all things security
Showing 51 - 70 of 70 RSS Feed

Files Date: 2011-06-01 to 2011-06-02

Rocketmedia Blind SQL Injection
Posted Jun 1, 2011
Authored by Kalashinkov3

Rocketmedia suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d89588922b387e3fd29093aa8cc28fdf
Red Hat Security Advisory 2011-0841-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0841-01 - SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. A divide-by-zero flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system. Additionally, a privileged user could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1769
MD5 | 33888b492a6f735f1ffb904fd69f4694
Red Hat Security Advisory 2011-0840-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0840-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. It was discovered that the DHCP client daemon, dhclient, did not sufficiently sanitize certain options provided in DHCP server replies, such as the client hostname. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option's value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process. Various other issues were also addressed.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2011-0997
MD5 | c9e74d06d509dac8df4ad92de90fb722
Red Hat Security Advisory 2011-0839-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0839-01 - The GIMP is an image composition and editing program. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A stack-based buffer overflow flaw was found in the GIMP's Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-4540, CVE-2010-4541, CVE-2010-4542, CVE-2010-4543
MD5 | 26cec1870af4375837fe2b66d289ccd8
Ubuntu Security Notice USN-1140-2
Posted Jun 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1140-2 - USN-1140-1 fixed vulnerabilities in PAM. A regression was found that caused cron to stop working with a "Module is unknown" error. As a result, systems configured with automatic updates will not receive updates until cron is restarted, these updates are installed or the system is rebooted. This update fixes the problem. Marcus Granado discovered that PAM incorrectly handled configuration files with non-ASCII usernames. A remote attacker could use this flaw to cause a denial of service, or possibly obtain login access with a different users username. This issue only affected Ubuntu 8.04 LTS. It was discovered that the PAM pam_xauth, pam_env and pam_mail modules incorrectly handled dropping privileges when performing operations. A local attacker could use this flaw to read certain arbitrary files, and access other sensitive information. It was discovered that the PAM pam_namespace module incorrectly cleaned the environment during execution of the namespace.init script. A local attacker could use this flaw to possibly gain privileges. It was discovered that the PAM pam_xauth module incorrectly handled certain failures. A local attacker could use this flaw to delete certain unintended files. It was discovered that the PAM pam_xauth module incorrectly verified certain file properties. A local attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-3435
MD5 | 2cfe7fba673ba2aeb934eac0a68c53d8
Red Hat Security Advisory 2011-0838-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0838-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.

tags | advisory, overflow, arbitrary
systems | linux, redhat, windows
advisories | CVE-2009-1570, CVE-2010-4540, CVE-2010-4541, CVE-2010-4542, CVE-2010-4543, CVE-2011-1178
MD5 | 1c5cd1c1123638a409d933853ddf0f25
Red Hat Security Advisory 2011-0837-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0837-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.

tags | advisory, overflow, arbitrary
systems | linux, redhat, windows
advisories | CVE-2009-1570, CVE-2010-4541, CVE-2010-4543, CVE-2011-1178
MD5 | 3fdeeb0948d4e8e25b3d4a4dbfe199e0
Secunia Security Advisory 44795
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for jabberd14. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
MD5 | 5624f2054dbe73c12d3242de6f65d9dc
Secunia Security Advisory 44810
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in AnyMacro Mail System, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 814bf5be7de859e27a28b63aecf818c1
Secunia Security Advisory 44805
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Georg Fritsch has reported a vulnerability in Wyse ThinOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 93a767dc62de7bedb1ac80f3482408a2
Secunia Security Advisory 44799
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Pika CMS, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 2a6c3c4a34d0fd8ca32a299a1acf507b
Secunia Security Advisory 44779
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Symantec products, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | e5ad2560c333c9ef754c8d059e5948e6
Secunia Security Advisory 44797
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in GNOME Display Manager, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
MD5 | 3a0dd688ceac53797f7640ce8e47272f
Secunia Security Advisory 44788
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for citadel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
MD5 | fe71c5af1396ebdf0639c7be6016a8c3
Secunia Security Advisory 44774
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux and linux-ec2. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS, and by malicious people to cause a DoS.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 445cb040157e15ef2448f07415642462
Secunia Security Advisory 44807
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ejabberd, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | b66b0265949d39165d421bb803b96239
Secunia Security Advisory 44753
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WatchGuard XCS, which can be exploited by malicious people to manipulate certain data.

tags | advisory
MD5 | 80422693640f775cfc990c423443ef02
Red Hat Security Advisory 2011-0833-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0833-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw in the dccp_rcv_state_process() function could allow a remote attacker to cause a denial of service, even when the socket was already closed. Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-0726, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1763
MD5 | bde747ec06cbdfaa6b01930157a97ef5
Serendipity 1.5.5 Event Freetag Cross Site Scripting
Posted Jun 1, 2011
Authored by Stefan Schurtz

Serendipity version 1.5.5 with the serendipity_event_freetag plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | af1774ec749b6424b959cd7803b45f76
Packet Storm New Exploits For May, 2011
Posted Jun 1, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 253 exploits added to Packet Storm in May, 2011.

tags | exploit
systems | linux
MD5 | e7bc798f4cc81eb1e408b098635f727c
Page 3 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close