.:[ packet storm ]:.
                             
the one stop shop
the one stop shop

 Section:  .. / 0710-advisories  /

Page 8 of 27
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 >> Files 175 - 200 of 664
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sa27235.txt
Description:
 Secunia Security Advisory - Fedora has issued an update for openssh. This fixes a vulnerability, which can be exploited by malicious people to inject certain data.
Homepage:http://secunia.com/advisories/27235/
File Size:3561
Last Modified:Oct 16 18:06:25 2007
MD5 Checksum:a34ae558bcac482b964604c6598853ff

 ///  File Name: 10.30.07-1.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a file access vulnerability in the swcons command included in multiple versions of IBM Corp.'s AIX could allow for the creation or modification of arbitrary files anywhere on the system. The vulnerability specifically exists due to a lack of sanity checking when using the -p option. If a user specifies a file with the -p option, the contents of that file will be overwritten with 65,535 bytes of uncontrolled data. If the file doesn't exist, it will be created. In both cases, the file will also be converted to mode 222, which allows all users on the system to modify it. By specifying a system file, users can cause a denial of service condition or elevate privileges. iDefense has confirmed the existence of this vulnerability on IBM AIX version 5.2. It is suspected that previous versions are also vulnerable.
Author:Alex DeLarge
Homepage:http://www.idefense.com/
File Size:3531
Last Modified:Oct 30 20:16:36 2007
MD5 Checksum:fcf212ebff605766dd2255cf3455a4a9

 ///  File Name: NISR17102007C.txt
Description:
 NGSSoftware Insight Security Research Advisory - The Oracle TNS Listener suffers from denial of service and/or remote memory inspection vulnerabilities. Systems affected include Oracle 8.1.7.4, 10g Release 2 and 1, Oracle 9.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/
File Size:3527
Last Modified:Oct 18 18:17:51 2007
MD5 Checksum:4b1d5b9c9a68052baf1d1b81653d3661

 ///  File Name: sa27393.txt
Description:
 Secunia Security Advisory - Hiroshi Ukai has reported some vulnerabilities in Ichitaro, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/27393/
File Size:3524
Last Modified:Oct 26 10:50:59 2007
MD5 Checksum:cdb53bf1dfa6db68cc8514483c9488d0

 ///  File Name: dropteamz.txt
Description:
 Dropteam versions 1.3.3 and below suffer from format string, buffer overflow, and various other vulnerabilities.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related Exploit:dropteamz.zip
File Size:3513
Last Modified:Oct 5 22:58:58 2007
MD5 Checksum:a910e08f8d7f3080129bd9908b0b416c

 ///  File Name: sa27303.txt
Description:
 Secunia Security Advisory - Debian has issued an update for zoph. This fixes a vulnerability, which can be exploited by malicious users to conduct SQL injection attacks.
Homepage:http://secunia.com/advisories/27303/
File Size:3503
Last Modified:Oct 22 14:39:08 2007
MD5 Checksum:d039b50cb092d52f3d6379a98d987232

 ///  File Name: 10.30.07-3.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of an integer underflow vulnerability in the dig program of IBM Corp.'s AIX operating system allows attackers to execute arbitrary code with root privileges. The problem specifically exists within dns_name_fromtext function within the libdns.a library. This function is called when processing the '-y' command line parameter to the dig program. By supplying a specially crafted TSIG key parameter, an attacker is able to cause an integer underflow, resulting in potentially exploitable heap corruption. iDefense has confirmed the existence of this vulnerability within AIX version 5.2. Previous versions are suspected to be vulnerable. AIX 5.3 is not vulnerable since the dig command is no longer installed set-uid root.
Homepage:http://www.idefense.com/
File Size:3499
Related CVE(s):CVE-2007-4622
Last Modified:Oct 30 20:27:09 2007
MD5 Checksum:e9d35b47c15f1b28d3fd059f92b68189

