what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2009-02-23 to 2009-02-24

Gentoo Linux Security Advisory 200902-6
Posted Feb 23, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200902-06 - Two vulnerabilities were found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. One also affects edit-utils in XEmacs. Morten Welinder reports about GNU Emacs and edit-utils in XEmacs: By shipping a .flc accompanying a source file (.c for example) and setting font-lock-support-mode to fast-lock-mode in the source file through local variables, any Lisp code in the .flc file is executed without warning (CVE-2008-2142). Versions less than 22.2-r3 are affected.

tags | advisory, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2008-2142, CVE-2008-3949
SHA-256 | 17c8574bea50c15bdbfc0e4b347a4c54008d41f1d8b905d89aa9b3117651a5ff
Mandriva Linux Security Advisory 2009-051
Posted Feb 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-051 - A number of vulnerabilities have been found and corrected in libpng. Fixed 1-byte buffer overflow in pngpread.c. This was allready fixed in Mandriva Linux 2009.0. Fix the function png_check_keyword() that allowed setting arbitrary bytes in the process memory to 0. Fix a potential DoS (Denial of Service) or to potentially compromise an application using the library. The updated packages have been patched to prevent this.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2008-3964, CVE-2008-5907, CVE-2009-0040
SHA-256 | a74739120bac463b5e67987f05bd7c87e179193dd9d8c7d71e771b76ab1b5b1a
Mandriva Linux Security Advisory 2009-050
Posted Feb 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-050-1 - A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length. The updated packages have been patched to prevent this. The previous update package was not signed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2009-0544
SHA-256 | 618fc4a1e35de59495086bd8ccfa8b6f0c0d92c24e82a3883519f85085df6a5c
taifajobs 1.0 SQL Injection
Posted Feb 23, 2009
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

taifajobs versions 1.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9f5ef209bfeb754f2b0cb3bcfc2e49211ae53f422bf88602344084e13b513db0
Library For Converting i386 Shellcode Into ASCII-Only
Posted Feb 23, 2009
Authored by Ronald Huizer | Site libaosc.sourceforge.net

libaosc is a library for converting i386 shellcode into randomized ASCII-only shellcode.

tags | shellcode, library
SHA-256 | 8072465fc3fc75f620d483288437c55349c8e70696a6e6d965e1282f5ae7507d
MDPro My_eGallery SQL Injection
Posted Feb 23, 2009
Authored by StAkeR

MDPro My_eGallery module remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 3046be75a8d626f0ee555076af52c42ca5898127db29bb8393fbbe16983996f5
Mozilla Firefox 3.0.6 Crash Exploit
Posted Feb 23, 2009
Authored by cilicio

Mozilla Firefox version 3.0.6 BODY onload remote crash exploit.

tags | exploit, remote
SHA-256 | c0d086a8ac7b4516fd54e0738cd62570544050e97148506a9acda7ad47c72ab2
Adobe Acrobat Reader JBIG2 Buffer Overflow
Posted Feb 23, 2009
Authored by k'sOSe | Site pornosecurity.org

Proof of concept exploit for Adobe Acrobat Reader JBIG2 buffer overflow vulnerability.

tags | exploit, overflow, proof of concept
SHA-256 | 5311e72227ac4b3ff87264e11dafaaa40b085ab522f09310081a6faf6c45c1cf
HP Quality Center Code Execution
Posted Feb 23, 2009
Authored by Exposit Limited | Site exposit.co.uk

An arbitrary user can for the HP Quality Center to execute arbitrary code via the VBScript workflow files.

tags | advisory, arbitrary
SHA-256 | 34ad47f6a52db68117e3da1097d955e55dc73b32f934cdccb2698ccd9bc769da
MLdonkey 2.9.7 Double Slash File Disclosure
Posted Feb 23, 2009
Authored by Michael Peselnik

MLdonkey versions 2.9.7 and below suffer from a double slash file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | c6acee962a39ddeed5b6b74d1eee84ac2e42340ce2c1020099336bde5c303de0
Optus/Huawei E960 HSDPA Router Cross Site Scripting
Posted Feb 23, 2009
Authored by Rizki Wicaksono | Site ilmuhacking.com

The Optus/Huawei E960 HSDPA router suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a1b55ccfabf6b03502a08309a9aa4bb5ba1571a1e673fcba9a8c621ab8f6e7ce
Pyrophobia 2.1.3.1 Command Execution
Posted Feb 23, 2009
Authored by Osirys | Site y-osirys.com

