exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

mod_ntlm.txt
Posted Apr 21, 2003
Authored by Matthew Murphy

mod_ntlm is the Apache module for versions 1.3 and 2.0 which gives Apache the ability to authenticate users via the NTLM authentication technology that is largely specific to Microsoft IIS. The log() function contains two remotely exploitable vulnerabilities. Both a heap overflow and an incorrect call to ap_log_rerror() allow for arbitrary code execution.

tags | exploit, overflow, arbitrary, vulnerability, code execution
SHA-256 | 802cd05c619e98126a7d5192a17c55f423eeb343fb55248fd94b28417e566c3d

Related Files

Secunia Security Advisory 50270
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 4b0428dc306c48a1dce3d0d242c022d32ecb1999aeef39be84f18c9203785e16
Secunia Security Advisory 50271
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libreoffice. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 9e1a0dd01efd47003de801f3478e4ada7ea28703bbf95422503c9a3529cb8cf0
Secunia Security Advisory 50263
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for Config-IniFiles. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, gentoo
SHA-256 | 77061bf3093a15974b490bb18c3b07e688c6d614bfd765e1c43e7c7e315949e0
Secunia Security Advisory 50269
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for puppet. This fixes multiple security issues and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges and by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, gentoo
SHA-256 | 48af87b838969640105919aea0b6d92d2e5eddc671c83aedfd01752566e345f2
Secunia Security Advisory 50257
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for python-django. This fixes two security issues and a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, xss, python
systems | linux, debian
SHA-256 | fb3927d6bec81d24005c29a06dbc212f764f4d161f9c53d4a1dd8b08da17db26
Secunia Security Advisory 50265
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for libgdata. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, gentoo
SHA-256 | d1ed51cac68ce4bfcd0670ca4f7d33fa31a5c9a1fe3f493c7b922d0ec4c88b70
Secunia Security Advisory 50268
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for socat. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
SHA-256 | abe1ddb41fee41410a12536c8c6588982c55f250ba71a7cc24991a93590aec31
Secunia Security Advisory 50267
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for gajim. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to conduct SQL injection attacks and compromise a user's system.

tags | advisory, local, vulnerability, sql injection
systems | linux, gentoo
SHA-256 | d951308295626921cc2e2a8d184c87ec324a606aed36fd61f54453cfe9f84598
Secunia Security Advisory 50295
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to disclose system information.

tags | advisory, kernel, local
systems | linux, redhat
SHA-256 | ec1fa84642b28261b751df1866f0e7c1ed612fdc551a003c186ba18e8601c764
Secunia Security Advisory 50259
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for chromium. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | 55051d216d1c52fb4c8a6b1e4d9022f53db0c35701d6f79d448d1df63f136909
HP Security Bulletin HPSBUX02805 SSRT100919
Posted Aug 15, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02805 SSRT100919 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2012-0508, CVE-2012-0551, CVE-2012-1711, CVE-2012-1713, CVE-2012-1716, CVE-2012-1718, CVE-2012-1719, CVE-2012-1720, CVE-2012-1721, CVE-2012-1722, CVE-2012-1723, CVE-2012-1724, CVE-2012-1725, CVE-2012-1726
SHA-256 | 849562f0237617b7508b5218fea45645aedcf54cee94899fb36a71e7fbb6f633
Microsoft Security Bulletin Re-Release For August, 2012
Posted Aug 15, 2012
Site microsoft.com

This bulletin summary lists a re-released Microsoft security bulletin for August, 2012.

tags | advisory
SHA-256 | 1de350bb2520b75dfa3ec3bc239ded133ecd09b6c1f6410fc4e873262d1a6427
Microsoft Security Bulletin Summary For August 2012
Posted Aug 15, 2012
Site microsoft.com

This bulletin summary lists 9 released Microsoft security bulletins for August, 2012.