 ///  File Name: 10.11.07-1.txt
Description:
 iDefense Security Advisory 10.11.07 - Remote exploitation of multiple integer overflow vulnerabilities in libFLAC, as included with various vendor's software distributions, allows attackers to execute arbitrary code in the context of the currently logged in user. iDefense has confirmed the existence of these vulnerabilities libFLAC 1.2.0, as well as the version of libFLAC included in in the full 5.35 version Winamp. Previous versions of libFLAC may also be vulnerable. The lite version of Winamp does not include support for the FLAC file format, and as such is not vulnerable.
Author:Sean de Regge
Homepage:http://www.idefense.com/
File Size:3498
Related CVE(s):CVE-2007-4619
Last Modified:Oct 12 00:50:47 2007
MD5 Checksum:bcc16cceb11c1fb4471c36b4ce403c72

 ///  File Name: sa27217.txt
Description:
 Secunia Security Advisory - Fedora has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Homepage:http://secunia.com/advisories/27217/
File Size:3489
Last Modified:Oct 16 18:55:57 2007
MD5 Checksum:f50d52c32b7a5ee8f9584434fedd23e3

 ///  File Name: 10.30.07-6.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a buffer overflow vulnerability in the ftp client of IBM Corp.'s AIX operating system allows attackers to execute arbitrary code with root privileges. The problem specifically exists within the domacro() function. This function is called when executing a macro via the '$' command within the ftp program. When executing a macro, the parameter is copied to a fixed size stack buffer using an unbounded call to strcpy(). By specifying a long argument, an attacker is able to overwrite program control data located on the stack and take control of the affected process. iDefense has confirmed the existence of this vulnerability in AIX version 5.3 (5300-06). Previous versions are suspected to be vulnerable.
Author:Joshua J. Drake
Homepage:http://www.idefense.com/
File Size:3482
Related CVE(s):CVE-2007-4217
Last Modified:Oct 30 20:30:04 2007
MD5 Checksum:3e29520806c28983f3fe4b7bdecdcd7d

 ///  File Name: bthomehub.txt
Description:
 It appears that the BT Home Hub is susceptible to some critical vulnerabilities.
Author:pagvac
File Size:3469
Last Modified:Oct 10 01:36:17 2007
MD5 Checksum:bdb5d6bad9d4d27dc5d6883def4166aa

 ///  File Name: sa27092.txt
Description:
 Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/27092/
File Size:3457
Last Modified:Oct 10 00:59:53 2007
MD5 Checksum:6238f6f051cd4b71d31b336f73c39f74

 ///  File Name: 10.31.07-2.txt
Description:
 iDefense Security Advisory 10.31.07 - Remote exploitation of a directory traversal vulnerability in Symantec's Altiris Deployment Solution products could allow attackers to gain read access to arbitrary files hosted on the Altiris server. iDefense confirmed the existence of this vulnerability in Altiris Deployment Solution for Windows version 6.8. The specific vulnerable executable is pxemtftp.exe version 6.8.8297.48.
Author:Manuel Santamarina Suarez
Homepage:http://www.idefense.com/
File Size:3448
Related CVE(s):CVE-2007-3874
Last Modified:Oct 31 14:50:45 2007
MD5 Checksum:69c30592d1e81af223bc206a0d0fbd5f

 ///  File Name: sa27107.txt
Description:
 Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in DropTeam, which can be exploited by malicious people to disclose sensitive information or to potentially compromise a vulnerable system.
Homepage:http://secunia.com/advisories/27107/
File Size:3413
Last Modified:Oct 8 18:53:41 2007
MD5 Checksum:ef1cf68c506abab6892bddfe8a5d7c3e

 ///  File Name: 10.30.07-2.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a buffer overflow vulnerability in the crontab program of IBM Corp.'s AIX 5.2 operating system allows attackers to execute arbitrary code with root privileges. The problem specifically exists within the main function. While processing command line arguments, the crontab program will copy a user-supplied argument to a fixed size BSS (data segment) buffer. Since no bounds checking is performed, it's possible to overwrite a large portion of the data stored in the BSS memory area. iDefense has confirmed the existence of this vulnerability within AIX version 5.2. Previous versions are suspected to be vulnerable. AIX 5.3 does not appear to be vulnerable.
Homepage:http://www.idefense.com/
File Size:3402
Related CVE(s):CVE-2007-4621
Last Modified:Oct 30 20:26:17 2007
MD5 Checksum:702b614f37ff173a32386b75ea06bd8c

 ///  File Name: ZDI-07-056.txt
Description:
 Multiple vulnerabilities including a stack overflow and some denial of service issues exist in the IBM DB2 Universal Database versions 8.1 and 8.2.
Homepage:http://www.zerodayinitiative.com/
File Size:3402
Related CVE(s):CVE-2007-5324
Last Modified:Oct 11 00:24:10 2007
MD5 Checksum:7c162f9c28d01305de933fd6f76e4a7e

 ///  File Name: ZDI-07-055.txt
Description:
 A vulnerability allows remote attackers to crash systems with vulnerable installations of the Microsoft Windows operating system. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC runtime library rpcrt4.dll during the parsing of RPC-level authentication messages. When parsing packets with the authentication type of NTLMSSP and the authentication level of PACKET, an invalid memory dereference can occur if the verification trailer signature is initialized to 0 as opposed to the standard NTLM signature. Successful exploitation crashes the RPC service and subsequently the entire operating system.
Author:Tenable Network Security
Homepage:http://www.zerodayinitiative.com/
File Size:3384
Related CVE(s):CVE-2007-2228
Last Modified:Oct 11 00:22:06 2007
MD5 Checksum:8bc0b6bda857bf489e188ca6910a1499

 ///  File Name: sa27357.txt
Description:
 Secunia Security Advisory - Some vulnerabilities have been reported in DeleGate, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Homepage:http://secunia.com/advisories/27357/
File Size:3374
Last Modified:Oct 23 19:22:54 2007
MD5 Checksum:2f2e2fce311e4161cdd96bed6287ae50

 ///  File Name: sa27089.txt
Description:
 Secunia Security Advisory - Fedora has issued an update for kdebase. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
Homepage:http://secunia.com/advisories/27089/
File Size:3370
Last Modified:Oct 8 18:53:41 2007
MD5 Checksum:524d69f82354ef01887a3223ffde8b78

 ///  File Name: ZDI-07-063.txt
Description:
 A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .ra/.ram file or visit a malicious web site. The specific flaw exists during the parsing of files with improperly defined size field in the RA header. Specifying a large unsigned value data can trigger a heap corruption and further result in arbitrary code execution under the context of the logged in user. RealPlayer version 6.x is affected.
Homepage:http://www.zerodayinitiative.com/
File Size:3369
Related CVE(s):CVE-2007-2264
Last Modified:Oct 31 20:15:43 2007
MD5 Checksum:eb5b90fccb5533e1ccebb7834eb7d15e

 ///  File Name: glsa-200710-15.txt
Description:
 Gentoo Linux Security Advisory GLSA 200710-15 - Kees Huijgen discovered an error when checking the credentials which can lead to a login without specifying a password. This only occurs when auto login is configured for at least one user and a password is required to shut down the machine. Versions less than 3.5.7-r2 are affected.
Homepage:http://security.gentoo.org
File Size:3367
Related CVE(s):CVE-2007-4569
Last Modified:Oct 15 19:09:18 2007
MD5 Checksum:8333f83b98a00eca994e84c9460a9253

