.:[ packet storm ]:.
                               
the vulnerability safehouse
the vulnerability safehouse

 Section:  .. / 0607-advisories  /

Page 21 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 500 - 525 of 526
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: USN-314-1.txt
Description:
 Ubuntu Security Notice 314-1 - The Samba security team reported a Denial of Service vulnerability in the handling of information about active connections. In certain circumstances an attacker could continually increase the memory usage of the smbd process by issuing a large number of share connection requests. By draining all available memory, this could be exploited to render the remote Samba server unusable.
Homepage:http://security.ubuntu.com/
File Size:22634
Related CVE(s):CVE-2006-3403
Last Modified:Jul 13 18:31:49 2006
MD5 Checksum:881c386434b569c32336480c4ce5fdd0

 ///  File Name: USN-315-1.txt
Description:
 Ubuntu Security Notice 315-1 - Matthias Hopf discovered several buffer overflows in libmms. By tricking a user into opening a specially crafted remote multimedia stream with an application using libmms, a remote attacker could exploit this to execute arbitrary code with the user's privileges. The Xine library contains an embedded copy of libmms, and thus needs the same security update.
Homepage:http://security.ubuntu.com/
File Size:8400
Last Modified:Jul 13 18:32:46 2006
MD5 Checksum:ea8e5f02d4c5cee972a184059b43c3fd

 ///  File Name: USN-316-1.txt
Description:
 Ubuntu Security Notice 316-1 - Iwan Pieterse discovered that, if you select "Go Back" at the final message displayed by the alternate or server CD installer ("Installation complete") and then continue with the installation from the installer's main menu, the root password is left blank rather than locked. This was due to an error while clearing out the root password from the installer's memory to avoid possible information leaks.
Homepage:http://security.ubuntu.com/
File Size:4081
Last Modified:Jul 13 18:30:54 2006
MD5 Checksum:5fc474b997ce498eeca3a6915fb08a2d

 ///  File Name: USN-317-1.txt
Description:
 Ubuntu Security Notice 317-1: zope2.8 vulnerability - Zope did not deactivate the 'raw' command when exposing RestructuredText functionalities to untrusted users. A remote user with the privilege of editing Zope webpages with RestructuredText could exploit this to expose arbitrary files that can be read with the privileges of the Zope server.
Homepage:http://security.ubuntu.com/
File Size:2435
Last Modified:Jul 13 20:01:17 2006
MD5 Checksum:914d6e57066caf2aa27e969ac9dd0521

 ///  File Name: USN-318-1.txt
Description:
 Ubuntu Security Notice 318-1: libtunepimp vulnerability - Kevin Kofler discovered several buffer overflows in the tag parser. By tricking a user into opening a specially crafted tagged multimedia file (such as .ogg or .mp3 music) with an application that uses libtunepimp, this could be exploited to execute arbitrary code with the user's privileges.
Homepage:http://security.ubuntu.com/
File Size:15776
Last Modified:Jul 13 20:01:11 2006
MD5 Checksum:89cccb526181796c345f21779654cc71

 ///  File Name: USN-319-1.txt
Description:
 Ubuntu Security Notice 319-1 - A race condition has been discovered in the file permission handling of the /proc file system. A local attacker could exploit this to execute arbitrary code with full root privileges.
Homepage:http://security.ubuntu.com/
File Size:43251
Related CVE(s):CVE-2006-3626
Last Modified:Jul 20 05:21:43 2006
MD5 Checksum:c11322efcaa2186e77df73be9880b31e

 ///  File Name: USN-320-1.txt
Description:
 Ubuntu Security Notice 320-1 - Multiple vulnerabilities in php4 and php5 have been fixed in Ubuntu.
Homepage:http://security.ubuntu.com/
File Size:30846
Related CVE(s):CVE-2006-0996, CVE-2006-1490, CVE-2006-1494, CVE-2006-1608, CVE-2006-1990, CVE-2006-1991, CVE-2006-2563, CVE-2006-2660, CVE-2006-3011, CVE-2006-3016, CVE-2006-3018
Last Modified:Jul 23 23:25:38 2006
MD5 Checksum:f9d5c54a11f54233b9db53e9b237aef2

 ///  File Name: USN-320-2.txt
Description:
 Ubuntu Security Notice 320-2 - USN-320-2 fixed several vulnerabilities in PHP. James Manning discovered that the Ubuntu 5.04 update introduced a regression, the function tempnam() caused a crash of the PHP interpreter in some circumstances. The updated packages fix this.
Homepage:http://security.ubuntu.com/
File Size:4203
Last Modified:Jul 27 21:52:43 2006
MD5 Checksum:67dc1b3f40e0b17696b72ffae751c7ff

 ///  File Name: USN-321-1.txt
Description:
 Ubuntu Security Notice 321-1 - Jean-David Maillefer discovered a format string bug in the date_format() function's error reporting. By calling the function with invalid arguments, an authenticated user could exploit this to crash the server.
Homepage:http://security.ubuntu.com/
File Size:3822
Related CVE(s):CVE-2006-3469
Last Modified:Jul 24 00:55:43 2006
MD5 Checksum:eaa93b60759dd9f23239c1904a434a9f

 ///  File Name: USN-322-1.txt
Description:
 Ubuntu Security Notice 322-1 - A Denial of Service vulnerability has been reported in the replaceChild() method in KDE's DOM handler. A malicious remote web page could exploit this to cause Konqueror to crash.
Homepage:http://security.ubuntu.com/
File Size:10957
Related CVE(s):CVE-2006-3472
Last Modified:Jul 26 03:55:02 2006
MD5 Checksum:cbcb5f9dd3a571e2864e118d695c594d

 ///  File Name: USN-323-1.txt
Description:
 Ubuntu Security Notice 323-1 - A massive security update for multiple vulnerabilities in Mozilla has been released.
Homepage:http://security.ubuntu.com/
File Size:20538
Related CVE(s):CVE-2006-2775, CVE-2006-2776, CVE-2006-2777, CVE-2006-2778, CVE-2006-2779, CVE-2006-2780, CVE-2006-2781, CVE-2006-2782, CVE-2006-2783, CVE-2006-2784, CVE-2006-2785, CVE-2006-2786, CVE-2006-2787
Last Modified:Jul 27 21:40:06 2006
MD5 Checksum:fa69ec6a59a30bab3fb4a9ab6577f858

 ///  File Name: USN-325-1.txt
Description:
 Ubuntu Security Notice USN-325-1 - ruby1.8 suffer from flaws where the alias function, certain directory operations, and regular expressions did not correctly implement safe levels. Depending on the application these flaws might allow attackers to bypass safe level restrictions and perform unintended operations.
Homepage:http://security.ubuntu.com/
File Size:27993
Related CVE(s):CVE-2006-3694
Last Modified:Jul 27 23:26:40 2006
MD5 Checksum:f871c9ce413ce45050cfc2aaf09a69b6

 ///  File Name: USN-326-1.txt
Description:
 Ubuntu Security Notice USN-326-1 - Yan Rong Ge discovered that heartbeat did not set proper permissions for an allocated shared memory segment. A local attacker could exploit this to render the heartbeat service unavailable causing a denial of service condition.
Homepage:http://security.ubuntu.com/
File Size:15851
Related CVE(s):CVE-2006-3815
Last Modified:Jul 27 23:27:27 2006
MD5 Checksum:68dcb259ec00bff26a001ecda3a338ed

 ///  File Name: USN-327-1.txt
Description:
 Ubuntu Security Notice USN-327-1 - A multitude of javascript related vulnerabilities have been patched in Firefox.
Homepage:http://security.ubuntu.com/
File Size:9453
Related CVE(s):CVE-2006-3113, CVE-2006-3677, CVE-2006-3801, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812
Last Modified:Jul 27 23:34:15 2006
MD5 Checksum:7e801bfa79b1c6235c2c40b735e4b950

 ///  File Name: USN-328-1.txt
Description:
 Ubuntu Security Notice USN-328-1 - Mark Dowd discovered an off-by-one buffer overflow in the mod_rewrite module's ldap scheme handling for Apache 2.
Homepage:http://security.ubuntu.com/
File Size:26886
Related CVE(s):CVE-2006-3747
Last Modified:Jul 27 23:40:47 2006
MD5 Checksum:f7dfeb500655513bde2fc845015f145e

 ///  File Name: VMSA-2006-0003.txt
Description:
 The VMWare configuration program may not correctly set file permissions on generated SSL Key files that are used for encrypting traffic for remote administrative connections. Affected software includes VMware Player for Linux, VMware Workstation for Linux, VMware Server for Linux, VMware ESX Server 2.x, and VMware Infrastructure 3. ,
Homepage:http://www.vmware.com/security
File Size:2705
Related CVE(s):CVE-2006-3589
Last Modified:Jul 20 06:04:40 2006
MD5 Checksum:067b10329c32b25a8b32a0bd41b25751

 ///  File Name: warzone.txt
Description:
 Warzone Resurrection versions 2.0.3 and below and versions SNV 127 and below suffer from multiple buffer overflow vulnerabilities.
Author:Luigi Auriemma
Homepage:http://aluigi.org
File Size:3419
Last Modified:Jul 26 03:11:08 2006
MD5 Checksum:bc56c2a4fea64da8df8bb08f54cce573

 ///  File Name: weURL.txt
Description:
 When Windows Explorer (explorer.exe) parses a malformed .url file it is susceptible to a denial of service.
Author:nanika
Homepage:http://hitcon.org/
File Size:774
Last Modified:Jul 9 07:14:41 2006
MD5 Checksum:f8c03051711fd9d568d0430b9b24b3ca

 ///  File Name: winlpd.txt
Description:
 A stack-based buffer overflow has been discovered in Winlpd version 1.26.
Author:Pablo Isola
File Size:512
Last Modified:Jul 27 23:23:18 2006
MD5 Checksum:dd3e1670b3b744d9d3d2d284237d2c30

 ///  File Name: yahooXSSflaw.txt
Description:
 Yahoo! Mail suffers from a cross site scripting flaw.
Author:Simo Ben youssef
Homepage:http://www.morx.org/
File Size:3116
Last Modified:Jul 27 22:53:04 2006
MD5 Checksum:dc64250751f4fd8c40902709bc16c28d