Pyrophobia version 2.1.3.1 command execution exploit that leverages local file inclusion.

tags | exploit, local, file inclusion
SHA-256 | 96908c3bb8f930153d1c72cd84d0d9ef9479856a453dcea97919bbd2e156f9d2
Libero Cross Site Scripting
Posted Feb 23, 2009
Authored by Oliver Greiter | Site senseofsecurity.com.au

Libero version 5.3 SP5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2009-0540
SHA-256 | 45fa5e80ef17455ab47ee63066b1fc648b12b085d0454f936f2990173d3ea75e
Free Arcade Script 1.0 Command Execution
Posted Feb 23, 2009
Authored by Osirys | Site y-osirys.com

Free Arcade Script version 1.0 command execution exploit that leverages local file inclusion.

tags | exploit, local, file inclusion
SHA-256 | 760f3aa37672fbff5e8a85a9b9c8297515e5ef595a4f439550042959705efc3f
pPIM 1.01 Command Execution Exploit
Posted Feb 23, 2009
Authored by JosS | Site spanish-hackers.com

pPIM version 1.01 remote command execution exploit that leverages notes.php.

tags | exploit, remote, php
SHA-256 | 91e50b66a552c55d7ec05a6708d1cfe3c82b99d831d0bee24c6e264560138b57
Joomla gigCalendar 1.0 SQL Injection gigcal_bands_id
Posted Feb 23, 2009
Authored by Salvatore Fresta

The Joomla gigCalendar module version 1.0 suffers from a remote SQL injection vulnerability in gigcal_bands_id.

tags | exploit, remote, sql injection
SHA-256 | 32b45f87b3446c54ce0e6406e835038a1ce7d5cd690a3e05a9f2312f34875f89
Joomla gigCalender 1.0 SQL Injection gigcal_venues_id
Posted Feb 23, 2009
Authored by Salvatore Fresta

The Joomla gigCalendar module version 1.0 suffers from a remote SQL injection vulnerability in gigcal_venues_id.

tags | exploit, remote, sql injection
SHA-256 | 65f947df3ef37e7f373d9a6ac96f7ab3110d0d8288ae7333e3bee6450d85d1e0
zFeeder 1.6 Authentication Bypass
Posted Feb 23, 2009
Authored by ahmadbady

zFeeder version 1.6 suffers from a direct access no authentication administration access vulnerability.

tags | exploit, bypass
SHA-256 | 93e573eb958f8d7d3448ef742f8773464c443b2a8f738773bb06ddaf80914f77
Joomla gigCalendar 1.0 SQL Injection index.php
Posted Feb 23, 2009
Authored by Salvatore Fresta

The Joomla gigCalendar module version 1.0 suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
SHA-256 | ad09d2088f9d082b673a0dc80713ca1888166b8f1ebeb6a67bb4e6ec265bc6fa
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Feb 23, 2009
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Support of the EAP-MSCHAPv2 protocol enabled. Assignment of up to two DNS and up to two WINS servers to peers via the IKEv2 Configuration Payload. The strongSwan applet for the Gnome NetworkManager is now built and distributed as a separate tarball under the name NetworkManager-strongswan.
tags | kernel, encryption
systems | linux
SHA-256 | 0d34ff3fc3eca6539cfb3a6443319ec033d2dfcdee17e6727b8916c8a633e63e
Secunia Security Advisory 34014
Posted Feb 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in SmoothGuardian, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 83394651cdf476e91274aaf145094ca8c1aa7cd3ac77ac5e12417c54c91869a2
Secunia Security Advisory 34007
Posted Feb 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ByALBAYX has reported some vulnerabilities in Professioneller Anzeigenmarkt, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 16da2c7c9e7f3951db5c97790f64e9199f84383cb6b309881af082aa690a5bfd
Secunia Security Advisory 34020
Posted Feb 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in WinGate, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 5ec87dd46e74b28597f18de805cfe4834378a5dee5248a19a2f1e618c4f43f08
Secunia Security Advisory 34019
Posted Feb 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Squid, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 351d3d00afe0e180b99b9f81cd9564559629b01f739721fd47f6124134697c23
Secunia Security Advisory 33998
Posted Feb 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - PLATEN has reported a vulnerability in Blue Utopia, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 41b14509766dd50eeb272f742df26d82b7a43054274058b8838ef2cda4f303cf
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close