 ///  File Name: ZDI-07-062.txt
Description:
 A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .pls file or visit a malicious web site. The specific flaw exists during the parsing of corrupted playlist files. Malicious corruption causes RealPlayer to call into a static heap address which can be leveraged by an attacker resulting in arbitrary code execution under the context of the logged in user. RealPlayer version 10.5 is affected.
Homepage:http://www.zerodayinitiative.com/
File Size:3358
Related CVE(s):CVE-2007-4599
Last Modified:Oct 31 20:12:32 2007
MD5 Checksum:074f8d8d9055f0f6f4efb9f23aa9e401

 ///  File Name: ZDI-07-060.txt
Description:
 A vulnerability allows remote attackers to access arbitrary files on systems with vulnerable installations of Hewlett-Packard OpenView Radia Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server bound by default to TCP port 3465. Insufficient checks on URLs containing paths such as '~root' allows attackers to access arbitrary files in the underlying OS. Accessing configuration files that contain LDAP and database credentials can lead to further compromise.
Homepage:http://www.zerodayinitiative.com/
File Size:3344
Related CVE(s):CVE-2007-5413
Last Modified:Oct 31 20:10:18 2007
MD5 Checksum:081c864866913feed72bad6c5a358666

 ///  File Name: sa27361.txt
Description:
 Secunia Security Advisory - Multiple vulnerabilities have been reported in RealPlayer/RealOne/HelixPlayer, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/27361/
File Size:3323
Last Modified:Oct 29 11:03:58 2007
MD5 Checksum:5231b7dfcc28f38e4c8fc7f2946fc170

 ///  File Name: sa27387.txt
Description:
 Secunia Security Advisory - Fedora has issued an update for firefox. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
Homepage:http://secunia.com/advisories/27387/
File Size:3320
Last Modified:Oct 24 23:40:24 2007
MD5 Checksum:76fa33758fa415ad2d558786d3ad52ab
 

 ///  Last 10 Files
  1. :· pacpoll-disclose.txt
  2. :· USN-682-1.txt
  3. :· USN-681-1.txt
  4. :· BMSA-2008-09.txt
  5. :· webhub-bypass.txt
  6. :· infinite-bypass.txt
  7. :· VA_VD_87_08_XRDP.pdf
  8. :· TKADV2008-013.txt
  9. :· sqlinj-insouts.txt
  10. :· bcoos1013-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· USN-682-1.txt
  2. :· USN-681-1.txt
  3. :· VA_VD_87_08_XRDP.pdf
  4. :· TKADV2008-013.txt
  5. :· dsa-1675-1.txt
  6. :· dsa-1674-1.txt
  7. :· dsa-1673-1.txt
  8. :· dsa-1672-1.txt
  9. :· USN-679-1.txt
  10. :· USN-680-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· pacpoll-disclose.txt
  2. :· BMSA-2008-09.txt
  3. :· webhub-bypass.txt
  4. :· infinite-bypass.txt
  5. :· bcoos1013-sql.txt
  6. :· preonline-cmsqlxss.txt
  7. :· preclass-sqlxss.txt
  8. :· aspportal-disclose.txt
  9. :· preshoppingmall-cmsqlxss.txt
  10. :· ezpoll-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· vncrush.txt
  2. :· rshatter.txt
  3. :· Exomind-v0.2.tar.gz
  4. :· clamav-0.94.2.tar.gz
  5. :· cadfile.zip
  6. :· anehta-v0.6.0fixed2.zip
  7. :· tagfuzz.txt
  8. :· BrowserRider.20081124.tar.bz2
  9. :· mp3nema-v0_2.tar.gz
  10. :· squid-nufw-helper-1.1.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· sqlinj-insouts.txt
  2. :· format-string-linux.txt
  3. :· frame-pointer-overwrite-linux.txt
  4. :· iptablesf.txt
  5. :· nufw-2.2.19.tar.gz
  6. :· frhack2009-cfp.txt
  7. :· oracle-forensics-scns.pdf
  8. :· cansecwest-2009.txt
  9. :· A5.1.zip
  10. :· a51-php.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice