

tags | advisory, remote, denial of service, overflow, code execution, activex
systems | cisco
advisories | CVE-2008-2737
SHA-256 | 284e969b22dcb41ef0ee69b3d14ee6b3bb42d74793934f4975f0905768ecb6ca
zorum-blindsql.txt
Posted Aug 15, 2008
Authored by CraCkEr

Zorum version 3.5 blind SQL injection exploit.

tags | exploit, sql injection
SHA-256 | 2b0dd46d06ebd61e35f125ca5bd9f7a139c3c1f40ed72b646f70fe4175eec016
cfs-cfp.txt
Posted Aug 15, 2008
Site computerforensicshow.com

Forensic Trade Shows, LLC is proud to announce two events for 2009. The Computer Forensics Show will meet the needs of industry professionals by providing detailed information regarding the changes and advancements in the IT security marketplace. Each event will highlight exhibits from some of the leading companies in the industry, complemented by a comprehensive conference program to provide attendees with important information about the latest technological advancement, ideas and practical information available today.

tags | paper, conference
SHA-256 | a663706e62227aa155a4a880960ed741b96ce7834d074370545881856541db67
Secunia Security Advisory 31469
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for postfix. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, redhat
SHA-256 | 26e5b93f1420f1afe82359972f67749e64fbfeb262620810c2d867f2b3b48324
Secunia Security Advisory 31472
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for yum-rhn-plugin. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, redhat
SHA-256 | 62669103159ce37e63fd39a870a3758074b13edc3f5d85ed82114db2bfe5eb73
Secunia Security Advisory 31477
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for postfix. This fixes some security issues, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, gentoo
SHA-256 | c500bb971ee2c103bdc4a5fea4b85441a249449ab5f93ecfd5104473a3d0ca02
Secunia Security Advisory 31479
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for freetype. This fixes some vulnerabilities, which can potentially be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
SHA-256 | d4a70c43191f294920299fabee34a27298eae9babe4c102613ab30c34e3be6bf
Secunia Security Advisory 31486
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Symantec Veritas Storage Foundation, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 4904328c8b12a0701ab34855d708472fa882823670b64a313ac70f71d1200414
Secunia Security Advisory 31494
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HAVP, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e9862edbe7fa90c7e03477c6c5db531c940c434010729e3aef49d115e314fd67
Secunia Security Advisory 31502
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in xine-lib, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 02e56d325972f3bb9655d38bd84d80b35e7354c24c6e4f9163b8c365149fa57c
Secunia Security Advisory 31503
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Harmoni, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 52f3ea07ad42a645bc8b301fe15d63bb3e42b9ccd4e0a5548ed42d9a659c960b
Secunia Security Advisory 31505
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GnuTLS, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e5ae9e033314b0f364b930c8b10de894fd1714f6596d4abb6fc52b139b667867
Secunia Security Advisory 31507
Posted Aug 15, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mktemp, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
SHA-256 | fb1fb4aef3c53145d247161bf89cb553722b42d723d8a2ce692a1939966f577d
Gentoo Linux Security Advisory 200808-12
Posted Aug 15, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200808-12 - Sebastian Krahmer of SuSE has found that Postfix allows to deliver mail to root-owned symlinks in an insecure manner under certain conditions. Normally, Postfix does not deliver mail to symlinks, except to root-owned symlinks, for compatibility with the systems using symlinks in /dev like Solaris. Furthermore, some systems like Linux allow to hardlink a symlink, while the POSIX.1-2001 standard requires that the symlink is followed. Depending on the write permissions and the delivery agent being used, this can lead to an arbitrary local file overwriting vulnerability (CVE-2008-2936). Furthermore, the Postfix delivery agent does not properly verify the ownership of a mailbox before delivering mail (CVE-2008-2937). Versions less than 2.5.3-r1 are affected.

tags | advisory, arbitrary, local, root
systems | linux, solaris, suse, osx, gentoo
advisories | CVE-2008-2936, CVE-2008-2937
SHA-256 | d497bc162a46389e6722a35709f7ab1c3bd832aedc68b2878c475b7a46f79038
InternetProtocol.pdf
Posted Aug 15, 2008
Authored by Fernando Gont | Site cpni.gov.uk

This document aims to raise awareness about the many security threats based on the IP protocol, those that we are currently facing, and those we may still have to deal with in the future. It provides advice for the secure implementation of the IP, and also insights about the security aspects of the IP that may be of help to the Internet operations community.

tags | paper, protocol
SHA-256 | d32ba62cbedc3f111b56160738e51c8e5893201d8d65bdbb0a87c1efae6be3dd
SYM08-015.txt
Posted Aug 15, 2008
Site symantec.com

Symantec Security Advisory - It is possible to circumvent the security patch that resolved a previously identified authentication bypass, remote code execution vulnerability in the Veritas Storage Foundation for Windows version 5.0 Volume Manager Scheduler Service. Successful exploitation could result in potential compromise of the targeted system.

tags | advisory, remote, code execution
systems | windows
SHA-256 | cc2bd91daf243365afc7b9922ff500bf1b63b422140d1e5641709fbb7c025089
Zero Day Initiative Advisory 08-053
Posted Aug 15, 2008
Authored by Tipping Point, Tenable Network Security | Site zerodayinitiative.com

A vulnerability allows an attacker to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists in the functionality exposed by the Storage Foundation for Windows Scheduler Service, VxSchedService.exe, which listens by default on TCP port 4888. The management console allows NULL NTLMSSP authentication thereby enabling a remote attacker to add, modify, or delete snapshots schedules and consequently run arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
systems | windows
SHA-256 | 3652171caf78ee8bd5e8d4dffd1352e18b45cce0e160d428be5706660113a647
Zero Day Initiative Advisory 08-052
Posted Aug 15, 2008
Authored by Tipping Point, Oscar Mira-Sanchez | Site zerodayinitiative.com

A vulnerability allows remote attackers to deny services on vulnerable installations of OpenLDAP. Authentication is not required to exploit this vulnerability. The specific flaw exists in the decoding of ASN.1 BER network datagrams. When the size of a BerElement is specified incorrectly, the application will trigger an assert(), leading to abnormal program termination.

tags | advisory, remote
advisories | CVE-2008-2952
SHA-256 | 826dd8760f58a7442033869b73442fa313eff4808ff2cf50406dfb60620980f0
SUSE-SA-2008-041.txt
Posted Aug 15, 2008
Site suse.com

SUSE Security Announcement - The SuSE Security-Team has found two critical issues in the code for openwsman. Two remote buffer overflows while decoding the HTTP basic authentication header exist and a possible SSL session replay attack affecting the client exists.

tags | advisory, remote, web, overflow
systems | linux, suse
advisories | CVE-2008-2234, CVE-2008-2233
SHA-256 | 1b8fcd5682a7cf47d644d8c7af1a82a9ef7996b63316f6aaacb337171c13ac8b
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close