exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

SUSE Security Announcement - Code Execution
Posted Apr 22, 2009
Site suse.com

SUSE Security Announcement - Multiple vulnerabilities were resolved in the CUPS system. These range from various integer and buffer overflows.

tags | advisory, overflow, vulnerability
systems | linux, suse
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0163, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
SHA-256 | 93909dc15080e00a19c372dbcf5e50d9d1de6d8a3def0b16ef4afb39f2ddbc3d

Related Files

SUSE Security Announcement - OpenSSL Update
Posted Jan 6, 2012
Site suse.com

SUSE Security Announcement - This is the SUSE-SU-403 Forbidden-1 security update for OpenSSL. This update improves the ClientHello handshake message parsing function. Prior to this update is was possible that this function reads beyond the end of a message leading to invalid memory access and a crash. Under some circumstances it was possible that information from the OCSP extensions was disclosed.

tags | advisory
systems | linux, suse
advisories | CVE-2009-5029, CVE-2011-0014
SHA-256 | 50c52c2e0fdd8eb6b1d4dd0b903981e171646d9fea43adee0e5936425186a5bb
SUSE Security Announcement - Flash Player
Posted Aug 12, 2011
Site suse.com

SUSE Security Announcement - Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows. Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2425
SHA-256 | 96be7d61fecca7a4af4551e34c28501ee3bc56ab21527b5e6688028fe656a43a
SUSE Security Announcement 2011.025
Posted May 18, 2011
Site suse.com

SUSE Security Announcement - Flash Player has been updated to version 10.3, fixing bugs and security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2011-0589, CVE-2011-0618, CVE-2011-0619, CVE-2011-0620, CVE-2011-0621, CVE-2011-0622, CVE-2011-0623, CVE-2011-0624, CVE-2011-0625, CVE-2011-0626, CVE-2011-0627
SHA-256 | ed2e3b1bb5da3eb2bf74418147db15007c60a70eccc4191ef22948bc675f3b00
SUSE Security Announcement 2010.034
Posted Aug 13, 2010
Site suse.com

SUSE Security Announcement - Flash Player was updated to version 10.1.82.76 fixing several critical security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2010-0209, CVE-2010-2188, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216
SHA-256 | 4215852f7aadcf5349f4c7580bafcadb08e54ededfb7e59ee009754ac6aedcda
SUSE Security Announcement SUSE-SA:2009:057
Posted Nov 18, 2009
Site suse.com

SUSE Security Announcement - The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate already sent data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. It is believed that this vulnerability is actively exploited in the wild to get access to HTTPS protected web-sites. Please note that renegotiation will be disabled for any application using openssl by this update and may cause problems in some cases. Additionally this attack is not limited to HTTP.

tags | advisory, web, protocol
systems | linux, suse
advisories | CVE-2009-3555
SHA-256 | 64dd6d04fc2d6d8902730cdd4ebe8561bc511ab3d3891aabc2ba909b1c8b1636
SUSE Security Announcement - Subversion
Posted Aug 15, 2009
Site suse.com

SUSE Security Announcement - The ibsvn_delta library in Subversion is vulnerable to integer overflows while processing svndiff streams, this leads to overflows on the heap because of insufficient memory allocation.

tags | advisory, overflow
systems | linux, suse
advisories | CVE-2009-2411
SHA-256 | 6a78b4f37e3feb3c74472559d5038b900e35177e18a1264f90125966092d0ceb
SUSE Security Announcement - Flash Player
Posted Aug 6, 2009
Site suse.com

SUSE Security Announcement - A specially crafted Shockwave-Flash (SWF) file could cause a buffer overflow in the flash-player plugin. This buffer overflow can probably be exploited to execute arbitrary code remotely.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2009-0901, CVE-2009-1862, CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1867, CVE-2009-1868, CVE-2009-1869, CVE-2009-1870, CVE-2009-2395, CVE-2009-2493
SHA-256 | 9c145062d4387103164347ba1fdb5070b4fa232183ed065f9d873ded408caf20
SUSE Security Announcement - glib2
Posted Apr 28, 2009
Site suse.com

SUSE Security Announcement - The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2008-4316
SHA-256 | 427e328c4b032da7dde92fb10cd1cc8487f3a3aa216decfff08d5507caa4d5a0
SUSE Security Announcement - glib2
Posted Apr 28, 2009
Site suse.com

