what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2009-11-20 to 2009-11-21

Zero Day Initiative Advisory 09-085
Posted Nov 20, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-085 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Operations Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists due to a hidden account present within the Tomcat users XML file. Using this account a malicious user can access the org.apache.catalina.manager.HTMLManagerServlet class. This is defined within the catalina-manager.jar file installed with the product. This servlet allows a remote user to upload a file via a POST request to /manager/html/upload. If an attacker uploads malicious content it can then be accessed and executed on the server which leads to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2009-3843
SHA-256 | f75bee3a0ef69790466f2dcfe8532a1ba92d356f316bf6d636784b35d8a50973
Botan C++ Crypto Algorithms Library 1.9.3
Posted Nov 20, 2009
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds support for fast AES using Intel\'s new AES-NI instructions. An implementation of format preserving encryption, which allows for operations like encrypting credit card numbers (CCNs) with valid checksums into other CCNs with valid checksums, was also added, along with an example of using it for CCN encryption. The implementations of AES, MARS, and Skipjack were optimized. The default Windows build is now to create a DLL, and an installer for Windows is now available.
tags | library
SHA-256 | 4d511b4cceb539b683428bda6f2fcee10dbbd4c63a174eb2d14bbaa79ceb2613
VMware Security Advisory 2009-0016
Posted Nov 20, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components. And by multiple, VMware means 93 issues. And by issues, VMware means vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2009-1093, CVE-2009-1094, CVE-2009-1095, CVE-2009-1096, CVE-2009-1097, CVE-2009-1098, CVE-2009-1099, CVE-2009-1100, CVE-2009-1101, CVE-2009-1102, CVE-2009-1103, CVE-2009-1104, CVE-2009-1105, CVE-2009-1106, CVE-2009-1107, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671
SHA-256 | 101173f9f91a1f7594cf27ac8b0a52a7e9ab1d79d792e24aa5854aaa771f163d
HP Security Bulletin HPSBMA02478 SSRT090251
Posted Nov 20, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Operations Manager for Windows. The vulnerability could be exploited remotely to gain unauthorized access.

tags | advisory
systems | windows
advisories | CVE-2009-3843
SHA-256 | e7ff7ea3b271887cdcbfd5b312dce78fc4d17ab51782377395d5bc855481bf72
Betsy CMS 3.5 Local File Inclusion
Posted Nov 20, 2009
Authored by MizoZ

Betsy CMS versions 3.5 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 41542e3783234685da0bf139cebeb00029024c285c6a78ccdd9b651bb10e1318
PHP 5.3.0 Remote Denial Of Service
Posted Nov 20, 2009
Authored by Bogdan Calin | Site acunetix.com

PHP versions prior to 5.3.1 suffer from a remote denial of service condition due to server exhaustion from the creation of too many temporary files.

tags | advisory, remote, denial of service, php
SHA-256 | 316de2b8351b813911bb798a12385bf727ba0def864f5b86a8833e05717d7ecc
Secunia Security Advisory 37419
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco VPN Client, which can be exploited by malicious, local users to cause a DoS (Denial of Serivce).

tags | advisory, local
systems | cisco
SHA-256 | 09f9e2d062846c6536acb911726e1d8e06b89b2a5449caeeab0b05552e58e6bb
Secunia Security Advisory 37412
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in PHP, some of which have unknown impact and others that can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, php, vulnerability
SHA-256 | e357a2359a694f36bc0c9a7b8003c7bd0b5cdd2d4803e712bf0da0b8890a5e01
Secunia Security Advisory 37410
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the PEAR Mail package, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 4e07f95f5edbbaf566dcda17ffc795a1338511073eab2647c883f9bb24c4c4e1
Secunia Security Advisory 37239
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_6_0-sun. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.

tags | advisory, java, denial of service, vulnerability
systems | linux, suse
SHA-256 | a9a1364be50bec3b6783e050bcdccedf36bf8d929d9d9323dad1b23c8f33cd65
Secunia Security Advisory 37431
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Opera, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | 37ea0550b1b4eed9ddc9d7a5cfc397cefb375986b0bc14a3a290d3b639c3533a
Secunia Security Advisory 37442
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM Rational products, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 3abf66d300d198abda90e90593f4e5ded19a45e81d233ada32de7988c925eb49
Secunia Security Advisory 37432
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in KDE, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | 55986d762e254d0273fc8345de0704d6df789f070d43213282953f4613cb5139
Secunia Security Advisory 37444
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Operations Manager, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | d4ddc5de5e278f80d0e9ae6e80cf3da5914801ee346553b5f9e9dbf52a42d6b6
Secunia Security Advisory 37443
Posted Nov 20, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Dovecot, which can be exploited by malicious, local user to gain escalated privileges.

tags | advisory, local
SHA-256 | ada530a14523fe8e6c0b869280373cd9ba819248e7d44384fe8df29bce0ae82d
KDELibs 4.3.3 Remote Array Overrun
Posted Nov 20, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

KDE KDELibs version 4.3.3 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.

tags | exploit, remote, overflow, arbitrary, code execution
advisories | CVE-2009-0689
SHA-256 | 6f52b93fb01923395e9e086f5499f4f495580fa36af7131b1bed3d92eb179b44
Opera 10.01 Remote Array Overrun
Posted Nov 20, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

Opera version 10.01 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.

tags | exploit, remote, overflow, arbitrary, code execution
advisories | CVE-2009-0689
SHA-256 | a37b1ab07f2eb1b10acb2a9937e5b99e96db9296d51a29455557a8d718666d22
K-Meleon 1.5.3 Remote Array Overrun
Posted Nov 20, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

K-Meleon version 1.5.3 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.

tags | exploit, remote, overflow, arbitrary, code execution
advisories | CVE-2009-0689
SHA-256 | 4f99f451546f29e0f79ecb622261bf75af36cf92b6e4376642a36de97a3e3327
SeaMonkey 1.1.0 Remote Array Overrun
Posted Nov 20, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

SeaMonkey version 1.1.8 suffers from a remote array overrun vulnerability that allows for arbitrary code execution.

tags | exploit, remote, overflow, arbitrary, code execution
advisories | CVE-2009-0689
SHA-256 | 2aa2eab42892d1c8cf5768b431d3c784578d3ee3b77c8e0e16d5a0e45da5403f
Cisco VPN Client 0day Integer Overflow
Posted Nov 20, 2009
Authored by Alex Hernandez

Cisco VPN Client 0day integer overflow denial of service proof of concept code.

tags | exploit, denial of service, overflow, proof of concept
systems | cisco
SHA-256 | 142bea9a4f77b4e9264718284df5e0a2a9694680c035f320894fc7e1f5fcd792
HP Security Bulletin HPSBPI02472 SSRT090196
Posted Nov 20, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS).

tags | advisory, denial of service
advisories | CVE-2009-3842
SHA-256 | 2ca872e8783c444b03bc95b7b99e7a801b0e5295009dfc0c6675d88324faf42f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close