what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files Date: 2011-11-29 to 2011-11-30

Secunia Security Advisory 47026
Posted Nov 29, 2011
Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for apt. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

SHA-256 | 8e5a8e74a96541896fa78a68ef3cc3fa651c747d2b5f76030f7e2433eaec784e
Secunia Security Advisory 47026
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for apt. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, ubuntu
SHA-256 | 8e5a8e74a96541896fa78a68ef3cc3fa651c747d2b5f76030f7e2433eaec784e
Secunia Security Advisory 47024
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for update-manager. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to disclose sensitive information and by malicious people to conduct spoofing attacks.

tags | advisory, local, spoof
systems | linux, ubuntu
SHA-256 | e4dc9af3fe5c72d4722b82acc23959106ef498e6a2331aeef4270a4d6a5842a3
Secunia Security Advisory 47046
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in multiple Schneider Electric products, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and compromise a user's system.

tags | advisory, vulnerability, xss
SHA-256 | 64e2a6465ab538fc85b4381988e12eb27c0b07dbcf50a249dae619e1dcdf841b
Secunia Security Advisory 47028
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | c83dfcfb92517d0b3d862240ad6c02a4045b679336853a30f4dfdd9b120309b6
Secunia Security Advisory 47047
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nick Freeman has discovered a vulnerability in Avid Media Composer, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 6720a9faa2b2f70e6d75b244f6c3f2199ed7ce4f802aaf5d9a2cef9c4882235e
Secunia Security Advisory 46991
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nick Freeman has discovered a vulnerability in Virtual Vertex Muster, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 9242be56b40c0941763e6df1d40439bf5ee980be5a2f0ee49340352fc1dd3d50
Secunia Security Advisory 47027
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, fedora
SHA-256 | ea528160a92f6bd1dd06afe54de92e80c8bb39c2cf8f1e3ec55585233e8d989b
Secunia Security Advisory 47048
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache MyFaces, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | d94cddc9c385be6f5847c331299f0d77b40dc2c16d527748405dbea81262b095
Secunia Security Advisory 46959
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Mojarra, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 7c92512b918988d40fe7bd03dc6c0961c0cb0fd0376432232195ae48b0035a42
Secunia Security Advisory 47029
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in MediaWiki, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | eab1460e815df3c81f3c05efeb5772a907419c9eebc789c0167750eafd35051d
Secunia Security Advisory 46998
Posted Nov 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Gitblit, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | bb6e8393528aca77b479e5e85462f19cb34197dabf544e3687a40628e391c559
Vega Web Security Scanner 1.0 Beta Windows 64 Bit
Posted Nov 29, 2011
Authored by Subgraph | Site subgraph.com

Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Windows 64-bit version.

tags | tool, web, scanner, javascript, vulnerability, xss, sql injection
systems | windows, unix
SHA-256 | f501b5542283ff5314d059149275673e0bd3f582e2dd9bf874a957a697e82340
Vega Web Security Scanner 1.0 Beta Windows 32 Bit
Posted Nov 29, 2011
Authored by Subgraph | Site subgraph.com

Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Windows 32-bit version.

tags | tool, web, scanner, javascript, vulnerability, xss, sql injection
systems | windows, unix
SHA-256 | aad4eea58cb70eb9f9a3c522f982077489d855b953bf6c30fe9e69c295845898
Vega Web Security Scanner 1.0 Beta Linux 64 Bit
Posted Nov 29, 2011
Authored by Subgraph | Site subgraph.com

Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Linux 64-bit version.

tags | tool, web, scanner, javascript, vulnerability, xss, sql injection
systems | linux, unix
SHA-256 | 79b0faa76f914a0c26cf4ca2caecfa49914eab314ac80353d7d28ca80cdc2589
Vega Web Security Scanner 1.0 Beta Linux 32 Bit
Posted Nov 29, 2011
Authored by Subgraph | Site subgraph.com

Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Linux 32-bit version.