SUSE Security Announcement - The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2008-4316
SHA-256 | 0819fc08a7b0112e84164a490ba13e08dbf8fb21bfae4fd677f800d9b9269d4f
SUSE Security Announcement 2009-019
Posted Apr 8, 2009
Site suse.com

SUSE Security Announcement - The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to to possible, but very unlikely, remote code execution.

tags | advisory, remote, code execution
systems | linux, suse
advisories | CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847
SHA-256 | 0e007593b67fdfd063439448160fe17d35f352dbb71aa7596e28fe45c721762b
SUSE Security Announcement SUSE-SA:2009:005
Posted Jan 23, 2009
Site suse.com

SUSE Security Announcement - Some months ago a vulnerability in the DNS protocol was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifies the certification chain of a DNSSEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA.

tags | advisory, spoof, protocol
systems | linux, suse
advisories | CVE-2009-0025
SHA-256 | d74f87bbc2b59d50b480b14aef11ea8b5953c91c5ba250a23200d96840fc5172
SUSE-SA-2008-041.txt
Posted Aug 15, 2008
Site suse.com

SUSE Security Announcement - The SuSE Security-Team has found two critical issues in the code for openwsman. Two remote buffer overflows while decoding the HTTP basic authentication header exist and a possible SSL session replay attack affecting the client exists.

tags | advisory, remote, web, overflow
systems | linux, suse
advisories | CVE-2008-2234, CVE-2008-2233
SHA-256 | 1b8fcd5682a7cf47d644d8c7af1a82a9ef7996b63316f6aaacb337171c13ac8b
SUSE-SA-2008-040.txt
Posted Aug 14, 2008
Site suse.com

SUSE Security Announcement - During a source code audit the SuSE Security-Team discovered a local privilege escalation bug as well as a mailbox ownership problem in postfix. The first bug allowed local users to execute arbitrary commands as root while the second one allowed local users to read other users mail.

tags | advisory, arbitrary, local, root
systems | linux, suse
advisories | CVE-2008-2936, CVE-2008-2937
SHA-256 | 81e5ad466814dd913906492cbc731965a6608acb67d8a6d24ce151ff5ae98b83
SUSE-SA-2008-039.txt
Posted Aug 1, 2008
Site suse.com

SUSE Security Announcement - The net-snmp daemon implements the "simple network management protocol". The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 packet with a one byte HMAC and guess the correct first byte of the local HMAC with 256 packets (max).

tags | advisory, local, protocol
systems | linux, suse
advisories | CVE-2008-0960, CVE-2008-2292
SHA-256 | 51fa484aec92b65802091658bdf77bf9d1215aabe8811a2e23ba90cb8d51ba16
SUSE-SA-2008-033.txt
Posted Jul 11, 2008
Site suse.com

SUSE Security Announcement - SUSE has released updates that address the recent cache poisoning vulnerability regarding bind.

tags | advisory
systems | linux, suse
advisories | CVE-2008-1447
SHA-256 | b33fa487b8062d9701e35cde6c9f6d3dacf7e307272a8699fd62e02761bc31f1
SUSE-SA-2008-023.txt
Posted Apr 21, 2008
Site suse.com

SUSE Security Announcement - A large amount of vulnerabilities related to OpenOffice have been patched on SuSE.

tags | advisory, vulnerability
systems | linux, suse
advisories | CVE-2008-0320, CVE-2007-5747, CVE-2007-5746, CVE-2007-5745, CVE-2007-4771, CVE-2007-4770
SHA-256 | 844f9feac6e7fecf046f967e47d04ca672e92a3da3619753c28a416cc530a21c
SUSE-SA-2008-016.txt
Posted Mar 19, 2008
Site suse.com

SUSE Security Announcement - The krb5 package has had multiple vulnerabilities patched including a dangling pointer issue, information leak, and out-of-bound array access flaws.

tags | advisory, vulnerability
systems | linux, suse
advisories | CVE-2008-0062, CVE-2008-0063, CVE-2008-0947, CVE-2008-0948
SHA-256 | 641290856b73f8cae8089c8e9a9bcb87e4f0611a4e29b4a75606297f548bcb1a
SUSE-SA-2008-014.txt
Posted Mar 14, 2008
Site suse.com

SUSE Security Announcement - The Evolution personal information manager is vulnerable to format string bugs in the emf_multipart_encrypted() function that is used to process encrypted messages. This bug can be abused by a remote attacker to execute arbitrary code by sending a crafted encrypted e-mail.

tags | advisory, remote, arbitrary
systems | linux, suse
advisories | CVE-2008-0072
SHA-256 | f0ad4928578b14285535ecc1964dcc56bd9f04a59e5cf840b0a9bb45dca19394
SUSE-SA-2008-012.txt
Posted Mar 12, 2008
Site suse.com

SUSE Security Announcement - The current security update of cups fixes a double-free bug in the function process_browse_data() that can lead to a remote denial-of-service by crashing cupsd or possibly to a remote code execution. The bug can only be exploited if cupsd listens to 631/udp by crafted UDP Browse packets. Additionally two remote denial-of-service bugs were fixed. The first one can be triggered via crafted IPP packets to use a pointer after it was freed and the second issue is a memory-leak caused by a large number of requests to add and remove shared printers.

tags | advisory, remote, udp, code execution
systems | linux, suse
advisories | CVE-2008-0596, CVE-2008-0597, CVE-2008-0882
SHA-256 | 1d33e9dc71eee1a911d8e2a1a177892a773eb3fb7cf993243327770428c9fe79
SUSE-SA-2008-003.txt
Posted Jan 18, 2008
Site suse.com

SUSE Security Announcement - The X windows system is vulnerable to several kinds of vulnerabilities that are caused due to insufficient input validation.

tags | advisory, vulnerability
systems | linux, windows, suse
advisories | CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006
SHA-256 | db2211cc4f2a6baa5e2ef0ab490f4d619771e3e98a80aaa7ce517e872678b0f7
SUSE-SA-2007-068.txt
Posted Dec 12, 2007
Site suse.com

SUSE Security Announcement - The Samba suite is an open-source implementation of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets.

tags | advisory, remote, overflow, protocol
systems | linux, suse
advisories | CVE-2007-6015
SHA-256 | d44ee78d410a101198a5f8deb694eeb8e59ccfddd09e6aef980ed4fadcc4896b
SUSE-SA-2007-065.txt
Posted Dec 7, 2007
Site suse.com

SUSE Security Announcement - Secunia Research has reported a bug in function reply_netbios_packet() that allowed remote attackers to execute arbitrary code by sending specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request packet. The exploitable code in samba can only be reached if the option "wins support" was enabled. Another bug reported by Secunia Research affected the processing of GETDC mailslot request in nmbd. This error can also be exploited remotely to execute arbitrary code, but only if samba was configured as Primary or Backup Domain Controller.

tags | advisory, remote, arbitrary
systems | linux, suse
advisories | CVE-2007-4572, CVE-2007-5398
SHA-256 | ad906016b500d1e5bc098bc8ed4d3e432bd693ee9ad7dbe618e3d53a2f4b70e2
SUSE-SA-2007-060.txt
Posted Nov 15, 2007
Site suse.com

SUSE Security Announcement - Secunia Research reported three security bugs in xpdf. The first problem occurs while indexing an array in DCTStream:: readProgressiveDataUnit(). Another method in the same class named reset() is vulnerable to an integer overflow which leads to an overflow on the heap. The last bug also causes an overflow on the heap but this time in method lookChar() of class CCITTFaxStream.

tags | advisory, overflow
systems | linux, suse
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
SHA-256 | 5f88e680d2da9bf0a5cf06f3bcdfb825ad1ada6a02114a0c38c121fd3358df12
SUSE-SA-2007-050.txt
Posted Aug 31, 2007
Site suse.com

SUSE Security Announcement - The Opera web-browser allows an attacker to execute arbitrary code by providing an invalid pointer to a virtual function in JavaScript. This bug can be exploited automatically when a user visits a web-site that contains the attacker's JavaScript code.

tags | advisory, web, arbitrary, javascript
systems | linux, suse
advisories | CVE-2007-4367
SHA-256 | 6d7da325dc91c81b2493fec61eab287fa40d5a1fccbc184831ba43fa853d678f
SUSE-SA-2007-013.txt
Posted Jan 27, 2007
Site suse.com

SUSE Security Announcement - This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. Since SUSE Linux version 10.1 format string bugs are not exploitable anymore.

tags | advisory, arbitrary
systems | linux, suse
advisories | CVE-2007-0017
SHA-256 | 6b2bdc550586e6a5f63c1230ceb748d9bd167167f804ebd60469a4d9b58e1adc
Page 1 of 4
Back1234Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close