 ///  File Name: yimvuln.txt
Description:
 Yahoo Instant Messenger suffers from a remote flaw that allows a browser to be launched.
Author:ivan ivan
File Size:2168
Last Modified:Aug 3 00:48:20 2006
MD5 Checksum:bb7dcaa22e748dcd023e979008b26541

 ///  File Name: ZDI-06-021.txt
Description:
 The WebEx Downloader Plug-in suffers from a flaw that exists due to the lack of input validation on various ActiveX/Java control parameters and configuration directives. The "GpcUrlRoot" and "GpcIniFileName" ActiveX/Java control parameters allow an attacker to specify the location of a configuration file containing further control directives. This allows an attacker to transfer arbitrary files and executables to the target. The attacker can then leverage available configuration directives to execute the newly created executables thereby compromising the underlying system.
Homepage:http://www.zerodayinitiative.com/
File Size:2926
Related CVE(s):CVE-2006-3423
Last Modified:Jul 9 08:25:25 2006
MD5 Checksum:a07490c7968278e740d27117f65e63d4

 ///  File Name: ZDI-06-022.txt
Description:
 A vulnerability in the rebuilding of malformed cell comments allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. Affected products include Office Excel 2003, Office Excel Viewer 2003, Office Excel 2002, Office Excel 2000, Office Excel 2004 for Mac, and Office Excel version X for Mac.
Homepage:http://www.zerodayinitiative.com/
File Size:2765
Related CVE(s):CVE-2006-2388
Last Modified:Jul 12 05:25:04 2006
MD5 Checksum:9de06baad3d1070075e2a5ab58fad0d3

 ///  File Name: ZDI-06-023.txt
Description:
 A vulnerability exists in the IQnetworks Enterprise Security Analyzer. The specific flaw exists within the Syslog daemon, syslogserver.exe, during the processing of long strings transmitted to the listening TCP port. The vulnerability is not exposed over UDP. The default configuration does not expose the open TCP port.
Homepage:http://www.zerodayinitiative.com/
File Size:3046
Related CVE(s):CVE-2006-3838
Last Modified:Jul 26 05:11:05 2006
MD5 Checksum:9b06a86618e60a889d2bc9323526e33b

 ///  File Name: ZDI-06-024.txt
Description:
 A vulnerability exists in the IQnetworks Enterprise Security Analyzer. The specific flaw exists within EnterpriseSecurityAnalyzer.exe, which binds by default to TCP port 10616. During the processing of long arguments to the LICMGR_ADDLICENSE command a stack based buffer overflow occurs.
Homepage:http://www.zerodayinitiative.com/
File Size:3039
Related CVE(s):CVE-2006-3838
Last Modified:Jul 26 05:11:59 2006
MD5 Checksum:af2e73ee9fc1378045233c98169b7cad
 

 ///  Last 10 Files
  1. :· ZDI-08-076.txt
  2. :· ZDI-08-075.txt
  3. :· toursmanager-blindsql.txt
  4. :· phprsgal-sql.txt
  5. :· MDVSA-2008-233.txt
  6. :· java2-malware.pdf
  7. :· natterchat-sql.txt
  8. :· php526-bypass.txt
  9. :· phpfusion7001-sql.txt
  10. :· social-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· ZDI-08-076.txt
  2. :· ZDI-08-075.txt
  3. :· MDVSA-2008-233.txt
  4. :· SSRT080059.txt
  5. :· MDVSA-2008-220-1.txt
  6. :· MDVSA-2008-232.txt
  7. :· USN-674-1.txt
  8. :· dsa-1667-1.txt
  9. :· PR08-09.txt
  10. :· secunia-streamripper.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· toursmanager-blindsql.txt
  2. :· phprsgal-sql.txt
  3. :· natterchat-sql.txt
  4. :· php526-bypass.txt
  5. :· phpfusion7001-sql.txt
  6. :· social-sql.txt
  7. :· vbulletin-xssxsrf.txt
  8. :· askpert-sql.txt
  9. :· backlinkspider-sql.txt
  10. :· exodus-injection.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· pysumpas-0.2.0.tar.gz
  2. :· framework-3.2.tar.gz
  3. :· tor.uclibc.i686.20081115.iso
  4. :· RFIDIOt-Windows-0.1u.zip
  5. :· RFIDIOt-0.1u.tgz
  6. :· dps-v1.5.tar.gz
  7. :· smbrelay3.zip
  8. :· mptrey.tar.gz
  9. :· dotnetsploitsrc-1.0.zip
  10. :· MultiInjectorV0.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· java2-malware.pdf
  2. :· return-to-libc-linux.txt
  3. :· stack-overflow-linux.txt
  4. :· smallest_setuid_execve_sc.c
  5. :· sudoers-shellcode.txt
  6. :· strongswan-4.2.9.tar.gz
  7. :· hodetector-shellcode.txt
  8. :· rtm-essential5.pdf
  9. :· unixasm-1.3.0.tar.gz
  10. :· bnd-networks.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice