exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 34 of 34 RSS Feed

Files Date: 2010-03-05 to 2010-03-06

Secunia Security Advisory 38829
Posted Mar 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for wireshark. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | 2680f99870aabf0cbf4853b9c945c1162be5c47957827eb394e9b3ebc62147af
OpenNHRP NBMA Next Hop Resolution 0.11.3
Posted Mar 5, 2010
Authored by Timo Teras | Site sourceforge.net

OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.

Changes: A check that prevented the forwarding of multicast packets in some cases was removed. Netlink buffer sizes were increased.
tags | encryption, protocol
systems | cisco, linux
SHA-256 | e34380ae4624f52e48d3463955f9221884aa98a74af03ec8165619765d8c9c91
Security Notice For CA SiteMinder
Posted Mar 5, 2010
Authored by Ken Williams | Site www3.ca.com

CA's support is alerting customers to a security risk with CA SiteMinder. Multiple cross site scripting (XSS) vulnerabilities exist that can allow a remote attacker to potentially gain sensitive information. CA has provided guidance to remediate the vulnerability.

tags | advisory, remote, vulnerability, xss
advisories | CVE-2009-3731
SHA-256 | 0086b7aee2a4c6e1f497434c6dd1033fc49b8c4e5dabfa495c73ef3dad9e9fb8
Mandriva Linux Security Advisory 2010-054
Posted Mar 5, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-054 - Pam_krb5 2.2.14 through 2.3.4 generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames. This update provides the version 2.3.5 of pam_krb5, which is not vulnerable to this issue.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2009-1384
SHA-256 | fb4f85115c0fdd37d78fb0e3282ca9687dff623ce59648c2678b94d9aec7f90c
Sagem Routers Remote Reset Exploit
Posted Mar 5, 2010
Authored by AlpHaNiX

Sagem routers remote reset exploit. It affects F@ST router models 1200/1240/1400/1400W/1500/1500-WG/2404.

tags | exploit, remote
SHA-256 | 6dd66d98a8ff326462c7d87ec26495683bd9141e9255e109ffa9173cb5e41ef6
Chilkat Crypt ActiveX WriteFile Unsafe Method
Posted Mar 5, 2010
Authored by shinnai, jduck | Site metasploit.com

This Metasploit module allows attackers to execute code via the 'WriteFile' unsafe method of Chilkat Software Inc's Crypt ActiveX control. This exploit is based on shinnai's exploit that uses an hcp:// protocol URI to execute our payload immediately. However, this method requires that the victim user be browsing with Administrator. Additionally, this method will not work on newer versions of Windows. NOTE: This vulnerability is still unpatched. The latest version of Chilkat Crypt at the time of this writing includes ChilkatCrypt2.DLL version 4.4.4.0.

tags | exploit, protocol, activex
systems | windows
advisories | CVE-2008-5002
SHA-256 | f5fc358c931e5cad863d48c12b7b5bd2f2586f9cca6246339d327cfef13918bd
Ultra Shareware Office Control ActiveX HttpUpload Buffer Overflow
Posted Mar 5, 2010
Authored by shinnai, jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when building the error message. This is due to the use of sprintf() without proper bounds checking. NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.

tags | exploit, overflow
advisories | CVE-2008-3878
SHA-256 | 8a257918eee93537e405cc218701960973136185e85d5e2b8f61efc33ae7b6b3
VMware Security Advisory 2010-0004
Posted Mar 5, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory - Updates have been issues for ESX Service Console newt, nfs-utils, and glib2 packages. vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages have also been issued.

tags | advisory, kernel
advisories | CVE-2009-2905, CVE-2008-4552, CVE-2008-4316, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2009-0590, CVE-2009-4022, CVE-2009-3560, CVE-2009-3720, CVE-2009-2904, CVE-2009-3563, CVE-2009-2695, CVE-2009-2849, CVE-2009-2695, CVE-2009-2908
SHA-256 | 0ae5770077c762418cfd24f3ee041e3030eda4c4cf779c13c8b5a0c5d3c879ca
Debian Linux Security Advisory 2007-1
Posted Mar 5, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2007-1 - Ronald Volgers discovered that the lppasswd component of the cups suite, the Common UNIX Printing System, is vulnerable to format string attacks due to insecure use of the LOCALEDIR environment variable. An attacker can abuse this behaviour to execute arbitrary code via crafted localization files and triggering calls to _cupsLangprintf(). This works as the lppasswd binary happens to be installed with setuid 0 permissions.

tags | advisory, arbitrary
systems | linux, unix, debian
advisories | CVE-2010-0393
SHA-256 | a35a24df791b66debd2d29b4aab39f8a82030daf160f0b4952edd924f7715ef0
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close