what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Linux 2.6 Kernel /proc Rootkit Backdoor
Posted Nov 22, 2012
Authored by Analiz

Unix/Darbe-A is a new kernel rootkit backdoor based in the /proc file system.

tags | tool, kernel, rootkit
systems | unix
SHA-256 | e25b0997b5091f37ef98994f27fe8bbbd761dbb249f79ecc16ff5c73bf2ba57e

Related Files

Red Hat Security Advisory 2012-1114-01
Posted Jul 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1114-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2012-2744
SHA-256 | 737ca44d3c22f02002125758603606b3bf1912e7077558158feefff2fb692236
Mandriva Linux Security Advisory 2012-111
Posted Jul 25, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-111 - It was found that previously libgdata, a GLib-based library for accessing online service APIs using the GData protocol, did not perform SSL certificates validation even for secured connections. An application, linked against the libgdata library and holding the trust about the other side of the connection being the valid owner of the certificate, could be tricked into accepting of a spoofed SSL certificate by mistake. The updated packages have been patched to correct this issue.

tags | advisory, spoof, protocol
systems | linux, mandriva
advisories | CVE-2012-1177
SHA-256 | 0e6890a08ae22ca1f467f5d5fce0ae80f27743e936d792f852966aa408755bd7
Linux x86 chmod 666 /etc/passwd And /etc/shadow Shellcode
Posted Jul 25, 2012
Authored by Jean Pascal Pereira

57 bytes small Linux x86 chmod 666 /etc/passwd and /etc/shadow shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 590e152e8000ac65c31808f69843049356045877a386919811bea3db71213bd4
Linux x86 execve("/bin/sh") Shellcode
Posted Jul 25, 2012
Authored by Jean Pascal Pereira

28 bytes small Linux x86 execve("/bin/sh") shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | e76c6cfce6e63e2e04ebe2418e31f5cc54c5925f41db12525c88204ca0278b05
Mandriva Linux Security Advisory 2012-110
Posted Jul 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-110 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Mario Gomes and research firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the address bar by canceling the page load. This causes the address of the previously site entered to be displayed in the address bar instead of the currently loaded page. This could lead to potential phishing attacks on users. Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues: two use-after-free problems, one out of bounds read bug, and a bad cast. Various other issues were also addressed.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-1949, CVE-2012-1948, CVE-2012-1950, CVE-2012-1951, CVE-2012-1954, CVE-2012-1953, CVE-2012-1952, CVE-2012-1955, CVE-2012-1966, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1965, CVE-2012-1967
SHA-256 | 1ce982533aa61dcb970d364a88b5efa396148d382b7871b4cc8d8b1681a6aafb
Mandriva Linux Security Advisory 2012-109
Posted Jul 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-109 - The XSL implementation in libxslt allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-2825
SHA-256 | dc8ab75689783fd73ff8eed92cf10fede40cab98ea6318b17769701db4617cd5
Mandriva Linux Security Advisory 2012-108
Posted Jul 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-108 - Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow. The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. The updated packages have been upgraded to the 5.3.15 version which is not vulnerable to these issues. Additionally the php-timezonedb packages has been upgraded to the latest version as well.

tags | advisory, remote, overflow, php
systems | linux, mandriva
advisories | CVE-2012-2688, CVE-2012-3365
SHA-256 | 8c8bb030e17e5411417b68b186f12f4c547e4fe82b46c174807e0d6a29db2919
Ubuntu Security Notice USN-1515-1
Posted Jul 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1515-1 - An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2390
SHA-256 | 908d6a9a0c0821a79bc5cf79e57840b3dad2e4da19e3a8fd156866d4b8a0c82b
Debian Security Advisory 2508-1
Posted Jul 23, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2508-1 - Rafal Wojtczuk from Bromium discovered that FreeBSD wasn't handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users.

tags | advisory, kernel, local
systems | linux, freebsd, debian
advisories | CVE-2012-0217
SHA-256 | 7aebd5ce5840f094d51d7679c7d9ff0704d0af681bb872fa59cd27000b552673
Debian Security Advisory 2515-1
Posted Jul 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2515-1 - Marek Varusa and Lubos Slovak discovered that NSD, an authoritative domain name server, is not properly handling non-standard DNS packets. his can result in a NULL pointer dereference and crash the handling process. A remote attacker can abuse this flaw to perform denial of service attacks.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2012-2978
SHA-256 | 3ecea29cebf4040755be7ba8d1e9e672935487aed2514cec7fe75aaf04f83bbd
Debian Security Advisory 2513-1
Posted Jul 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2513-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-1948, CVE-2012-1954, CVE-2012-1967
SHA-256 | ecdacb7db4117e0389ca3b7ac3b6bbf964b7f0e66d078e72b75033ee15856f52
Linux Kernel Sendpage Local Privilege Escalation
Posted Jul 19, 2012
Authored by Brad Spengler, Ramon de C Valle, Tavis Ormandy, Julien Tinnes, egypt | Site metasploit.com

