what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2008-10-11 to 2008-10-12

Mandriva Linux Security Advisory 2008-210
Posted Oct 11, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. This update was too late for inclusion in Mandriva Linux 2009, so it is being released now for that version.

tags | advisory, remote, web, arbitrary
systems | linux, mandriva
advisories | CVE-2008-3906
SHA-256 | 057cc00fb8f186be7032374de00c42bdc803457f6c45ccb348535206b9dac36b
Mandriva Linux Security Advisory 2008-211
Posted Oct 11, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An attacker could create malicious SGI image files that could possibly execute arbitrary code if the file was printed. An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter. An attacker could create a malicious text file that could possibly execute arbitrary code if the file was printed. Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code if the file was printed. The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-3639, CVE-2008-3640, CVE-2008-3641
SHA-256 | 7608e3bc5aaab4d41002691856a523d026b6aac29e25deeb3a6f44548eaf4c26
Debian Linux Security Advisory 1646-2
Posted Oct 11, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1646-2 - In DSA 1646-1, an update was announced for a denial of service vulnerability in squid, a caching proxy server. Due to an error in packaging and in testing, the updated packages did not correct the weakness. An updated release is available which corrects the error. A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a denial of service condition against squid.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2008-1612
SHA-256 | c86b7cac5874a3f1851233619e56e4f46d095a57079707a883b872a5b19e88c9
cabrightstor-exec.txt
Posted Oct 11, 2008
Authored by cocoruder | Site ruder.cdut.net

CA BrightStor ARCServe BackUp is an overall data backup solution. The RPC interface of CA BrightStor ARCServe BackUp does not handle user's input exactly that allows anonymous attacker to inject any command, a remote code execution attack may achieved through this way. Details are provided. CA BrightStor ARCServe BackUp version R11.5 is affected.

tags | exploit, remote, code execution
advisories | CVE-2008-4397
SHA-256 | f8d09baffc323cebdb0ee128fa1a375f7483be296775677fead1555e2c71a4be
Joomla Jeux 1.0.0 SQL Injection
Posted Oct 11, 2008
Authored by Valon Kerolli | Site itshqip.com

The Joomla Jeux component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b48737acd74894b8381b920afce23da77a554e3b26950c33c24df4d3251bbcbc
Joomla Videos 1.0.0 SQL Injection
Posted Oct 11, 2008
Authored by Valon Kerolli | Site itshqip.com

The Joomla Videos component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 752445bbccf773bc2a18559aa2bb464d6096343b2042d08bc2153cdb6843919d
Joomla Photos 1.0.0 SQL Injection
Posted Oct 11, 2008
Authored by Valon Kerolli | Site itshqip.com

The Joomla Photos component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f0ae2bdef86e0ba7fc130b98c6c8ac91c455d1a74f35d96488ea9eed50b2193e
Joomla Flash 1.0.0 SQL Injection
Posted Oct 11, 2008
Authored by Valon Kerolli | Site itshqip.com

The Joomla Flash component version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5c25875976b0683ac93eec8743d241390202e85607fbd7bfbf27678e963626f6
Joomla Ownbiblio 1.5.3 SQL Injection
Posted Oct 11, 2008
Authored by Valon Kerolli | Site itshqip.com

The Joomla ownbiblio component version 1.5.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 06a62715666675b062aed70859e985fc986d71d5c3cc7ee1a647c1b4d9bcffdf
eebcms-xss.txt
Posted Oct 11, 2008
Authored by d3v1l

EEB-CMS version 0.95 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 57d61a19bac861b8a37c8580653cb38fd90c3d0e72c2ec4014261333d2d1739c
slimcms-escalate.txt
Posted Oct 11, 2008
Authored by StAkeR

SlimCMS versions 1.0.0 and below privilege escalation exploit that uses redirect.php.

tags | exploit, php
SHA-256 | 625eb8b6f77dfa9ea22f49f685e465db7c2f77848757bf68619c4906a1700a5e
Zero Day Initiative Advisory 08-067
Posted Oct 11, 2008
Authored by Tipping Point, regenrecht | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple CUPS. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and pen color opcodes result in an arbitrary memory overwrite allowing for the execution of arbitrary code as the "hgltops" process uid.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2008-3641
SHA-256 | 43b38342476d71a0e4742db59587e779dbd1fc675da878775ea4e5dd7e5b6375
CVE-2008-3271.txt
Posted Oct 11, 2008
Authored by Mark Thomas | Site tomcat.apache.org

