.:[ packet storm ]:.
                             
know better
know better

 Section:  .. / 0707-advisories  /

Page 7 of 23
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 >> Files 150 - 175 of 557
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sa26027.txt
Description:
 Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.
Homepage:http://secunia.com/advisories/26027/
File Size:3822
Last Modified:Jul 12 01:06:45 2007
MD5 Checksum:edb24401419aec988959bfd0a1c6eb31

 ///  File Name: 07.16.07-2.txt
Description:
 iDefense Security Advisory 07.16.07 - Remote exploitation of an authorization bypass vulnerability in Trend Micro Inc.'s OfficeScan for Windows could allow attackers to login to the management console and alter application settings. The OfficeScan installation includes a web management console that allows administrators to configure the application and the Antivirus clients it manages. The web interface login is handled by cgiChkMasterPwd.exe which is passed a hash and an encrypted version of the password generated by an ActiveX control on the login page. If cgiChkMasterPwd.exe is sent an empty encryption string and empty hash it proceeds to issue the client a valid session id which can then be used to access the web management console. iDefense has confirmed the existence of this vulnerability in OfficeScan for Windows 7.3 with all current patches applied. Previous versions may also be affected.
Author:David Maciejak
Homepage:http://www.idefense.com/
File Size:3811
Related CVE(s):CVE-2007-3455
Last Modified:Jul 17 09:50:19 2007
MD5 Checksum:9feb23e6fea2157756924c3bbe576752

 ///  File Name: wachovia-leak.txt
Description:
 Wachovia Bank submits confidential user information via a simple HTTP POST without using SSL.
Author:Bob Toxen
Homepage:http://VerySecureLinux.com/
File Size:3810
Last Modified:Jul 11 11:01:02 2007
MD5 Checksum:a819cb7b4c3710195ca7bddd7bea75a8

 ///  File Name: sa26178.txt
Description:
 Secunia Security Advisory - Sergio Alvarez has reported some vulnerabilities in Norman Antivirus products, which can be exploited by malware to bypass certain scanning functionality and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26178/
File Size:3766
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:6a0f97b909b33582784fc2c52d181e8b

 ///  File Name: sa26002.txt
Description:
 Secunia Security Advisory - Two vulnerabilities have been reported in Windows Active Directory, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26002/
File Size:3758
Last Modified:Jul 11 06:37:19 2007
MD5 Checksum:e027604da1dc10a86de8ccd89ed18dda

 ///  File Name: 07.11.07-7.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of an integer overflow vulnerability in Apple Computer Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in QuickTime players handling of the title and author fields in an SMIL file. When parsing an SMIL file, arithmetic calculations can cause insufficient memory to be allocated. When copying in user-supplied data from the SMIL file, a heap-based buffer overflow occurs. This results in a potentially exploitable condition. iDefense Labs confirmed this vulnerability exists in version 7.1.3 and 7.1.5 of QuickTime on Windows and Mac OS X. Previous versions are suspected to be vulnerable.
Author:David Vaartjes
Homepage:http://www.idefense.com/
File Size:3749
Related CVE(s):CVE-2007-2394
Last Modified:Jul 12 04:20:40 2007
MD5 Checksum:2a3cc0fd5e612bd18139afef28cdcb48

 ///  File Name: sa26201.txt
Description:
 Secunia Security Advisory - A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26201/
File Size:3744
Last Modified:Jul 27 05:17:23 2007
MD5 Checksum:193133636d976c4c30f60c9dc6e42180

 ///  File Name: TPTI-07-12.txt
Description:
 A vulnerability allows attackers to execute arbitrary code on vulnerable installations of RSA Authentication Manager and other products that include the Progress server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Progress Server listening by default on TCP ports 5520 and 5530. The _mprosrv.exe process trusts a user-supplied DWORD size and attempts to receive that amount of data into a statically allocated heap buffer
Author:Aaron Portnoy
Homepage:http://dvlabs.tippingpoint.com/
File Size:3728
Related CVE(s):CVE-2007-2417
Last Modified:Jul 13 23:57:10 2007
MD5 Checksum:5e0ed789c25b8e4dd5a76e87be3f6576

 ///  File Name: 07.17.07-1.txt
Description:
 iDefense Security Advisory 07.17.07 - Remote exploitation of a denial of service vulnerability within version 5.1.0.2 of IBM Corp.'s Tivoli Provisioning Manager for OS Deployment allows attackers to deny service to all product functionality. This vulnerability specifically exists in the TFTP protocol implementation. When processing a read request (RRQ), an integer division by zero error can be triggered by supplying an invalid "blksize" argument. This exception is not handled and will result in the rembo.exe service terminating. iDefense has confirmed the existence of this vulnerability in version 5.1.0.2 of IBM Corp.'s Tivoli Provisioning Manager for OS Deployment. Version 5.1.0.116 was tested and found not to be vulnerable.
Author:Manuel Santamarina Suarez
Homepage:http://www.idefense.com/
File Size:3699
Related CVE(s):CVE-2007-3268
Last Modified:Jul 18 06:29:54 2007
MD5 Checksum:187130b0ce36ace72f8f29c8f4ff40e6

