exploit the possibilities
Showing 1 - 25 of 100 RSS Feed

Files

SUSE Security Announcement - glib2
Posted Apr 28, 2009
Site suse.com

SUSE Security Announcement - The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2008-4316
MD5 | 248945733405d5d8815339d11537d898

Related Files

SUSE Security Announcement - OpenSSL Update
Posted Jan 6, 2012
Site suse.com

SUSE Security Announcement - This is the SUSE-SU-403 Forbidden-1 security update for OpenSSL. This update improves the ClientHello handshake message parsing function. Prior to this update is was possible that this function reads beyond the end of a message leading to invalid memory access and a crash. Under some circumstances it was possible that information from the OCSP extensions was disclosed.

tags | advisory
systems | linux, suse
advisories | CVE-2009-5029, CVE-2011-0014
MD5 | c306ae7d55661b8c30e1f58996d11cf6
SUSE Security Announcement - Flash Player
Posted Aug 12, 2011
Site suse.com

SUSE Security Announcement - Flash-Player was updated to version 10.3.188.5 to fix various buffer and integer overflows. Earlier flash-player versions can be exploited to execute arbitrary code remotely with the privileges of the attacked user.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2011-2130, CVE-2011-2134, CVE-2011-2135, CVE-2011-2136, CVE-2011-2137, CVE-2011-2138, CVE-2011-2139, CVE-2011-2140, CVE-2011-2414, CVE-2011-2415, CVE-2011-2416, CVE-2011-2417, CVE-2011-2425
MD5 | 240e900aeb1941b6a1945803ea985308
SUSE Security Announcement 2011.025
Posted May 18, 2011
Site suse.com

SUSE Security Announcement - Flash Player has been updated to version 10.3, fixing bugs and security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2011-0589, CVE-2011-0618, CVE-2011-0619, CVE-2011-0620, CVE-2011-0621, CVE-2011-0622, CVE-2011-0623, CVE-2011-0624, CVE-2011-0625, CVE-2011-0626, CVE-2011-0627
MD5 | eedde5fb5e3c77b7bfbbf2474c75cb84
SUSE Security Announcement 2010.034
Posted Aug 13, 2010
Site suse.com

SUSE Security Announcement - Flash Player was updated to version 10.1.82.76 fixing several critical security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2010-0209, CVE-2010-2188, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216
MD5 | fe2f006a4ea2ce5c6c55f639ad4487fd
SUSE Security Announcement SUSE-SA:2009:057
Posted Nov 18, 2009
Site suse.com

SUSE Security Announcement - The TLS/SSLv3 protocol as implemented in openssl prior to this update was not able to associate already sent data to a renegotiated connection. This allowed man-in-the-middle attackers to inject HTTP requests in a HTTPS session without being noticed. For example Apache's mod_ssl was vulnerable to this kind of attack because it uses openssl. It is believed that this vulnerability is actively exploited in the wild to get access to HTTPS protected web-sites. Please note that renegotiation will be disabled for any application using openssl by this update and may cause problems in some cases. Additionally this attack is not limited to HTTP.

tags | advisory, web, protocol
systems | linux, suse
advisories | CVE-2009-3555
MD5 | 33c56aa10967629ea48ee5c7a540123b
SUSE Security Announcement - Subversion
Posted Aug 15, 2009
Site suse.com

SUSE Security Announcement - The ibsvn_delta library in Subversion is vulnerable to integer overflows while processing svndiff streams, this leads to overflows on the heap because of insufficient memory allocation.

tags | advisory, overflow
systems | linux, suse
advisories | CVE-2009-2411
MD5 | e663b83938276fa296901c7c1dd63e00
SUSE Security Announcement - Flash Player
Posted Aug 6, 2009
Site suse.com

SUSE Security Announcement - A specially crafted Shockwave-Flash (SWF) file could cause a buffer overflow in the flash-player plugin. This buffer overflow can probably be exploited to execute arbitrary code remotely.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2009-0901, CVE-2009-1862, CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1867, CVE-2009-1868, CVE-2009-1869, CVE-2009-1870, CVE-2009-2395, CVE-2009-2493
MD5 | 339c33baa94dd7f750e417213c10f93f
SUSE Security Announcement - glib2
Posted Apr 28, 2009
Site suse.com

SUSE Security Announcement - The code library glib2 provides base64 encoding and decoding functions that are vulnerable to integer overflows when processing very large strings. Processes using this library functions for processing data from the network can be exploited remotely to execute arbitrary code with the privileges of the user running this process.

tags | advisory, overflow, arbitrary
systems | linux, suse
advisories | CVE-2008-4316
MD5 | 184d9474edbe75929982331ea9501442
SUSE Security Announcement - Code Execution
Posted Apr 22, 2009
Site suse.com

SUSE Security Announcement - Multiple vulnerabilities were resolved in the CUPS system. These range from various integer and buffer overflows.

tags | advisory, overflow, vulnerability
systems | linux, suse
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0163, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
MD5 | 8cc8a37c5c4448805a9d21d0a67848d6
SUSE Security Announcement 2009-019
Posted Apr 8, 2009
Site suse.com

SUSE Security Announcement - The Kerberos implementation from MIT is vulnerable to four different security issues that range from a remote crash to to possible, but very unlikely, remote code execution.

tags | advisory, remote, code execution
systems | linux, suse
advisories | CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847
MD5 | fea5f5d965b0e9bd0ddfab127c979297
SUSE Security Announcement SUSE-SA:2009:005
Posted Jan 23, 2009
Site suse.com

SUSE Security Announcement - Some months ago a vulnerability in the DNS protocol was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifies the certification chain of a DNSSEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA.

tags | advisory, spoof, protocol
systems | linux, suse
advisories | CVE-2009-0025
MD5 | f011ca0b87a56d0c51242a49468a5936
SUSE-SA-2008-041.txt
Posted Aug 15, 2008
Site suse.com

SUSE Security Announcement - The SuSE Security-Team has found two critical issues in the code for openwsman. Two remote buffer overflows while decoding the HTTP basic authentication header exist and a possible SSL session replay attack affecting the client exists.

tags | advisory, remote, web, overflow
systems | linux, suse
advisories | CVE-2008-2234, CVE-2008-2233
MD5 | a5c9b5a5bfbfb5a476e0fa336417c841
SUSE-SA-2008-040.txt
Posted Aug 14, 2008
Site suse.com

SUSE Security Announcement - During a source code audit the SuSE Security-Team discovered a local privilege escalation bug as well as a mailbox ownership problem in postfix. The first bug allowed local users to execute arbitrary commands as root while the second one allowed local users to read other users mail.

tags | advisory, arbitrary, local, root
systems | linux, suse
advisories | CVE-2008-2936, CVE-2008-2937
MD5 | eaa21077f3779185d042f06a508f9688
SUSE-SA-2008-039.txt
Posted Aug 1, 2008
Site suse.com

SUSE Security Announcement - The net-snmp daemon implements the "simple network management protocol". The version 3 of SNMP as implemented in net-snmp uses the length of the HMAC in a packet to verify against a local HMAC for authentication. An attacker can therefore send a SNMPv3 packet with a one byte HMAC and guess the correct first byte of the local HMAC with 256 packets (max).

tags | advisory, local, protocol
systems | linux, suse
advisories | CVE-2008-0960, CVE-2008-2292
MD5 | 0609e869fe773ed7deaca9d774483e4c
SUSE-SA-2008-033.txt
Posted Jul 11, 2008
Site suse.com

SUSE Security Announcement - SUSE has released updates that address the recent cache poisoning vulnerability regarding bind.

tags | advisory
systems | linux, suse
advisories | CVE-2008-1447
MD5 | 4eee8765a56b57a922fbf0148e92e177
SUSE-SA-2008-023.txt
Posted Apr 21, 2008
Site suse.com

SUSE Security Announcement - A large amount of vulnerabilities related to OpenOffice have been patched on SuSE.

tags | advisory, vulnerability
systems | linux, suse
advisories | CVE-2008-0320, CVE-2007-5747, CVE-2007-5746, CVE-2007-5745, CVE-2007-4771, CVE-2007-4770
MD5 | 4c5cfdda92016701c5e930c64821e6b0
SUSE-SA-2008-016.txt
Posted Mar 19, 2008
Site suse.com

SUSE Security Announcement - The krb5 package has had multiple vulnerabilities patched including a dangling pointer issue, information leak, and out-of-bound array access flaws.

tags | advisory, vulnerability
systems | linux, suse
advisories | CVE-2008-0062, CVE-2008-0063, CVE-2008-0947, CVE-2008-0948
MD5 | 9b03a2a9416d9f9c958dc62dc3af9833
SUSE-SA-2008-014.txt
Posted Mar 14, 2008
Site suse.com