Apache Tomcat versions 4.1.0 to 4.1.31 and 5.5.0 suffer from an information disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2008-3271
SHA-256 | 465aad4edd5d33fc410a93390311c63759bed560f67aa892017afbf7cb22422b
Joomla mad4joomla SQL Injection
Posted Oct 11, 2008
Authored by Valon Kerolli | Site itshqip.com

The Joomla mad4joomla component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2b5058cc89f03efc3a78460698568502507b390f61e13f316774f90bd03bf197
Joomla Ignite Gallery 0.8.3 SQL Injection
Posted Oct 11, 2008
Authored by Valon Kerolli | Site itshqip.com

The Joomla Ignite Gallery component version 0.8.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4c8e09305172b89038a71af592e43a497fbffcdafd4c0b16751479c43684ee3f
easynet4ulink-sql.txt
Posted Oct 11, 2008
Authored by BeyazKurt

Easynet4u Link Host suffers from a remote SQL injection vulnerability in directory.php.

tags | exploit, remote, php, sql injection
SHA-256 | b2ae92d088496de5be64000392a9d94758c07244d0db12160084cc9a3a52b586
easynet4uforum-sql.txt
Posted Oct 11, 2008
Authored by SuB-ZeRo

Easyney4u Forum Host suffers from a remote SQL injection vulnerability in forum.php.

tags | exploit, remote, php, sql injection
SHA-256 | 3917c46d61a4aa15f2bce760726714e0e61ea9b798173887702953cf49af67f5
easynet4ufaq-sql.txt
Posted Oct 11, 2008
Authored by SuB-ZeRo

Easyney4u FAQ Host suffers from a remote SQL injection vulnerability in faq.php.

tags | exploit, remote, php, sql injection
SHA-256 | 5602933e579c3c3a3804ae7c5fe03dc15a1fad5fd0ca7229317868fa56f788e4
Ubuntu Security Notice 651-1
Posted Oct 11, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 651-1 - A large amount of vulnerabilities have been addressed in Ruby. These issues include integer overflow, bypass, input validation, and various other vulnerabilities.

tags | advisory, overflow, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2008-2376, CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905
SHA-256 | 5557d431a53fdfbc495c90e3822a34c8b1dcc60e208ef88fe797ec0c86bfdcfa
nokiaminimap-crash.txt
Posted Oct 11, 2008
Authored by Luca Carettoni | Site secunia.com

The Nokia Mini Map Browser suffers from a silent crash vulnerability.

tags | advisory
SHA-256 | ea8657ee3bff0560317b033c2fec9f30414dbc0595ff68403bf49e94ffbca132
FSC20081009-11.txt
Posted Oct 11, 2008
Site assurent.com

A vulnerability has been discovered in the Tape Engine component of CA ARCserve Backup. Insufficient input validation when processing remote procedure call (RPC) requests is the cause of this vulnerability.

tags | advisory, remote
advisories | CVE-2008-4398
SHA-256 | 00278161704cbe007a374c1ce77d61fa33b2af3b8d8d51f3df41928d3e541e03
FSC20081009-12.txt
Posted Oct 11, 2008
Site assurent.com

A vulnerability has been discovered in the DB Engine component of CA ARCserve Backup. Insufficient input validation when processing remote procedure call (RPC) requests is the cause of this vulnerability.

tags | advisory, remote
advisories | CVE-2008-4399
SHA-256 | 5ba6b5a0f0b2fe9a559c894c4b246cea5204a73a7f625b2de9c4cc1a0de60245
ayco-sql.txt
Posted Oct 11, 2008
Authored by Crackers_Child

Ayco Okul Portali suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d85d5c274fd61589aee280590bc454697ef3ddf1a63089dd65cb9c77e7ef12c9
Secunia Security Advisory 32116
Posted Oct 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple Juniper Networks products, which can be exploited by malicious people to manipulate the router's neighbor cache.

tags | advisory
systems | juniper
SHA-256 | a7f1c105c22f11b8b6b6fa3e1b30e13c453bcb9ff78e64f9415889cbc5e34dcf
Secunia Security Advisory 32128
Posted Oct 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mediawiki. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, fedora
SHA-256 | 9e20802e718a1c3a9dcd4371b06ac8ecfbeec99bc3dee1e5241886d6e233ab66
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close