exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

fp-2.4.22.patch.gz
Posted Oct 30, 2003
Authored by Folkert van Heusden | Site vanheusden.com

The Linux-kernel security patch for kernel v2.4.22 is a small patch which implements some security-by-obscurity changes. Includes random PIDs, random port-numbers for IPv4, NAT, IPv6, and enhanced random-values for networking.

tags | kernel, patch
systems | linux, unix
SHA-256 | 3274705b80f10bfa2cfe4288f7267283b54aec56f4ee9c82fbdec2aa28d2e959

Related Files

Mandriva Linux Security Advisory 2012-135
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-135 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290
SHA-256 | ed1f626a9ec66091da1ced33f9dcf94853900a07685bff02a384520cb736cdfc
Mandriva Linux Security Advisory 2012-134
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-134 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The GSM RLC MAC dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4297, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290
SHA-256 | e7a2ce0735205d049fc69106cd58cf7bc1f4cbae6e55ed2fc256e52ad05d4759
Oracle Outside-In FPX File Parsing Heap Overflow
Posted Jul 20, 2012
Authored by Francis Provencher

Oracle Outside-In FPX file parsing suffers from a heap overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 3ffbb6827d9d2382b9a76b9305e37a7d6d37e039b353eabc680e393957f21ada
XnView FlashPix Image Processing Heap Overflow
Posted Jun 16, 2012
Authored by Francis Provencher

A boundary error in the Xfpx.dll module when processing FlashPix images can be exploited to cause a heap-based buffer overflow via a specially crafted FPX file. Proof of concept included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | d3d27e656535c43a189940b4169f03b8e070dc18bbb730bd07e54480765d5f37
Mandriva Linux Security Advisory 2012-065
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-065 - The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. Insufficient validating of upload name leading to corrupted $_FILES indices. Various other issues have also been addressed.

tags | advisory, remote, web, denial of service, arbitrary, cgi, php, sql injection
systems | linux, mandriva
advisories | CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172
SHA-256 | a018be1990be06d135afc8ee885fd862474162711692134a45a97fbfa7ed502c
Atheme IRC Services CertFP Privilege Escalation
Posted Mar 23, 2012
Site atheme.org

Atheme IRC Services CertFP suffers from an improper clean-up vulnerability that can allow for a privilege escalation or a crash.

tags | advisory
SHA-256 | 23faea638d79bb69553a39dc18d40e63d5b4907a1425ae1651654f1aa6dceeea
Red Hat Security Advisory 2012-0343-01
Posted Feb 29, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0343-01 - The IBM 1.4.2 SR13-FP11 Java release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560
SHA-256 | 016430a2d87fdded37d3c1af086eef2cd6dd0762d89388c1ddf19287ce40fc47
Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution
Posted Feb 23, 2012
Authored by Peter Vreugdenhil | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java handles True Type Font files. When reading a font file, Java will use the MaxInstructionSize from the maxp table to create a heap memory location to store all the Instruction Definition found in the Font Program 'fpgm' table. However, when Java encounters an IDEF opcode (0x89) in the opcode stream it never checks the size of the MaxInstructionSize which can result in a heap buffer overflow. This can lead to remote code execution under the context of the current process.

tags | advisory, java, remote, overflow, arbitrary, code execution
SHA-256 | 7d7c2f550994a2e5cd5e28b925d468c48c1d40628d005eac85f1b8d0d1c73513
Tremulous Inherited Issues
Posted Feb 23, 2012
Authored by Simon McVittie

Tremulous, a team based FPS game with RTS elements, suffers from a large amount of old Quake related vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2006-2082, CVE-2006-2236, CVE-2006-2875, CVE-2006-3324, CVE-2006-3325, CVE-2011-2674, CVE-2011-3012
SHA-256 | 957204bc8a1064b5afc2c54e973081970d37c715e0429db6d279810022212fd1
Kraken Payload Generator Beta 1.0
Posted Jan 27, 2012
Authored by Bl4ck.Viper

Kraken Payload Generator is a bash script that makes use of msfpayload to generate various shellcode.

tags | shellcode, bash
SHA-256 | f092e65a54e783cfe249c5d3913c06b1a45f1598dd4523542d60d46d07461e05
Red Hat Security Advisory 2012-0006-01
Posted Jan 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0006-01 - This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM Java 1.4.2 SR13-FP11 release. All running instances of IBM Java must be restarted for this update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560
SHA-256 | 17f7562de05b87b1a1f2c53ed3389559fa6bbee33d0daa3c326cd1eb786381ca
IBM Lotus Notes/Domino 8.5.2 FP3 Denial Of Service
Posted Jan 1, 2012
Authored by XiaoPeng Zhang | Site fortinet.com

IBM Lotus Notes/Domino server suffers from a remote denial of service vulnerability that can be triggered by a malformed TCP packet. Versions 8.5.2 FP3 and earlier, 8.5.1, 8.5 and 8.0.x are affected.

