what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 38 RSS Feed

Files Date: 2012-09-19 to 2012-09-20

Drupal Spambot 6.x / 7.x Cross Site Scripting
Posted Sep 19, 2012
Authored by Jimmy Axenhus | Site drupal.org

Drupal Spambot third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | f84f532463d0b8643fbc98fe57fc3395510fbc44b83cd93c48570005303b3a3b
Drupal Fonecta Verify 7.x Cross Site Scripting
Posted Sep 19, 2012
Authored by Antti Alamaki | Site drupal.org

Drupal Fonecta Verify third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 890ee983973b3f69264a683fa3b95828d971fce328f9f04ef22cff054a013487
Drupal PRH Search 7.x Cross Site Scripting
Posted Sep 19, 2012
Authored by Klaus Purer | Site drupal.org

Drupal PRH Search third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | d67d25edf22e48dbf40d639e717df894c1ed5203740d1f40e8b65f85bb30d788
Secunia Security Advisory 50687
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for asterisk. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 3c42192388d2d4ededa8c23044ccb36a92f905a5ea67f64e112aad1e42550185
Secunia Security Advisory 50657
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Janek Vind has discovered a weakness and two vulnerabilities in TorrentTrader, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to enumerate user names and bypass certain security restrictions.

tags | advisory, vulnerability
SHA-256 | 9bfa31484d84cba15234a6cb9b12e9629f9f9cdc0c75727c694811b1968de20b
Secunia Security Advisory 50639
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for gnupg and gnupg2. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, ubuntu
SHA-256 | 8140329f487b7696f0f5569283613bb46aa85c5412453cc9b52a68978f1a5f2c
Secunia Security Advisory 50615
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for otrs. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
systems | linux, suse
SHA-256 | 8d8bfb689b44a7ed10c4803e0ce09a9cca99f0864eb533ae9a7a01ea6fc564b7
Secunia Security Advisory 50658
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libxml2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 3a78ef38e0a74168b278e5c98c0b0c9f481cfb65558dbdabd054edb1c946d2cd
Secunia Security Advisory 50677
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | e1edaf714ba67afb3621c27d88cf8dcf28836db8d9df11be32a3c635c77f294a
Secunia Security Advisory 50629
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.7.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | 0b76220f9e042e2712bb3ee40065e43084a79f6a8fdf762c6b18c3d5539340ce
Poweradmin Cross Site Scripting
Posted Sep 19, 2012
Authored by BHG Security Center, Siavash

Poweradmin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 2529bb25ffa9a2a714a565fd39969f436f9d2495ffbc917168c7c28ad31c68b1
SMF 2.0.2 Local File Inclusion
Posted Sep 19, 2012
Authored by Am!r | Site irist.ir

SMF version 2.0.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | e46bc61338dc15e6122699dcdfbedf7e6c537bef58c05f33335fd7a8b4b54f4c
FreeSWITCH 1.2.0-rc2 Denial Of Service
Posted Sep 19, 2012
Authored by Zsolt Imre

FreeSWITCH version 1.2.0-rc2 suffers from a denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 5aa756caf40ef687260ff76387d86ad6f41ff530da51e45d006f9deaed2ab709
Cyber WebCreations SQL Injection
Posted Sep 19, 2012
Authored by Net.W0lf, Hack Center Security Team

Cyber WebCreations suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 7a7c07e55755ac4461651abc24f81600c6fda74225f1cba7c891dbf9d0b9b540
Clam AntiVirus Toolkit 0.97.6
Posted Sep 19, 2012
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: A bug were CL_EFORMAT: Bad format or broken data ERROR was reported as the scan result was fixed.
tags | virus
systems | unix
SHA-256 | a15a2bb9200ac9f2c6f1c5e1072ac265a2c4fe5a9be4663b47d076afdfa123f8
Technical Cyber Security Alert 2012-262A
Posted Sep 19, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-262A - An unpatched use-after-free vulnerability in Microsoft Internet Explorer versions 7, 8, and 9 is being exploited in the wild. Microsoft has released Security Advisory 2757760 with mitigation techniques.

tags | advisory
SHA-256 | aaddacb76fec3394a2d249d1d05dbfa6e9db436632983d807730431ef804fe14
TOR Virtual Network Tunneling Tool 0.2.2.39
Posted Sep 19, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes two opportunities for remotely-triggerable assertions.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 0d0c778d4697d5c5bd4f732ca179c22e8e359c634617ca9b6665e33d1863622a
Ubuntu Security Notice USN-1571-1
Posted Sep 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1571-1 - Glen Eustace discovered that the DHCP server incorrectly handled IPv6 expiration times. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service. This issue only affected Ubuntu 11.04, Ubuntu 11.10 and Ubuntu 12.04 LTS. Dan Rosenberg discovered that the DHCP AppArmor profile could be escaped by using environment variables. This update mitigates the issue by sanitizing certain variables in the DHCP shell scripts. Various other issues were also addressed.

tags | advisory, remote, denial of service, shell
systems | linux, ubuntu
advisories | CVE-2012-3955, CVE-2012-3955
SHA-256 | c4c7c28d14b2657f49ee99fc2da433cca3b1afc7e4b47a3a94a66f4de5caf944
Ubuntu Security Notice USN-1573-1
Posted Sep 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1573-1 - Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-3412, CVE-2012-3430, CVE-2012-3511, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511
SHA-256 | d804cb2cccde9e37f50b7012bbe098ccdb5cd794bdcce6827b4e73cd551562c2
Ubuntu Security Notice USN-1572-1
Posted Sep 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1572-1 - Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-3412, CVE-2012-3430, CVE-2012-3511, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511
SHA-256 | 8e54b0b63658ff46884504f29b08f97a2c0b44d85dce290671deefab14430f46
Red Hat Security Advisory 2012-1289-01
Posted Sep 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1289-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-0547, CVE-2012-0551, CVE-2012-1682, CVE-2012-1713, CVE-2012-1716, CVE-2012-1717, CVE-2012-1719, CVE-2012-1721, CVE-2012-1722, CVE-2012-1725, CVE-2012-1726, CVE-2012-3136, CVE-2012-4681
SHA-256 | 657644f7487d43a6a320e6729072c650693e5a423f6a77714f52c2375cbe2a88
Red Hat Security Advisory 2012-1288-01
Posted Sep 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1288-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language expressions. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-3102, CVE-2012-2807
SHA-256 | e52f1b1cd88cdf7b50791d1283d7b0ac4e42fae0d3311c3b115ce75ab90bd4de
Debian Security Advisory 2550-1
Posted Sep 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2550-1 - Several vulnerabilities were discovered in Asterisk, a PBX and telephony toolkit, allowing privilege escalation in the Asterisk Manager, denial of service or privilege escalation.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2012-2186, CVE-2012-3812, CVE-2012-3863, CVE-2012-4737
SHA-256 | 0698ea1591368544fbc9b217c600f16c59b3a68703988ddf1eb9742697d1d389
Secunia Security Advisory 50689
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has has issued an update for kvm. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges and by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
SHA-256 | 66932258a6c2b76a3d44dfdd058af4a62109debd7e505d9b6b7aa8d8b6004c0f
Secunia Security Advisory 50667
Posted Sep 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for chromium. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.

tags | advisory, vulnerability, xss
systems | linux, suse
SHA-256 | c7fa610ef355b1b42ceb634b20ecbba9baf9ac89bc6989a059e60d90e31a4130
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close