exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2007-07-20

Ubuntu Security Notice 490-1
Posted Jul 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 490-1 - A slew of vulnerabilities have been fixed in the Firefox browser. Too many to list, but we suggest upgrading now.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2007-3089, CVE-2007-3285, CVE-2007-3656, CVE-2007-3734, CVE-2007-3735, CVE-2007-3736, CVE-2007-3737, CVE-2007-3738
SHA-256 | 4c2895058ecfb4ae1b11af7afd580f2416642597addd5705e9f4d95880f30ea6
wii-flash.txt
Posted Jul 20, 2007
Authored by Juha-Matti Laurio

It appears that the Wii is susceptible to the recent Flash vulnerability.

tags | advisory
advisories | CVE-2007-3456
SHA-256 | 0f7261e65c07b5b6fcef9bc48750adaae090f1ddb4a20f6f314aa8b21a9f4287
Technical Cyber Security Alert 2007-200A
Posted Jul 20, 2007
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA07-200A - Oracle has released patches to address numerous vulnerabilities in different Oracle products. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
SHA-256 | 110b1df69cad8925a20da667c032e60214d2e7f0cc7351ea593c4b05b5598c3a
heise-lotus.txt
Posted Jul 20, 2007
Authored by Juergen Schmidt | Site heise-security.co.uk

A debug function in versions 5 and above of Lotus Notes can be used to write a file containing the new password in plain text when a user password is changed.

tags | advisory
SHA-256 | e4f7baa867a47b1fb9704bf578e98b22936cfc57d721050e9c5f5248bf1c9cdd
CA Security Advisory 35515
Posted Jul 20, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize Alert service functionality contain multiple vulnerabilities. The vulnerabilities are due to insufficient bounds checking on received data by certain RPC procedures. An attacker can exploit these buffer overflows to execute arbitrary code or cause service failure.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2007-3825
SHA-256 | dff03d4b04f6fb38db9efcc99d514db64917edf808004035f18a70b3cba857e0
iDEFENSE Security Advisory 2007-07-19.2
Posted Jul 20, 2007
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDefense Security Advisory 07.19.07 - Remote exploitation of an input handling vulnerability within multiple browsers on the Microsoft Windows platform allows code execution as the local user. This vulnerability is due to interaction between programs. The most commonly used Microsoft Windows URL protocol handling code doesn't provide a way for the URI handling application to distinguish the end of one argument from the start of another. The problem is caused by the fact that browsers do not pct-encode certain characters in some URIs, which does not comply with the behavior that RFC3986 (also known as IETF STD 66) requires. As a result, a specially constructed link could be interpreted as multiple arguments by a URI protocol handler.

tags | advisory, remote, local, code execution, protocol
systems | windows
advisories | CVE-2007-3670
SHA-256 | 9b05f19043a6d8514b2073fb08476be0bcc0a957cc17806d1640358b4e31e615
iDEFENSE Security Advisory 2007-07-19.1
Posted Jul 20, 2007
Authored by iDefense Labs, enhalos | Site idefense.com

iDefense Security Advisory 07.19.07 - Remote exploitation of a dangling pointer vulnerability in Opera Software ASA's Opera web browser could allow an attacker to execute arbitrary code with the privileges of the logged in user. Opera 9.2 supports BitTorrent downloads. When parsing a specially crafted BitTorrent header, Opera uses memory that has already been freed. This can result in an invalid object pointer being dereferenced, and may allow for the execution of arbitrary code. The vulnerability is triggered when the user right clicks on the transfer and removes it. iDefense has confirmed the existence of this vulnerability in Opera version 9.21 on Windows. Previous versions may also be affected.

tags | advisory, remote, web, arbitrary
systems | windows
SHA-256 | 8b4808d2e862d865b862e4427d7013cade42d8ca0b810036a7a5b5856b262147
docuwiki-xss.txt
Posted Jul 20, 2007
Authored by Cyrill Brunschwiler | Site csnc.ch

DocuWiki versions 2007-06-26 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 03d5c96afbe8e364d765e4acef7758de31c0e20b04ad064ed7ab543e2c6ac22f
Ubuntu Security Notice 489-2
Posted Jul 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 489-2 - USN-489-1 fixed vulnerabilities in the Linux kernel. This update provides the corresponding fixes for the redhat cluster suite kernel sources. A flaw was discovered in the cluster manager. A remote attacker could connect to the DLM port and block further DLM operations.

tags | advisory, remote, kernel, vulnerability
systems | linux, redhat, ubuntu
advisories | CVE-2007-3380
SHA-256 | 0d241b289f8d930888e01b8825c798b12b72825c617339f4538f053c8a376015
Ubuntu Security Notice 489-1
Posted Jul 20, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 489-1 - A ridiculous amount of vulnerabilities in the Linux 2.6 kernel have been fixed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2006-4623, CVE-2006-7203, CVE-2007-0005, CVE-2007-1000, CVE-2007-1353, CVE-2007-1861, CVE-2007-2453, CVE-2007-2525, CVE-2007-2875, CVE-2007-2876, CVE-2007-2878, CVE-2007-3380, CVE-2007-3513
SHA-256 | e57ff18db9c14e7dbf029ac86c91398b196c8f2c31c5a6cdc9eaeb255f1db033
rsbac-common-1.3.5.tar.bz2
Posted Jul 20, 2007
Site rsbac.org

Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.

Changes: Fixed compilation issue, various other tweaks.
tags | kernel
systems | linux
SHA-256 | 63ad2a3ed8540da3a7d675463144595b214d16e64d5a178e61b7d6954c59f535
Stega201.zip
Posted Jul 20, 2007
Authored by Asko Vuori

Stega version 2.01 for DOS can hide another file inside Bmp/Gif/Lst/Pcx/Raw/Tga/Txt/Voc/Wav file with 128-bit IDEA key. This is a freeware utility and the binary release of this program. stega.gif has full zipped (15k) FASM source inside.

tags | encryption, steganography
SHA-256 | 7781322eae4e5ad850545c8391b48eab095688c928653b32b601c858d3a67002
versalsoft-overflow.txt
Posted Jul 20, 2007
Authored by shinnai | Site shinnai.altervista.org

Versalsoft HTTP File Uploader AddFile() remote buffer overflow exploit that makes use of UFileUploaderD.dll version 6.0.0.38.

tags | exploit, remote, web, overflow, file upload
SHA-256 | 9f9f910f8e8dc3541794772329737c9a6a662b51f4a30c406383c84005c2e9f2
bunkerview.txt
Posted Jul 20, 2007
Authored by Andrea Purificato | Site rawlab.mindcreations.com

Oracle 9i and 10g evil view change password exploit.

tags | exploit
advisories | CVE-2007-3855
SHA-256 | 67a721e9a7e576c4b91c255ef53da472e4330cc3f959dc516deafe74bdaf2711
joomlapony-sql.txt
Posted Jul 20, 2007
Authored by ajann

Joomla component Pony Gallery versions 1.5 and below are susceptible to a blind SQL injection exploit that makes use of index.php.

tags | exploit, php, sql injection
SHA-256 | ae32d0131ae3ff570f8c6e66aa80fe604917a74dd955400f724b06ac3b447e03
Secunia Security Advisory 26066
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Rajesh Sethumadhavan has reported a vulnerability in Yahoo! Messenger, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 6047c40056611843ab2ad43607054a4953a8a637ca01fa0c894fa6fbaa52fad7
Secunia Security Advisory 26092
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - hdiamant has discovered a security issue in the Samsung SCX-4200 Driver, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 6ee26d998c4d246e8cf4ff60fa5f899c13ee8926fe8f92e08d6b291c69579c32
Secunia Security Advisory 26103
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing and cross-site scripting attacks, and potentially compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
SHA-256 | af1afdebbdb58091d231779274d560c28a319fa8342660f88a191c8f5f6520a6
Secunia Security Advisory 26106
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 28c99579cc06720974ad1b2550443c3e27676efbffca739cb17317f4f77b55ff
Secunia Security Advisory 26107
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing and cross-site scripting attacks, and potentially compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
SHA-256 | cafe0019dec290ba4c07b337deb63de26b4b65c6278c96480298bccec7f88623
Secunia Security Advisory 26110
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tim Brown has reported some vulnerabilities in eVisit Analyst, which can be exploited by malicious people conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 5ab92e621b5ef12dd34a206bfc0ac356f01fab7fa0b82226fa963771c4de4f28
Secunia Security Advisory 26113
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in MAXdev MD-Pro, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | bea39e99c2ac780d6778ac11552f06e7db4a80178d4616e4304c5ebb9f97b9c5
Secunia Security Advisory 26118
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 7d426cc67782d7c98d955207f76a70749bd9cfc085bdef82c241412ffb6a0b66
Secunia Security Advisory 26119
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for IBM Java JRE/SDK and Sun Java JRE/SDK. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, gain escalated privileges, cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, suse
SHA-256 | 505268f9c2b2eca9fbcab8ce533482c0254ea0c3b7b6164db270e815d457a4c4
Secunia Security Advisory 26121
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LedgerSMB, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 26df226a9f54b84138410faac52ae4462c13bd4cf62ac382d1909ca5c7d4ce06
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close