Phrack Magazine Issue 66 - Phrack Prophile on the PaX Team, World News, Abusing the Objective C runtime, Exploit DLmalloc frees in 2009, and more.
63ebcba5fe533f2e6a8d1af9e2b8f18753423141dbd4728f0e84d64554a227acProof of concept local privilege escalation exploit for the Linux kernel pipe.c vulnerability.
8520212a783ddedab3d9b9af55edd94f3fee40c82f16d372fe68b4866ea21535Google Chrome versions prior to 3.0.195.32 suffer from a vulnerability that allows for file theft.
65b6230b7b654fce7de1ab9993edea3503041937895e5f419b4cda88ac0103caMandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.
4addcca5fafa803913097baa6c63f7a85816ac4e4393a557c0051bbed68d1b5bThis is a proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS.
2b661f70766b0bbb234ee49ed56b97004e033d7c2f3d9430a1d4126fb06e3714Ubuntu Security Notice 855-1 - Mark Martinec discovered that HTML::Parser incorrectly handled strings with incomplete entities. An attacker could send specially crafted input to applications that use HTML::Parser and cause a denial of service.
fc5f9a70082c36236c726e7102bbd6f762acbe9ae8cb6e13f5c303504e794eb9Ubuntu Security Notice 854-1 - Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code. It was discovered that the GD library did not properly handle incorrect color indexes. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle certain malformed GIF images. If a user or automated system were tricked into processing a specially crafted GIF image, an attacker could cause a denial of service. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle large angle degree values. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service. This issue only affected Ubuntu 6.06 LTS.
b73b36b887d79ca9e33bd11f21234253e6b1365bba9dccdfd6ef80ad069bb5e6Zero Day Initiative Advisory 09-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web based management web server. Proper bounds checking is not applied when parsing the Login variable which can result in an exploitable stack overflow. Successful exploitation can lead to complete system compromise under the SYSTEM credentials.
4fe2c6ee8f4ae0da2ae82442b72be82eb4f7a98c1b56f5d96838548dde5e5b48Debian Linux Security Advisory 1927-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation.
d172692933ef66a5cf069a277b5df019de629aa1b3e10941735fd69d684b8aa6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed