Ubuntu Security Notice 1226-2 - Dan Rosenberg discovered that cifs-utils incorrectly handled changes to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. Jan Lieskovsky discovered that cifs-utils incorrectly filtered certain strings being added to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. Various other issues were also addressed.
6af7c242db0fdb0bbad276a6f9048b8bcaebdb8a9416eb291ba81198604e3ac3Ubuntu Security Notice 1226-1 - Dan Rosenberg discovered that Samba incorrectly handled changes to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. Jan Lieskovsky discovered that Samba incorrectly filtered certain strings being added to the mtab file. A local attacker could use this issue to corrupt the mtab file, possibly leading to a denial of service. This issue only affected Ubuntu 10.04 LTS. Various other issues were also addressed.
71e65f5653de3223a61f2d146fe9e51956f701ec43a9f64818e94a0e65975f98Whitepaper called Bypassing IDS with Return Oriented Programming. It heavily discusses and shows the point of leveraging polymorphic shellcode in order to bypass detection.
7b4233a85e4bc362abaaeaf8b2d2687ed81a3db3a7a699bbe6949214aeb66baeExploit Pack is an open source security framework that combines the benefits of a Java GUI, Python as an Engine, and well-known exploits in the wild. It has an IDE to make the task of developing new exploits easier, instant search, and XML-based modules.
680f26433d81278d9624e6a900a10b11bca037eb556fa1120918b4d9c16f210fThe Prosieben Tvtotal website at tvtotal.prosieben.de suffered from multiple remote SQL injection vulnerabilities.
9fcec2230f24e0f7484824463b551e5caaec842bc7294dd0e07e0206e35dd99fCanadianISP.ca suffered from a remote SQL injection vulnerability.
18043568d5b8ba522fc824c77a43522347c558976527e6e24c978b5d425598baThe SonicWall NSA 4500 suffers from cross site scripting and session id hijacking vulnerabilities.
527eef87d88a5de876a908763739592e531c1552a1ad2ad9b117345acb0fadebGoogle Chrome versions prior to 14.0.835.163 suffer from a PDF file handling memory corruption vulnerability. Full advisory and proof of concept pdf and code included.
b3db699edc360a409cb1d6e4bdda4381612b67400739cb96b43d3f489944da1avTiger CRM versions 5.2.1 and below suffer from multiple cross site scripting vulnerabilities.
ead86f4b240a6d7d5c3a083349fc96b0e91f95ed9e49e3764e83830a49b1049fGotoCode Online Bookstore suffers from remote privilege escalation and database disclosure vulnerabilities.
90a7a83b55c7c863452d6585c83c8eaed4fb83827ef5f85372924dbb9c3497bbCF Image Hosting Script version 1.3.82 suffers from a file disclosure vulnerability.
75620c79329b6a105a55c683e8b8f28a2857e601a4f8321ded9abfe7ca47812aEasy Hosting Control Panel suffers from an administrative authentication bypass vulnerability. Versions 0.29.10 through 0.29.13 are affected.
70f8f483c68391abc1a3e3a8348e75effc0054c71381b430a6300cfba9349ebdConcrete5 versions 5.4.2.1 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
90e66f6e357302c9ddab2dd4ea48153d24281424d93a3a2d7d696878ae74a3c8This Metasploit module exploits an sql injection flaw in CA Total Defense Suite R12. When supplying a specially crafted soap request to '/UNCWS/Management.asmx', an attacker can abuse the reGenerateReports stored procedure by injecting arbitrary sql statements into the ReportIDs element. NOTE: This Metasploit module was tested against the MS SQL Server 2005 Express that's bundled with CA Total Defense Suite R12. CA's Total Defense Suite real-time protection will quarantine the default framework executable payload. Choosing an alternate exe template will bypass the quarantine.
59f34d37d37b405a3dd87eeca325a737d7f8ec08d171027a83a944479ce1cfcdUbuntu Security Notice 1225-1 - Timo Warns discovered that the EFI GUID partition table was not correctly parsed. A physically local attacker that could insert mountable devices could exploit this to crash the system or possibly gain root privileges. Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. Various other issues were also addressed.
b1f7dfa9aac3262694f9d2d9d05907998c01f0a91e58587143172a3404102b77GenStat versions 14.1.0.5943 and below suffer from an array overflow with write2 and a heap overflow. Proof of concept code included.
0377384c7f84d834a0e39fbd2b9026bab2120403e763bcf646f4811e09951430Cytel Studio: StatXact / LogXact / CrossOver versions 9.0.0 and below suffer from multiple stack and integer overflows. Proof of concept code included.
f0aea5e4c39c536fab980b8b5bfd20fdeec3ce5e73e290377a07027665b46d62Secunia Security Advisory - A security issue has been discovered in ThinVNC Pro, which can be exploited by malicious people to bypass certain security restrictions.
d8a56f61a00ef9951a920b7f9ca504c2878449ab5a56d836b528a4378c53a870Secunia Security Advisory - Sitewatch has discovered a vulnerability in the Web Minimalist theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
da2a6237e08884a70b7e963e3461757a4f7b15d6cbb35ee6f12c61f384305becSecunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Sunway pNetPower, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
2531d6a3720e556f1f24c2e9ca0ae380ef1d51346bd28d23d1d938a10c36e0a1Secunia Security Advisory - Debian has issued an update for puppet. This fixes multiple security issues and a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious users to compromise a vulnerable system.
c601fe41c80b39594ffdf318fe2ac688cc1dc7f0e7e3ac260483cd8eb0cdd443Secunia Security Advisory - A vulnerability has been reported in KDE, which can be exploited by malicious people to conduct spoofing attacks.
a3c3c45d80127402afd993471464be814820fcf252c9a971ce798b155e4f24be
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed