Phrack Magazine Issue 66 - Phrack Prophile on the PaX Team, World News, Abusing the Objective C runtime, Exploit DLmalloc frees in 2009, and more.
63ebcba5fe533f2e6a8d1af9e2b8f18753423141dbd4728f0e84d64554a227ac
Proof of concept local privilege escalation exploit for the Linux kernel pipe.c vulnerability.
8520212a783ddedab3d9b9af55edd94f3fee40c82f16d372fe68b4866ea21535
Google Chrome versions prior to 3.0.195.32 suffer from a vulnerability that allows for file theft.
65b6230b7b654fce7de1ab9993edea3503041937895e5f419b4cda88ac0103ca
Mandriva Linux Security Advisory 2009-294 - Security issues were identified and fixed in Firefox 3.5.x.
4addcca5fafa803913097baa6c63f7a85816ac4e4393a557c0051bbed68d1b5b
This is a proof of concept exploit for the man-in-the-middle vulnerability related to SSL/TLS.
2b661f70766b0bbb234ee49ed56b97004e033d7c2f3d9430a1d4126fb06e3714
Ubuntu Security Notice 855-1 - Mark Martinec discovered that HTML::Parser incorrectly handled strings with incomplete entities. An attacker could send specially crafted input to applications that use HTML::Parser and cause a denial of service.
fc5f9a70082c36236c726e7102bbd6f762acbe9ae8cb6e13f5c303504e794eb9
Ubuntu Security Notice 854-1 - Tomas Hoger discovered that the GD library did not properly handle the number of colors in certain malformed GD images. If a user or automated system were tricked into processing a specially crafted GD image, an attacker could cause a denial of service or possibly execute arbitrary code. It was discovered that the GD library did not properly handle incorrect color indexes. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle certain malformed GIF images. If a user or automated system were tricked into processing a specially crafted GIF image, an attacker could cause a denial of service. This issue only affected Ubuntu 6.06 LTS. It was discovered that the GD library did not properly handle large angle degree values. An attacker could send specially crafted input to applications linked against libgd2 and cause a denial of service. This issue only affected Ubuntu 6.06 LTS.
b73b36b887d79ca9e33bd11f21234253e6b1365bba9dccdfd6ef80ad069bb5e6
Zero Day Initiative Advisory 09-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web based management web server. Proper bounds checking is not applied when parsing the Login variable which can result in an exploitable stack overflow. Successful exploitation can lead to complete system compromise under the SYSTEM credentials.
4fe2c6ee8f4ae0da2ae82442b72be82eb4f7a98c1b56f5d96838548dde5e5b48
Debian Linux Security Advisory 1927-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation.
d172692933ef66a5cf069a277b5df019de629aa1b3e10941735fd69d684b8aa6