 ///  File Name: sa26063.txt
Description:
 Secunia Security Advisory - RedTeam Pentesting has reported some vulnerabilities in activeWeb contentserver, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, or conduct SQL injection and script insertion attacks, and by malicious people to conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/26063/
File Size:3698
Last Modified:Jul 13 23:43:57 2007
MD5 Checksum:b329ac1276d85aa746db23223926b411

 ///  File Name: sa26042.txt
Description:
 Secunia Security Advisory - A vulnerability has been reported in various Symantec products, which can be exploited by malicious, local users to gain escalated privileges.
Homepage:http://secunia.com/advisories/26042/
File Size:3678
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:b1672e901fd516d2085db69c617b97b9

 ///  File Name: sa26124.txt
Description:
 Secunia Security Advisory - Sergio Alvarez has reported some vulnerabilities in NOD32 Antivirus, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26124/
File Size:3671
Last Modified:Jul 24 02:06:33 2007
MD5 Checksum:03e4b8e5799d12eaf989994a66279279

 ///  File Name: 07.09.07-1.txt
Description:
 iDefense Security Advisory 07.09.07 - Local exploitation of an input validation vulnerability within the NPF.SYS device driver of WinPcap allows attackers to execute arbitrary code in kernel context. The vulnerability specifically exists due to insufficient input validation when handling the Interrupt Request Packet (Irp) parameters passed to IOCTL 9031 (BIOCGSTATS). By passing carefully chosen parameters to this IOCTL, an attacker can overwrite arbitrary kernel memory. iDefense has confirmed the existence of this vulnerability in version 4.0 of WinPcap as included in Wireshark 0.99.5. The version of NPF.SYS tested was 4.0.0.755. Older versions are suspected to be vulnerable.
Author:Mario Ballano
Homepage:http://www.idefense.com/
File Size:3670
Last Modified:Jul 10 05:07:58 2007
MD5 Checksum:f82d75712873da8e8192b774dda27d9f

 ///  File Name: sa26187.txt
Description:
 Secunia Security Advisory - A vulnerability has been reported in Sun Java System Application Server, which can be exploited by malicious people to disclose certain sensitive information.
Homepage:http://secunia.com/advisories/26187/
File Size:3663
Last Modified:Jul 26 06:26:32 2007
MD5 Checksum:f08491524457de0e0509fb8b3bb64b8c

 ///  File Name: sa26095.txt
Description:
 Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks and potentially to compromise a user's system.
Homepage:http://secunia.com/advisories/26095/
File Size:3658
Last Modified:Jul 19 04:44:59 2007
MD5 Checksum:a658b90f4fda47b53875ea26e3b8d31b

 ///  File Name: 07.11.07-6.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of a local file inclusion vulnerability in gpg_help.php in version 2.0 of the SquirrelMail G/PGP Plugin could allow an authenticated webmail user to execute arbitrary PHP code under the security context of the running web server. iDefense has confirmed the existence of this vulnerability in version 2.0 of the G/PGP Encryption Plugin for SquirrelMail. It is suspected that earlier versions of the plug-in are also affected.
Homepage:http://www.idefense.com/
File Size:3641
Related CVE(s):CVE-2006-4169
Last Modified:Jul 12 04:19:41 2007
MD5 Checksum:40a6dd2a758ab52216078a1dadd0edc1

 ///  File Name: rt-sa-2007-007.txt
Description:
 ActiveWeb Contentserver CMS versions 5.6.2929 and below suffer from a permissions settings security issue.
Homepage:http://www.redteam-pentesting.de/
File Size:3613
Related CVE(s):CVE-2007-3018
Last Modified:Jul 14 00:23:35 2007
MD5 Checksum:d8c620ba7a554e369327d362c0cbe1b1

 ///  File Name: sa26035.txt
Description:
 Secunia Security Advisory - iDefense has reported some vulnerabilities in the SquirrelMail G/PGP Encryption Plugin, which can be exploited by malicious users and malicious people to disclose sensitive information or to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26035/
File Size:3604
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:47800dd08d36d2a1d583479a7e1f46c9

 ///  File Name: sa26223.txt
Description:
 Secunia Security Advisory - Mandriva has issued an update for tcpdump. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/26223/
File Size:3600
Last Modified:Jul 27 05:17:23 2007
MD5 Checksum:f9392388100c14922423c311a03d742c

 ///  File Name: sa26088.txt
Description:
 Secunia Security Advisory - Some vulnerabilities have been reported in various CA products, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26088/
File Size:3597
Last Modified:Jul 19 04:44:59 2007
MD5 Checksum:acc5d86bf8b36271e7c720a390ed1f0d