tags | tool, web, scanner, javascript, vulnerability, xss, sql injection
systems | linux, unix
SHA-256 | 8ea6a4d731627a6b4e2c1666316af08385acd6507d9b252567b02a0faa05bc80
Vega Web Security Scanner 1.0 Beta Mac OS X 64 Bit
Posted Nov 29, 2011
Authored by Subgraph | Site subgraph.com

Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 64-bit version.

tags | tool, web, scanner, javascript, vulnerability, xss, sql injection
systems | unix, apple, osx
SHA-256 | f98c5c3496b4a9067e27396e9930598b9b91eca1b92f93f106307ab600f26eb7
Vega Web Security Scanner 1.0 Beta Mac OS X 32 Bit
Posted Nov 29, 2011
Authored by Subgraph | Site subgraph.com

Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 32-bit version.

tags | tool, web, scanner, javascript, vulnerability, xss, sql injection
systems | unix, apple, osx
SHA-256 | 68d8eea7c407151d911b13b7a8fcec1ba0338f7ace0e93b2f6ae207db03938e5
Zero Day Initiative Advisory 11-338
Posted Nov 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-338 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a header defined within a .ivr file. When parsing this header the application will explicitly trust a 16-bit value denoting an size and use it for performing an allocation. The code then uses a different value in the file to populate the buffer. Due to the difference in values used for allocation and the copy, this can be used to overwrite data outside the bounds of the buffer which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-4258
SHA-256 | 7129ccdc2761d3f713c8cf916640b6b2a51f9e44da365dadf0f24413f7d3bb79
Zero Day Initiative Advisory 11-337
Posted Nov 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-337 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses sample data encoded with the RV30 codec. When parsing this sample data, the application will make an allocation and then fail to completely initialize the buffer. During decoding of the sample data, the application will explicitly trust an index from the partially filled buffer and then use that to calculate an address to write to. This can lead to memory corruption which can be converted into code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-4256
SHA-256 | 43ea133c3751d512a5256dd601734f9ceeb84ca0b66f64408082a10e1f8a7aff
Mandriva Linux Security Advisory 2011-180
Posted Nov 29, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-180 - crypt_blowfish before 1.1, as used in suhosin does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash. The updated packages have been patched to correct this issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-2483
SHA-256 | 85ae71cce8d402b96351cb33db9d042151aea8e4589468011395fc30dc5cfb4d
Ubuntu Security Notice USN-1284-1
Posted Nov 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1284-1 - David Black discovered that Update Manager incorrectly extracted the downloaded upgrade tarball before verifying its GPG signature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to replace arbitrary files. David Black discovered that Update Manager created a temporary directory in an insecure fashion. A local attacker could possibly use this flaw to read the XAUTHORITY file of the user performing the upgrade. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2011-3152, CVE-2011-3154
SHA-256 | 3a1f12a70bce649dae30f56f951837892b1f9b26277b3050dbb126a532be042a
Zero Day Initiative Advisory 11-336
Posted Nov 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-336 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when a user attempts to play a malicious video file containing a malformed codec name. When playing a malformed codec, the application will incorrectly free an object and then later attempt to use it by calling a virtual method pointer upon destruction. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-4255
SHA-256 | 9d53034c4b494677e64872a2ededd13105e2853f31741bbb3f677d42af486353
Manx 1.0.1 Directory Traversal
Posted Nov 29, 2011
Authored by LiquidWorm | Site zeroscience.mk

Manx version 1.0.1 suffers from a directory traversal vulnerability in simplexml_load_file().

tags | exploit
SHA-256 | 254006fee143eb3cea57e5edc7813044af7f110d985f7ea806576e3cecc3af51
Android content:// Information Disclosure
Posted Nov 29, 2011
Authored by Thomas Cannon

Android versions prior to 2.3.4 suffer from content:// URI information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2010-4804
SHA-256 | 769fbfa7240acf78061e63b225331a70dbbc49ee345aa48a0a1d21f4ff9da787
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close