what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 70 RSS Feed

Files Date: 2011-06-01 to 2011-06-02

Secunia Security Advisory 44711
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Chris Evans has reported a vulnerability in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
SHA-256 | f314e24f7529cf3822af0d0b3fe9a82665e3f40cdb54255f1a3656566cbed9ff
Secunia Security Advisory 44794
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in vBulletin Publishing Suite and vBulletin Forum Classic.

tags | advisory
SHA-256 | 7932f7ab4ac8dfbc82d9c67bd333603f64b925bb8f0471e5640600790c63902b
Secunia Security Advisory 44791
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | a359ec1a56763fe95bf334ccb2b34e3bd514aa757b5ef2b31de8db880330b3cd
Secunia Security Advisory 44606
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 128a69e92ab28a79151fe2988cc993260bc25b889c49f36266bcf9ae81fd9480
Secunia Security Advisory 44785
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in Kentico CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 5940b95485a72046728f6644b17d9af73aeeb2496744c95c42b255698ae55fe2
Secunia Security Advisory 44792
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges, by malicious, local users to disclose system information and cause a DoS, and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | 32cfe5e78f26da80b713fb657c707139df52359de6a2ad12096ed4b97ff441a9
Secunia Security Advisory 44787
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in jabberd, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 05646ded671ab49a9907595ae9b1a32335a4c20758f1f3bb20155d755fb9bdf8
Secunia Security Advisory 44795
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for jabberd14. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 06c2745e1cb988c61f6f8fd4d80074b835fba6b07af4ffc83c41569f87ee2de2
Secunia Security Advisory 44810
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in AnyMacro Mail System, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 703f96bb5c5c5a06bb5467c62728067f9a15bc7d1d04ddbd4c0476840610c98f
Ubuntu Security Notice USN-1141-1
Posted Jun 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1141-1 - Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not correctly handle certain configurations. If such a device was configured without VLANs, a remote attacker could crash the system, leading to a denial of service. Various other issues were also discovered.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4243, CVE-2010-4263, CVE-2010-4342, CVE-2010-4529, CVE-2010-4565, CVE-2010-4656, CVE-2011-0463, CVE-2011-0521, CVE-2011-0695, CVE-2011-0712, CVE-2011-0726, CVE-2011-1010, CVE-2011-1012, CVE-2011-1013, CVE-2011-1016, CVE-2011-1019, CVE-2011-1082, CVE-2011-1083, CVE-2011-1182
SHA-256 | 57d390bf303463d6c20dbdd18a9985526c1055c3466d6eb556248e59af380d06
Security Implications Of IPv6 Extensions Headers With Neighbor Discovery
Posted Jun 1, 2011
Authored by Fernando Gont | Site ietf.org

IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers.

tags | paper, local
SHA-256 | ae1239dbe215828238bde7e4d18f0fa35e3f33bfb61ed97549a17cb1ea60cd42
IPv6 Router Advertisement Guard (RA-Guard) Evasion
Posted Jun 1, 2011
Authored by Fernando Gont | Site ietf.org

The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly employed to mitigate attack vectors based on forged ICMPv6 Router Advertisement messages. Many existing IPv6 deployments rely on RA-Guard as the first line of defense against the aforementioned attack vectors. This document describes possible ways in which current RA- Guard implementations can be circumvented, and discusses possible mitigations.

tags | paper
SHA-256 | 419dbe3a0dedd1c464fb648a00b9ab7d264f3801038e9c2fc543db909c6fa908
Zero Day Initiative Advisory 11-170
Posted Jun 1, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-170 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP 3COM/H3C Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the img.exe component which listens by default on TCP port 8800. When handling the a packet type the process uses a user provided length value in an arithmetic operation resulting in integer wrapping. The process then copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 77ac26b16630fe75710e84063609b80750e40c46872880224f51e484af4e6a23
byTolinet Agencia File Disclosure
Posted Jun 1, 2011
Authored by KnocKout

byTolinet Agencia suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 01e911bf13827e38af61dde1c7ff1ed8df004578b2f7ec461972a62cb1670f27
WebC.be File Disclosure
Posted Jun 1, 2011
Authored by KnocKout