tags | advisory, remote, denial of service, tcp
advisories | CVE-2011-1393
SHA-256 | d16ac8bae9357e03ce32188da32c40d2f0354c626f5fe6e353dc33c6272859ae
IrfanView FlashPix Plugin Double-Free
Posted Dec 21, 2011
Authored by Francis Provencher

A vulnerability in the IrfanView FlashPix plugin exists due to the "Free_All_Memory()" function not properly setting certain decoder elements to NULL after freeing them, which can be exploited to cause a double-free condition via specially crafted FPX images. Proof of concept exploit included.

tags | exploit, proof of concept
systems | linux
SHA-256 | fd583f5874fee2012eada88e8599ffeaa35b493c3a60e8084c24257dfd12afb7
Secunia Security Advisory 47246
Posted Dec 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Francis Provencher has discovered a vulnerability in libfpx, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory
SHA-256 | 63ccb0805aa93a985098b625d4675756dedcc5c997835d170e024768603e8466
IBM Lotus Domino Authentication Bypass
Posted Nov 30, 2011
Authored by Alexey Sintsov

IBM Lotus Domino versions 8.5.3 and 8.5.2 FP3 suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2011-1519
SHA-256 | a2ec180c7015b665a8c09c5c87f819d86fe11a21748572b331a213d5403e5704
Secunia Security Advisory 46532
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in HP MFP Digital Sending Software, which can be exploited by malicious people with local access to disclose potentially sensitive information.

tags | advisory, local
SHA-256 | 8dc6345b84834082f03e3e7edd4955ae538ca93821fe899e8ba812fc3b448747
HP Security Bulletin HPSBPI02711 SSRT100647
Posted Oct 20, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02711 SSRT100647 - A potential security vulnerability has been identified with HP MFP Digital Sending Software running on Windows. The vulnerability could result in disclosure of personal information contained in workflow metadata to unintended recipients. Revision 1 of this advisory.

tags | advisory
systems | windows
advisories | CVE-2011-3163
SHA-256 | 25b09fb50cf641df93774cc845e055eabec6ea70cc83a3964de6ca4024915972
Red Hat Security Advisory 2011-1265-01
Posted Sep 7, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1265-01 - The IBM 1.4.2 SR13-FP10 Java release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. Note: The RHSA-2011:0870 java-1.4.2-ibm-sap update did not, unlike the erratum text stated, provide a complete fix for the CVE-2011-0311 issue.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-0311, CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871
SHA-256 | 8f327346a6a38d9ce57e851d3a4fb72e07d4dd11ac3e51c75fb6dadb6e7c0f1b
Red Hat Security Advisory 2011-1159-01
Posted Aug 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1159-01 - The IBM 1.4.2 SR13-FP10 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-0311, CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871
SHA-256 | ada08654d74a6a920ebd08a4e565e8395ea79de508c0208ab31a3705420171df
Red Hat Security Advisory 2011-1087-01
Posted Jul 23, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1087-01 - The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR12-FP5 Java release. All running instances of IBM Java must be restarted for this update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-0802, CVE-2011-0814, CVE-2011-0862, CVE-2011-0865, CVE-2011-0867, CVE-2011-0871, CVE-2011-0873
SHA-256 | 816396d5d9c91b6cfb43b3eac832468b91b343c35bacc05a6bfb907d3632d03e
Red Hat Security Advisory 2011-0870-01
Posted Jun 15, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0870-01 - The IBM 1.4.2 SR13-FP9 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. All users of java-1.4.2-ibm-sap for Red Hat Enterprise Linux 4, 5 and 6 for SAP are advised to upgrade to these updated packages, which contain the IBM 1.4.2 SR13-FP9 Java release. All running instances of IBM Java must be restarted for this update to take effect. Various other issues were also addressed.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2010-4447, CVE-2010-4448, CVE-2010-4454, CVE-2010-4462, CVE-2010-4465, CVE-2010-4466, CVE-2010-4473, CVE-2010-4475, CVE-2011-0311
SHA-256 | 07e4f69d6e06691ebd003af3262b7a285a4251861e3b89141e162f66beafd906
Secunia Security Advisory 44457
Posted May 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Proofpoint Enterprise Protection, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 242a89bb5cce799b386bdd4250e85f390ee638e1fc568de81b72ca56d62e8815
Proofpoint Protection Server 5.5.5 Cross Site Scripting
Posted May 4, 2011
Authored by Karan Khosla | Site senseofsecurity.com.au

Proofpoint Protection Server version 5.5.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 412f53f289503ca09e6bb76b8fe8c5f67ba8e41e4c5e459c8514b9e1b2603ba2
Secunia Security Advisory 43349
Posted Apr 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered two vulnerabilities in ISIS Papyrus AFP Viewer, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | f9d7d9b485732f28496b8f80152bcf01c0465b5da2ca7980961bd539895df300
Hack In The Box 2011 Malaysia Call For Papers
Posted Apr 4, 2011
Site cfp.hackinthebox.org

The Call for Papers (CFP) for Hack In The Box 2011 Malaysia is now open.

tags | paper, conference
SHA-256 | 8507981eede32ea14183dbf30f661baea2142a27814a6c413c95af4d37448f71
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close