SUSE Security Announcement - The Evolution personal information manager is vulnerable to format string bugs in the emf_multipart_encrypted() function that is used to process encrypted messages. This bug can be abused by a remote attacker to execute arbitrary code by sending a crafted encrypted e-mail.

tags | advisory, remote, arbitrary
systems | linux, suse
advisories | CVE-2008-0072
MD5 | 63c078ed08a9a392c57149b3837a185d
SUSE-SA-2008-012.txt
Posted Mar 12, 2008
Site suse.com

SUSE Security Announcement - The current security update of cups fixes a double-free bug in the function process_browse_data() that can lead to a remote denial-of-service by crashing cupsd or possibly to a remote code execution. The bug can only be exploited if cupsd listens to 631/udp by crafted UDP Browse packets. Additionally two remote denial-of-service bugs were fixed. The first one can be triggered via crafted IPP packets to use a pointer after it was freed and the second issue is a memory-leak caused by a large number of requests to add and remove shared printers.

tags | advisory, remote, udp, code execution
systems | linux, suse
advisories | CVE-2008-0596, CVE-2008-0597, CVE-2008-0882
MD5 | 51864b80345817ce7b8c9ce7a309ef14
SUSE-SA-2008-003.txt
Posted Jan 18, 2008
Site suse.com

SUSE Security Announcement - The X windows system is vulnerable to several kinds of vulnerabilities that are caused due to insufficient input validation.

tags | advisory, vulnerability
systems | linux, windows, suse
advisories | CVE-2007-5760, CVE-2007-5958, CVE-2007-6427, CVE-2007-6428, CVE-2007-6429, CVE-2008-0006
MD5 | 37e556d4582f765bc0b2a688b023f810
SUSE-SA-2007-068.txt
Posted Dec 12, 2007
Site suse.com

SUSE Security Announcement - The Samba suite is an open-source implementation of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets.

tags | advisory, remote, overflow, protocol
systems | linux, suse
advisories | CVE-2007-6015
MD5 | 82308caf56f9dc3eeeb3831af2756513
SUSE-SA-2007-065.txt
Posted Dec 7, 2007
Site suse.com

SUSE Security Announcement - Secunia Research has reported a bug in function reply_netbios_packet() that allowed remote attackers to execute arbitrary code by sending specially crafted WINS "Name Registration" requests followed by a WINS "Name Query" request packet. The exploitable code in samba can only be reached if the option "wins support" was enabled. Another bug reported by Secunia Research affected the processing of GETDC mailslot request in nmbd. This error can also be exploited remotely to execute arbitrary code, but only if samba was configured as Primary or Backup Domain Controller.

tags | advisory, remote, arbitrary
systems | linux, suse
advisories | CVE-2007-4572, CVE-2007-5398
MD5 | bf30e29987d3f708bc1c72c9e184b784
SUSE-SA-2007-060.txt
Posted Nov 15, 2007
Site suse.com

SUSE Security Announcement - Secunia Research reported three security bugs in xpdf. The first problem occurs while indexing an array in DCTStream:: readProgressiveDataUnit(). Another method in the same class named reset() is vulnerable to an integer overflow which leads to an overflow on the heap. The last bug also causes an overflow on the heap but this time in method lookChar() of class CCITTFaxStream.

tags | advisory, overflow
systems | linux, suse
advisories | CVE-2007-4352, CVE-2007-5392, CVE-2007-5393
MD5 | ff6840ca89a9d121a0be10b428b0703d
SUSE-SA-2007-050.txt
Posted Aug 31, 2007
Site suse.com

SUSE Security Announcement - The Opera web-browser allows an attacker to execute arbitrary code by providing an invalid pointer to a virtual function in JavaScript. This bug can be exploited automatically when a user visits a web-site that contains the attacker's JavaScript code.

tags | advisory, web, arbitrary, javascript
systems | linux, suse
advisories | CVE-2007-4367
MD5 | 67d50149e61c18e0f82a4f187d83b23e
SUSE-SA-2007-013.txt
Posted Jan 27, 2007
Site suse.com

SUSE Security Announcement - This update fixes several format string bugs that can be exploited remotely with user-assistance to execute arbitrary code. Since SUSE Linux version 10.1 format string bugs are not exploitable anymore.

tags | advisory, arbitrary
systems | linux, suse
advisories | CVE-2007-0017
MD5 | 61793c69535f7c4dfdcc2f5623e2654a
Page 1 of 4
Back1234Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    13 Files
  • 30
    Oct 30th
    8 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close