WebC.be suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 893876484e6038bfc604f9a1fae0f17034a986eded9a6e75a083573a9db38b85
Pika CMS Local File Inclusion
Posted Jun 1, 2011
Authored by KnocKout

Pika CMS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 3b36530cf7aa0f05e4c5a5f4e35157a173a4fe72219938c7ddcb4a989d67188d
Pika CMS baza_mysql.php File Disclosure
Posted Jun 1, 2011
Authored by KnocKout

Pika CMS suffers from a baza_mysql.php disclosure vulnerability.

tags | exploit, php, info disclosure
SHA-256 | 7b542fc6f0fcf4be4d4cd1a945a7920682471568b48b88d37149cfb6929ad73d
TEDE Simplificado SQL Injection
Posted Jun 1, 2011
Authored by KnocKout

TEDE Simplificado suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c148c4dce5c6ae52ae9e65cbb1316ecb7570f99ad94c9801d33afb3361aaa675
Red Hat Security Advisory 2011-0845-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0845-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. An off-by-one flaw was found in the way BIND processed negative responses with large resource record sets . An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. Various other issues were also addressed.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2011-1910
SHA-256 | fdd26d6be250c5e59d407805f2b6df7ae8325c4a142b01bfff30b9ddbfe7da6f
Red Hat Security Advisory 2011-0844-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0844-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. The fix for CVE-2011-0419 introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function. Note: This problem affected httpd configurations using the "Location" directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, redhat
advisories | CVE-2011-1928
SHA-256 | 10c43bcfd8ec38f49e9fbbef97f03e10a6e47e439f21881be0d699f358706139
Zero Day Initiative Advisory 11-169
Posted Jun 1, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-169 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Endpoint. Authentication is required to exploit this vulnerability, however it is trivially achieved. The specific flaw exists within the lcfd.exe process which listens by default on TCP port 9495. To reach this page remotely authentication is required. However, by abusing a built-in account an attacker can access the restricted pages. While parsing requests to one of these, the process blindly copies the contents of a POST variable to a 256 byte stack buffer. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2011-1220
SHA-256 | 285e5b56f3b5a1ce6fb8f0683bf97b8bc3d0b7e2e10fa74b7e0621552c83cec0
Red Hat Security Advisory 2011-0843-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0843-01 - Postfix is a Mail Transport Agent, supporting LDAP, SMTP AUTH, and TLS. A heap-based buffer over-read flaw was found in the way Postfix performed SASL handlers management for SMTP sessions, when Cyrus SASL authentication was enabled. A remote attacker could use this flaw to cause the Postfix smtpd server to crash via a specially-crafted SASL authentication request. The smtpd process was automatically restarted by the postfix master process after the time configured with service_throttle_time elapsed. Various other issues were also addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-1720
SHA-256 | 290f32e19e804868ba34739ec9704dcafcfdf5319694188c9ac9fd4eb3c9d6dd
World e Mart SQL Injection
Posted Jun 1, 2011
Authored by eXeSoul

World e Mart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 79399238c717ea93245e7a6e02e449c7d34cd521916d10bae3b1c837f77925c9
Red Hat Security Advisory 2011-0842-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0842-01 - SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. Two divide-by-zero flaws were found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use these flaws to crash the system. Additionally, a privileged user could trigger these flaws when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1769, CVE-2011-1781
SHA-256 | 3c7427b5b95d584ff0f15f1cf948ace22383d21c18c9c82f90c5dc9830434834
Debian Security Advisory 2247-1
Posted Jun 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2247-1 - Several vulnerabilities have been discovered in Rails, the Ruby web application framework.

tags | advisory, web, vulnerability, ruby
systems | linux, debian
advisories | CVE-2011-0446, CVE-2011-0447
SHA-256 | dda07821464aca00aa4c5d5750f55d42c175313a3a262f28dccb7a0ae341b3cf
Page 2 of 3
Back123Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    27 Files
  • 29
    Feb 29th
    8 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close