exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 873 RSS Feed

Files Date: 2009-11-01 to 2009-11-30

Ubuntu Security Notice 862-1
Posted Nov 27, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 862-1 - Maksymilian Arciemowicz discovered that PHP did not properly validate arguments to the dba_replace function. If a script passed untrusted input to the dba_replace function, an attacker could truncate the database. It was discovered that PHP did not properly handle certain malformed images when being parsed by the Exif module. A remote attacker could exploit this flaw and cause the PHP server to crash, resulting in a denial of service. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the tempnam function. An attacker could exploit this issue to bypass safe_mode restrictions. Grzegorz Stachowiak discovered that PHP did not properly enforce restrictions in the posix_mkfifo function. An attacker could exploit this issue to bypass open_basedir restrictions. Bogdan Calin discovered that PHP did not limit the number of temporary files created when handling multipart/form-data POST requests. A remote attacker could exploit this flaw and cause the PHP server to consume all available resources, resulting in a denial of service.

tags | advisory, remote, denial of service, php
systems | linux, osx, ubuntu
advisories | CVE-2008-7068, CVE-2009-3291, CVE-2009-3292, CVE-2009-3557, CVE-2009-3558, CVE-2009-4017, CVE-2009-4018
SHA-256 | 4f878a13f8d4ca2752e08bf4d244d21c1e5497b18bc52847b8aad57c52a0fa41
Serenity Audio Player Buffer Overflow
Posted Nov 27, 2009
Authored by mr_me

Serenity Audio Player playlist buffer overflow exploit that creates a malicious .m3u file. Versions 3.2.3 and below are affected.

tags | exploit, overflow
SHA-256 | f918524c4e76aabc077953fa6b99eb05d62683cf932d7b3baf8718d6318cbc8f
phpBazar 2.1.1fix SQL Injection
Posted Nov 27, 2009
Authored by MizoZ

phpBazar versions 2.1.1fix and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 35422732f65845cb7bf2789b9b8160ffac6c15103e8b735b2efaa45d2818649d
Joomla Lyftenbloggie SQL Injection
Posted Nov 27, 2009
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla Lyftenbloggie component version 1.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0d1c13f3288bfebcc21958d841b45d743f364fa08f868e81d5c54971b2e308e3
Mandriva Linux Security Advisory 2009-304
Posted Nov 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-304 - Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO. Additionally BIND has been upgraded to the latest point release or closest supported version by ISC.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2009-4022
SHA-256 | 9ef63a92ea5c656e10f978bda2eca00adcbcfdbdc739c460d980dce572fdbc55
Gentoo Linux Security Advisory 200911-6
Posted Nov 27, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200911-6 - An input sanitation error in PEAR Net_Traceroute might allow remote attackers to execute arbitrary commands. Pasquale Imperato reported that the $host parameter to the traceroute() function in Traceroute.php is not properly sanitized before being passed to exec(). Versions less than 0.21.2 are affected.

tags | advisory, remote, arbitrary, php
systems | linux, gentoo
advisories | CVE-2009-4025
SHA-256 | 8ce60f2d4618c4b7ff715e710c9973f96f90ed1d960f93bcddeaf72ce767c1cd
Cacti 0.8.7e Cross Site Scripting
Posted Nov 27, 2009
Authored by Moritz Naumann

Cacti versions 0.8.7e and below suffer from cross site scripting and privilege escalation vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2009-4032
SHA-256 | 46b2f0621a038c9d1cf8f5e9339d33346bff4eee0f4af05ef47b5f6b44a3746a
Debian Linux Security Advisory 1940-1
Posted Nov 27, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1940-1 - Several remote vulnerabilities have been discovered in the PHP 5 hypertext preprocessor.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2009-2626, CVE-2009-2687, CVE-2009-3291, CVE-2009-3292
SHA-256 | a5539a28cde8a1bb5d0403cbd15a3328e03796380d5dd7bb69921367844f4dac
BolinTech Dream FTP Server 1.02 Format String
Posted Nov 27, 2009
Authored by Patrick Webster | Site metasploit.com

This Metasploit module exploits a format string overflow in the BolinTech Dream FTP Server version 1.02. Based on the exploit by SkyLined.

tags | exploit, overflow
advisories | CVE-2004-2074
SHA-256 | 63c84ac9c90cdd1cd404d2b1f022ad37deeeee6983215b7f45cdb61d9ec25e5d
Secunia Security Advisory 37497
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for PEAR-Net_Traceroute. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
SHA-256 | d30f4f1585cb0b600ecfe75305a6f06a2375bf8b896fa3464d290a13c8b71dae
Secunia Security Advisory 37478
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in RADIO istek scripti, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | f35b948343b05cd1ca1505c154442a9a8d15804ff356e2329998f769020afee7
Secunia Security Advisory 37476
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the GCalendar component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 48ea3df1dfab97437fbda3d2c469c9ecc3aa410904b8cc1c468a2a5dd9b34114
Secunia Security Advisory 37498
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for php5. This fixes multiple vulnerabilities, some of which have unknown impact and others that can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | 8a3bba3f6160f320a8d8a86c5c71c813da4700eb0877e5a509e9a1450aef6782
Secunia Security Advisory 37499
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - kaMtiEz has discovered a vulnerability in the LyftenBloggie component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 5ad1e51390ed8463dad0a68da7956f53721acae8e135f9227e3b8008839ec79c
Secunia Security Advisory 37480
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability and a weakness have been reported in DotNetNuke, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

tags | advisory, xss
SHA-256 | 20b113eefdc84675eedb668de690f2d3d65a1d412573d42aca5a724f91066a4d
Secunia Security Advisory 37473
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - leinakesi has reported a vulnerability in XM Easy Personal FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | a981521278e3b86255ff756fa2e5ac0dfc9f827174177e2390df2564eacf2de2
Secunia Security Advisory 37452
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - The Wee Free Men have discovered a vulnerability in Robo-FTP, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 1848de9e1fedea10074629f9296c114930911e7df3374d70928ea06762f95650
Secunia Security Advisory 37409
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
SHA-256 | 365f9d0d4c52d3da68f23a3aca7c78117f27f6550dd84ff91c49af191b705a13
Secunia Security Advisory 37502
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for php-pear-Net-Ping. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, php
systems | linux, fedora
SHA-256 | 68e53e54334079cade8a92f890a9c6481ecb03b0096235a9f8124b2e10447800
Secunia Security Advisory 37445
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Dstat, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 70389e5f06bebb93839c65f25341a9347875eaea50ebed59e04f10b3f0a1b787
Secunia Security Advisory 37454
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in IBM DB2, which can potentially be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
SHA-256 | 840f284109ba42b50e50fcdcd6f2077ef4ad9de6c3da96c80cfeb63e71b119bf
Secunia Security Advisory 37457
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for dstat. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, gentoo
SHA-256 | b3b04633fda8c11494463765a8d437155818aed7e45d01e84b8e85b72593b80b
Secunia Security Advisory 37506
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | solaris
SHA-256 | f7708eed7e3527ff40cbdcb03d6b8f8983c7b9081b2db6a6457835c0232c077b
Secunia Security Advisory 37501
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for OpenSSL in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | hpux
SHA-256 | 72349c40c3693a684298071545c0ad94deb4d90b90cefe23c76215e7c2be3908
Secunia Security Advisory 37491
Posted Nov 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to poison the DNS cache.

tags | advisory
systems | solaris
SHA-256 | 3aa3884576efd33f1cc6e7dafb153230240df48fd8f1cfe16f6dc5539c3ec2da
Page 1 of 35
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close