tags | advisory
SHA-256 | 1cd148fc9498f008662f4f946c98e9a7eed901cb0eb7aa4b7f0871457c406b3d
Gentoo Linux Security Advisory 201208-06
Posted Aug 15, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201208-6 - A vulnerability in libgdata could allow remote attackers to perform man-in-the-middle attacks. Versions less than 0.8.1-r2 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2012-1177
SHA-256 | 6c9550b2609f2f265e43e99e0791a7773adfb69954890e5f2e3a22021e0ab085
HP Security Bulletin HPSBMU02802 SSRT100923
Posted Aug 15, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02802 SSRT100923 - A potential security vulnerability has been identified with HP Fortify Software Security Center. The vulnerability could be remotely exploited to allow disclosure of privileged information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2012-3249
SHA-256 | b89198f8d8035895450565a76fb38a1af3fd87d8fcc89ef43485ca94649527fe
HP Security Bulletin HPSBMU02801 SSRT100879
Posted Aug 15, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02801 SSRT100879 - A potential security vulnerability has been identified with HP Fortify Software Security Center. The vulnerability could be remotely exploited to allow unauthenticated disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2012-3248
SHA-256 | 5898d749444d507cbdd005d51e64feb010b4f1f5cc9cf4790bc7b7467217d7ff
Red Hat Security Advisory 2012-1169-01
Posted Aug 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1169-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-3416
SHA-256 | 7d5b013b987ff091dd7a23fc5f576eb318a9b088700f78e918b6ba97b41e66c5
Red Hat Security Advisory 2012-1156-01
Posted Aug 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1156-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the i915_gem_execbuffer2() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. A missing initialization flaw was found in the sco_sock_getsockopt_old() function in the Linux kernel's Bluetooth implementation. A local, unprivileged user could use this flaw to cause an information leak.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-1078, CVE-2012-2383
SHA-256 | fbd1918309805b53a8e1ad016730e6bf9f865aba9924026c70184a097b192aec
Red Hat Security Advisory 2012-1168-01
Posted Aug 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1168-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-3416
SHA-256 | d2ced5174e3b3e5aa23d5bb70fe45a1a71a1a33cadc9611bc0fa7bc2e78e8c66
Secunia Security Advisory 50229
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MySQL. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information and manipulate certain data, by malicious users to gain knowledge of sensitive information, manipulate certain data, bypass certain security restrictions, and cause a DoS, and by malicious people to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | linux, suse
SHA-256 | 126be620f00bdbdbd91e3fad76a7f23ecc19469e794004a02fb50f4e9f2e5d91
Jackin' TOR Users Via Evil Proxies And The BeEF Framework
Posted Aug 14, 2012
Authored by evell | Site recursive-descent.net

This paper documents step by step instructions for intercepting TOR users via proxies and using the BeEF framework. It takes injection and proxying attacks on TOR to another level and is a very useful read.

tags | paper
SHA-256 | a9c7eed3c9863cb9f1cfe0b7e5af13778a4e6b7dd3d0709eed7757cb79cb0761
Secunia Security Advisory 50206
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Fortify Software Security Center, which can be exploited by malicious users and malicious people to disclose potentially sensitive information.

tags | advisory, vulnerability
SHA-256 | dcee000b95e31ec23cf2b6b5733eca431a992612a74e67ebec0c0aa7c74e9161
Secunia Security Advisory 50248
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Brendan Coles has discovered two security issues and a vulnerability in TestLink, which can be exploited by malicious people to conduct cross-site forgery attacks and disclose certain sensitive and system information.

tags | advisory
SHA-256 | b75356024a543a0d9fde7722cd0bfef56d5c9bb5cdff27c1f45155eefb22e5ad
Haveged 1.5
Posted Aug 14, 2012
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: A run time test option has been added to haveged that enables the execution of one or both of the principle AIS-31 test suites at haveged initialization and/or continuously during subsequent output. Several other changes have also been made to make haveged work better with both the systemd and sysv init systems.
tags | tool
systems | linux, unix
SHA-256 | 6950672e88376f5de7976d0ac9e479c6a3ecdb8d2d214887347eb24f367d5d8e
Sydbox Sandbox 0.7.6
Posted Aug 14, 2012
Authored by Ali Polatel | Site projects.0x90.dk

Sydbox is a ptrace-based sandbox implementation. It intercepts system calls, checks for allowed filesystem prefixes, and denies them when checks fail. It has basic support for disallowing network connections. It has basic support to sandbox execve calls. It is based in part on catbox and strace.

Changes: This is a maintenance release addressing a few issues. Note that no few features are going to be added to sydbox-0.
tags | tool
systems | unix
SHA-256 | 3c758c94c86c4ac72895c9fdaefa767f6b9256d8e658c5b70a850133a119c72b
Page 3 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close