 ///  File Name: glsa-200707-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200707-02 - John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the prdata tag in RTF files where the first token is smaller than the second one (CVE-2007-0245). Additionally, the OpenOffice binary program is shipped with a version of FreeType that contains an integer signedness error in the n_points variable in file truetype/ttgload.c, which was covered by GLSA 200705-22 (CVE-2007-2754). Versions less than 2.2.1 are affected.
Homepage:http://security.gentoo.org
File Size:3582
Related CVE(s):CVE-2007-0245, CVE-2007-2754
Last Modified:Jul 3 01:13:16 2007
MD5 Checksum:039aac205f958932d3e5426c0060d9c3

 ///  File Name: 07.11.07-2.txt
Description:
 iDefense Security Advisory 07.11.07 - Local exploitation of an input validation vulnerability in version 5.5.1.6 of symtdi.sys allows attackers to elevate privileges to SYSTEM. The vulnerability specifically exists due to improper address space validation when the \\symTDI\ device driver processes IOCTL 0x83022323. An attacker can overwrite an arbitrary address, including code segments, with a constant double word value by supplying a specially crafted Irp to the IOCTL handler function. iDefense confirmed this vulnerability in version 5.5.1.6 of Symantec's symtdi.sys device driver as included with version 10 of Symantec AntiVirus Corporate Edition. Previous versions and related products that contain the affected driver are suspected vulnerable.
Author:Zohiartze Herce
Homepage:http://www.idefense.com/
File Size:3537
Related CVE(s):CVE-2007-3673
Last Modified:Jul 12 04:12:12 2007
MD5 Checksum:bfa8d5d856fa94a003e3308a03769383

 ///  File Name: sa26123.txt
Description:
 Secunia Security Advisory - Some vulnerabilities have been reported in Ipswitch IMail Server and Collaboration Suite, which can be exploited by malicious users and malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26123/
File Size:3533
Last Modified:Jul 20 07:47:25 2007
MD5 Checksum:e91f4f3b89ac9704f6472d6181fbe89c

 ///  File Name: MDKSA-2007-148.txt
Description:
 Mandriva Linux Security Advisory - An integer overflow in tcpdump could allow a remote attacker to execute arbitrary code via crafted TLVs in a BGP packet.
Homepage:http://www.mandriva.com/security/
File Size:3524
Related CVE(s):CVE-2007-3798
Last Modified:Jul 26 07:07:05 2007
MD5 Checksum:22cc421a2ff6e6f4a9dd043b8f522625

 ///  File Name: 07.26.07-3.txt
Description:
 iDefense Security Advisory 07.26.07 - Local exploitation of multiple buffer overflow vulnerabilities in the 'ftp' program, as included with IBM Corp.'s AIX operating system, allow an attacker to execute arbitrary code with root privileges. iDefense has confirmed the existence of this vulnerability in AIX version 5.3 with service pack 6. Previous versions may also be affected.
Homepage:http://www.idefense.com/
Related Exploit:aix53-ftp.txt
File Size:3524
Related CVE(s):CVE-2007-4004
Last Modified:Jul 28 04:02:45 2007
MD5 Checksum:46ff849350b0dd5d6e2524262b69fd3c
 

 ///  Last 10 Files
  1. :· USN-686-1.txt
  2. :· USN-685-1.txt
  3. :· clamav0941-overflow.txt
  4. :· SSRT080141.txt
  5. :· cainabel-overflow.txt
  6. :· SVRT-06-08.txt
  7. :· radasm-hijack.txt
  8. :· joomlajmovies-sql.txt
  9. :· yappang-xss.txt
  10. :· buzzywall-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· USN-686-1.txt
  2. :· USN-685-1.txt
  3. :· SSRT080141.txt
  4. :· SVRT-06-08.txt
  5. :· proclan-fixation.txt
  6. :· dsa-1679-1.txt
  7. :· dsa-1678-1.txt
  8. :· VMSA-2008-0019.txt
  9. :· USN-684-1.txt
  10. :· dsa-1677-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· clamav0941-overflow.txt
  2. :· cainabel-overflow.txt
  3. :· radasm-hijack.txt
  4. :· joomlajmovies-sql.txt
  5. :· yappang-xss.txt
  6. :· buzzywall-xss.txt
  7. :· freekot-sql.txt
  8. :· revsense-sqlxss.txt
  9. :· sailplanner-sqlxsslfi.txt
  10. :· securedownload-xsscm.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· vncrush.txt
  2. :· rshatter.txt
  3. :· Exomind-v0.2.tar.gz
  4. :· clamav-0.94.2.tar.gz
  5. :· cadfile.zip
  6. :· anehta-v0.6.0fixed2.zip
  7. :· tagfuzz.txt
  8. :· BrowserRider.20081124.tar.bz2
  9. :· mp3nema-v0_2.tar.gz
  10. :· squid-nufw-helper-1.1.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· binsh-shellcode.txt
  2. :· catshadow-shellcode.txt
  3. :· fsharp-reverse.pdf
  4. :· sqlinj-insouts.txt
  5. :· format-string-linux.txt
  6. :· frame-pointer-overwrite-linux.txt
  7. :· iptablesf.txt
  8. :· nufw-2.2.19.tar.gz
  9. :· frhack2009-cfp.txt
  10. :· oracle-forensics-scns.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice