exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 70 of 70 RSS Feed

Files Date: 2011-06-01 to 2011-06-02

Rocketmedia Blind SQL Injection
Posted Jun 1, 2011
Authored by Kalashinkov3

Rocketmedia suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2ce98d0f684d84d9b0446692bd90c6cd93d6ccf1edde2f7acef2522cd358c41d
Red Hat Security Advisory 2011-0841-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0841-01 - SystemTap is an instrumentation system for systems running the Linux kernel, version 2.6. Developers can write scripts to collect data on the operation of the system. A divide-by-zero flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system. Additionally, a privileged user could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1769
SHA-256 | 83a3245143352b55f2a14786aedf6c975c0e124352b29ce5e82166a801a48ca5
Red Hat Security Advisory 2011-0840-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0840-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. It was discovered that the DHCP client daemon, dhclient, did not sufficiently sanitize certain options provided in DHCP server replies, such as the client hostname. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option's value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process. Various other issues were also addressed.

tags | advisory, arbitrary, code execution, protocol
systems | linux, redhat
advisories | CVE-2011-0997
SHA-256 | 812fe63dbde8488452a02a75040e52b7f39ea4252aaa8e63e8379bc9ac78f5d4
Red Hat Security Advisory 2011-0839-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0839-01 - The GIMP is an image composition and editing program. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A stack-based buffer overflow flaw was found in the GIMP's Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-4540, CVE-2010-4541, CVE-2010-4542, CVE-2010-4543
SHA-256 | dcaf51b46ecd247f153bafce0036f31b4e7f1e81aa7d1824c6e0a3af4dfb1e1c
Ubuntu Security Notice USN-1140-2
Posted Jun 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1140-2 - USN-1140-1 fixed vulnerabilities in PAM. A regression was found that caused cron to stop working with a "Module is unknown" error. As a result, systems configured with automatic updates will not receive updates until cron is restarted, these updates are installed or the system is rebooted. This update fixes the problem. Marcus Granado discovered that PAM incorrectly handled configuration files with non-ASCII usernames. A remote attacker could use this flaw to cause a denial of service, or possibly obtain login access with a different users username. This issue only affected Ubuntu 8.04 LTS. It was discovered that the PAM pam_xauth, pam_env and pam_mail modules incorrectly handled dropping privileges when performing operations. A local attacker could use this flaw to read certain arbitrary files, and access other sensitive information. It was discovered that the PAM pam_namespace module incorrectly cleaned the environment during execution of the namespace.init script. A local attacker could use this flaw to possibly gain privileges. It was discovered that the PAM pam_xauth module incorrectly handled certain failures. A local attacker could use this flaw to delete certain unintended files. It was discovered that the PAM pam_xauth module incorrectly verified certain file properties. A local attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-3435
SHA-256 | 5d201859cf56d4bf364b41135aa2c9404cb69d1a53679b2460baf65020bf8b0f
Red Hat Security Advisory 2011-0838-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0838-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.

tags | advisory, overflow, arbitrary
systems | linux, redhat, windows
advisories | CVE-2009-1570, CVE-2010-4540, CVE-2010-4541, CVE-2010-4542, CVE-2010-4543, CVE-2011-1178
SHA-256 | bcebaf7eecce22dfae82e4c81db212616345165a850f2049b859bb2f8f85043e
Red Hat Security Advisory 2011-0837-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0837-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap and Personal Computer eXchange image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. Various other issues were also addressed.

tags | advisory, overflow, arbitrary
systems | linux, redhat, windows
advisories | CVE-2009-1570, CVE-2010-4541, CVE-2010-4543, CVE-2011-1178
SHA-256 | bc734d04701963c119db99658f1e8c5db3d1bb7653d5c791749605209f890f90
Secunia Security Advisory 44795
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for jabberd14. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 06c2745e1cb988c61f6f8fd4d80074b835fba6b07af4ffc83c41569f87ee2de2
Secunia Security Advisory 44810
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in AnyMacro Mail System, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 703f96bb5c5c5a06bb5467c62728067f9a15bc7d1d04ddbd4c0476840610c98f
Secunia Security Advisory 44805
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Georg Fritsch has reported a vulnerability in Wyse ThinOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0b1a3c1e66a6c5f8478cbddcac3d8a54c43b1ed541381546ee4321878b634ad0
Secunia Security Advisory 44799
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Pika CMS, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 1967edad28d8b0df91ad371f6a4e3343282ce4dcf0305d67ab80bafc967113ec
Secunia Security Advisory 44779
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in various Symantec products, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | a8a2ca8d40e8a8dda29cb6a29f591ec7d5fb3d00666d82985bd62dfbaa8a52d3
Secunia Security Advisory 44797
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in GNOME Display Manager, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
SHA-256 | 7c66d8c2dc9be344109f19ef22c530911fd270b60da242fc5ceac9a6a4ccb801
Secunia Security Advisory 44788
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for citadel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 37756d40e12d7ce3935705712f0e08c431c7ddf9457d37d8b13a5842fd365ef1
Secunia Security Advisory 44774
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux and linux-ec2. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS, and by malicious people to cause a DoS.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | fcdc5bc540ad6aa56ab401090db46a87cd05dec7927c242c567f08aad6ca7708
Secunia Security Advisory 44807
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ejabberd, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 62751cf27c34476fe96b349bbd31d4efee11690f72e8aaf5cf1ff7cfa3739ce9
Secunia Security Advisory 44753
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WatchGuard XCS, which can be exploited by malicious people to manipulate certain data.

tags | advisory
SHA-256 | 473d7b7128532915880f26b010be1b6fcd127695f012d822a3d9397e11e160fe
Red Hat Security Advisory 2011-0833-01
Posted Jun 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0833-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw in the dccp_rcv_state_process() function could allow a remote attacker to cause a denial of service, even when the socket was already closed. Multiple buffer overflow flaws were found in the Linux kernel's Management Module Support for Message Passing Technology based controllers. A local, unprivileged user could use these flaws to cause a denial of service, an information leak, or escalate their privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-0726, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1763
SHA-256 | 6c8017bb07a6916f0d7d7287b1de37c93f29942577ec63e233b807942ce1a0c5
Serendipity 1.5.5 Event Freetag Cross Site Scripting
Posted Jun 1, 2011
Authored by Stefan Schurtz

Serendipity version 1.5.5 with the serendipity_event_freetag plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 80f380cee14afc2bf6ffc4f765065bf2355d85b4916e4a9dcb1b7a2096a79e6b
Packet Storm New Exploits For May, 2011
Posted Jun 1, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 253 exploits added to Packet Storm in May, 2011.

tags | exploit
systems | linux
SHA-256 | 3bfe1448e63a35e61e4f6614a659dc1481879f4fe7b179f5ea443690c00161a5
Page 3 of 3
Back123Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close