The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4

tags | exploit, arbitrary, kernel, protocol, ppc
systems | linux
advisories | CVE-2009-2692
SHA-256 | 9bd69f05ada8cee6b76af8cc4636ab3a3a49a49bfad809f7b97fefaea4e48bb0
Red Hat Security Advisory 2012-1098-01
Posted Jul 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1098-01 - The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-3404, CVE-2012-3405, CVE-2012-3406
SHA-256 | a4403bcb8e6ea39cef9f81f3176ba1bb2782088e2076dfc97ee09e39f03e3438
Red Hat Security Advisory 2012-1097-01
Posted Jul 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1097-01 - The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly. It was discovered that the formatted printing functionality in glibc did not properly restrict the use of alloca(). This could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-3406
SHA-256 | 1c4404ac353004ea4bc37b5126608f16e0e060649ba8f8ba172c59bb8a07d6a2
Debian Security Advisory 2514-1
Posted Jul 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2514-1 - Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2012-1948, CVE-2012-1950, CVE-2012-1954, CVE-2012-1966, CVE-2012-1967
SHA-256 | 08ed07a52f9fc632f7d8f0aac7a681d5acb3c3af3b1df7538cb4e59ae3d36fa4
Secunia Security Advisory 49928
Posted Jul 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | fa1f380b472c980b0c7daf1ca089d7877cfc6f662f528c46acce107a3402e797
HP Security Bulletin HPSBMU02797 SSRT100867
Posted Jul 17, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02797 SSRT100867 - Potential security vulnerabilities have been identified with HP Network Node Manager I (NNMi) running JDK for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, windows, solaris, hpux
advisories | CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4450, CVE-2010-4451, CVE-2010-4452, CVE-2010-4454, CVE-2010-4462, CVE-2010-4463, CVE-2010-4465, CVE-2010-4466, CVE-2010-4467, CVE-2010-4468, CVE-2010-4469, CVE-2010-4470, CVE-2010-4471, CVE-2010-4472, CVE-2010-4473, CVE-2010-4474, CVE-2010-4475, CVE-2010-4476, CVE-2011-0786, CVE-2011-0788, CVE-2011-0802, CVE-2011-0814, CVE-2011-0815, CVE-2011-0817, CVE-2011-0862
SHA-256 | 4338efff43deea01d68a1d0c996a4d7dbb4faa1342e817584e487f06b359d673
HP Security Bulletin HPSBMU02799 SSRT100867
Posted Jul 17, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02799 SSRT100867 - Potential security vulnerabilities have been identified with HP Network Node Manager I (NNMi) running JDK for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in unauthorized information disclosure, modification, Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, windows, solaris, hpux
advisories | CVE-2009-3555, CVE-2009-3865, CVE-2009-3866, CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0087, CVE-2010-0088, CVE-2010-0089, CVE-2010-0090, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0839, CVE-2010-0840
SHA-256 | af5aa7411f209bd1b8e376b060609e532e0a6cc8c62657e0f3d48fc012d4cba4
Simple Packet Sender 3.0
Posted Jul 17, 2012
Authored by Hohlraum | Site sourceforge.net

Simple Packet Sender (SPS) is a Linux packet crafting tool. It supports IPv4, IPv6 (but not extension headers yet), and tunneling IPv6 over IPv4. Written in C on Linux with GUI built using GTK+. Both source and binaries are included. Features include packet crafting and sending one, multiple, or flooding packets of type TCP, ICMP, or UDP. All values within ethernet frame can be modified arbitrarily. Supports TCP, ICMP and UDP data as well, with input from either keyboard as UTF-8/ASCII, keyboard as hexadecimal, or from file. Various other features exist as well.

Changes: Various additions and bug fixes.
tags | tool, udp, scanner, tcp
systems | linux, unix
SHA-256 | 3e2b136f015fae19c61b2b118d1d58402b2d75b2f9c0c22031532788387ffcbe
Ubuntu Security Notice USN-1508-1
Posted Jul 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1508-1 - An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2390
SHA-256 | f96ecd0c79ded94b46672835106ed3ee93cec325c6aea648c545e47aa4af9647
Ubuntu Security Notice USN-1507-1
Posted Jul 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1507-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. An error was found in the Linux kernel's IPv6 netfilter when connection tracking is enabled. A remote attacker could exploit this flaw to crash a system if it is using IPv6 with the nf_contrack_ipv6 kernel module loaded. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-1601, CVE-2012-2744, CVE-2012-1601, CVE-2012-2744
SHA-256 | 16f2b75936f467bc23ca10f8ddc7c026a0d723c0ceef279e65985417b73730bc
Red Hat Security Advisory 2012-1087-01
Posted Jul 17, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1087-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: It was found that the data_len parameter of the sock_alloc_send_pskb() function in the Linux kernel's networking implementation was not validated before use. A local user with access to a TUN/TAP virtual interface could use this flaw to crash the system or, potentially, escalate their privileges. Note that unprivileged users cannot access TUN/TAP devices until the root user grants them access.

tags | advisory, kernel, local, root
systems | linux, redhat
advisories | CVE-2012-2136
SHA-256 | 7e8f5f94bf72960a538fad4d42725e9aea5da69c5f9846af245aac6310ae2bd3
Secunia Security Advisory 49954
Posted Jul 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
SHA-256 | 79495c753d7bdcf664c5e050d3dc2cbf9e1409a44ee549125e2f008323b99402
HP Security Bulletin HPSBMU02796 SSRT100594 2
Posted Jul 14, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02796 SSRT100594 2 - Potential security vulnerabilities have been identified with HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code. Revision 2 of this advisory.

tags | advisory, arbitrary, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-2019, CVE-2012-2020
SHA-256 | a9bee402e1185e9fe4c2794599dc15e4c9d5726d46cae876132f5bdae108a2cc
Samhain File Integrity Checker 3.0.5
Posted Jul 11, 2012
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: This release fixes some issues with the Windows registry check.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 9e3d29cc126a1609f93c89cc4b178fb01f091d989e2b8cec117b79eadf7b611c
Page 4 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close