.:[ packet storm ]:.
                             
the vulnerability safehouse
the vulnerability safehouse

 Section:  .. / 0701-advisories  /

Page 3 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 50 - 75 of 537
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: dsa-1250-1.txt
Description:
 Debian Security Advisory 1250-1 - It was discovered that cacti, a frontend to rrdtool, performs insufficient validation of data passed to the "cmd" script, which allows SQL injection and the execution of arbitrary shell commands.
Homepage:http://www.debian.org/security
File Size:2949
Related CVE(s):CVE-2006-6799
Last Modified:Jan 19 20:26:55 2007
MD5 Checksum:dc2bf06d9bd48296c0611d21fa444754

 ///  File Name: dsa-1251-1.txt
Description:
 Debian Security Advisory 1251-1 - It has been discovered that netrik, a text mode WWW browser with vi like keybindings, doesn't properly sanitize temporary filenames when editing textareas which could allow attackers to execute arbitrary commands via shell metacharacters.
Homepage:http://www.debian.org/security
File Size:5013
Related CVE(s):CVE-2006-6678
Last Modified:Jan 23 23:08:09 2007
MD5 Checksum:0b5fe92a420d657d2f587fec2d66d354

 ///  File Name: dsa-1252-1.txt
Description:
 Debian Security Advisory 1252-1 - Kevin Finisterre discovered several format string problems in vlc, a multimedia player and streamer, that could lead to the execution of arbitrary code.
Homepage:http://www.debian.org/security
File Size:43890
Related CVE(s):CVE-2007-0017
Last Modified:Jan 29 11:28:27 2007
MD5 Checksum:50f008dc34116d113f668e55e7928a24

 ///  File Name: dsa-1253-1.txt
Description:
 Debian Security Advisory 1253-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. Several vulnerabilities in the JavaScript engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. A bug in the js_dtoa function allows remote attackers to cause a denial of service. "shutdown" discovered a vulnerability that allows remote attackers to gain privileges and install malicious code via the watch JavaScript function. Steven Michaud discovered a programming bug that allows remote attackers to cause a denial of service. "moz_bug_r_a4" reported that the src attribute of an IMG element could be used to inject JavaScript code.
Homepage:http://www.debian.org/security
File Size:10927
Related CVE(s):CVE-2006-6497, CVE-2006-6498, CVE-2006-6499, CVE-2006-6501, CVE-2006-6502, CVE-2006-6503
Last Modified:Jan 29 11:32:11 2007
MD5 Checksum:71853013fa9f3eebef5078c94aff5f90

 ///  File Name: dsa-1254-1.txt
Description:
 Debian Security Advisory 1254-1 - It was discovered that the Bind name server daemon is vulnerable to denial of service by triggering an assertion through a crafted DNS query. This only affects installations which use the DNSSEC extensions. Please note that the CVE listed in this advisory is incorrect.
Homepage:http://www.debian.org/security
File Size:22297
Last Modified:Jan 29 19:47:18 2007
MD5 Checksum:b907768273ac2898bec098b21758ca35

 ///  File Name: earthlink-activex.txt
Description:
 Earthlink TotalAccess suffers from an unsafe method call that allows remote attackers to add entire individual e-mail addresses or entire domains to the spam whitelist.
Author:Ethan Hunt
File Size:1611
Last Modified:Jan 26 22:32:09 2007
MD5 Checksum:d433f72d84e7c858ff023856ccf0ed0f

 ///  File Name: ezdatabase213-xss.txt
Description:
 ezDatabase version 2.1.3 suffers from a cross site scripting flaw.
Author:Doz
Homepage:http://www.hackerscenter.com/
File Size:833
Last Modified:Jan 26 22:20:57 2007
MD5 Checksum:9438ca96b3625a29e0d7783ebbb14d07

 ///  File Name: fetchmail-SA-2006-02.txt
Description:
 Fetchmail has had several nasty password disclosure vulnerabilities for a long time. It was only recently that these have been found. This affects fetchmail versions 6.3.5 and below.
Author:Isaac Wilcox
Homepage:http://fetchmail.berlios.de/
File Size:4069
Related CVE(s):CVE-2006-5867
Last Modified:Jan 13 15:42:52 2007
MD5 Checksum:f1d54baf133f263538411470bb29fb11

 ///  File Name: fetchmail-SA-2006-03.txt
Description:
 Fetchmail 6.3.5 and early 6.3.6 release candidates, when delivering messages to a message delivery agent by means of the "mda" option, can crash (by passing a NULL pointer to ferror() and fflush()) when refusing a message. SMTP and LMTP delivery modes are not affected.
Author:Neil Hoggarth
Homepage:http://fetchmail.berlios.de/
File Size:2554
Related CVE(s):CVE-2006-5974
Last Modified:Jan 13 15:44:15 2007
MD5 Checksum:8e152072b90eeee5ed6904e578d6f1cc

 ///  File Name: fileup-disclose.txt
Description:
 SoftArtisans FileUp suffers from a remote script source disclosure vulnerability in viewsrc.asp.
Author:Inge Henriksen
Homepage:http://ingehenriksen.blogspot.com/
File Size:1159
Last Modified:Jan 1 21:54:29 2007
MD5 Checksum:2032c2f1c25d26f5b3e372b67d4958da

 ///  File Name: FreeBSD-SA-07.01.jail.txt
Description:
 FreeBSD Security Advisory - jail(2) is susceptible to a symlink related vulnerability due to a lack of sanity checking.
Author:Dirk Engling
Homepage:http://security.freebsd.org/
File Size:7617
Related CVE(s):CVE-2007-0166
Last Modified:Jan 13 19:12:57 2007
MD5 Checksum:d1a9cb5012bfa85ad24e4f4cd4c8bb87

 ///  File Name: freeradius113.txt
Description:
 A critical security vulnerability has been found in FreeRadius version 1.1.3. Arbitrary code execution is possible due to improper bounds-checking.
Author:sapheal
File Size:656
Last Modified:Jan 2 20:15:46 2007
MD5 Checksum:1a124f5f3053e76c7816ebfe3bca5273

 ///  File Name: gforge.txt
Description:
 GForce version 4.5.11 suffers from a cross site scripting vulnerability.
Author:Jose Palanco
File Size:736
Last Modified:Jan 13 17:31:12 2007
MD5 Checksum:073f35b5ef961ca9234a6e0370ca0fa2

 ///  File Name: glsa-200701-01.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-01 - Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that DenyHosts used an incomplete regular expression to parse failed login attempts. Versions less than 2.6 are affected.
Homepage:http://security.gentoo.org
File Size:2590
Last Modified:Jan 3 22:06:16 2007
MD5 Checksum:6c10235e685c078569658a91a167633b

 ///  File Name: glsa-200701-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-02 - An anonymous researcher found evidence of memory corruption in the way Mozilla Firefox handles certain types of SVG comment DOM nodes. Additionally, Frederik Reiss discovered a heap-based buffer overflow in the conversion of a CSS cursor. Other issues with memory corruption were also fixed. Mozilla Firefox also contains less severe vulnerabilities involving JavaScript and Java. Versions less than 1.5.0.9 are affected.
Homepage:http://security.gentoo.org
File Size:4278
Last Modified:Jan 5 02:34:07 2007
MD5 Checksum:343cd4595e649361925a05e2e28ff4ce

 ///  File Name: glsa-200701-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-03 - Georgi Guninski and David Bienvenu discovered buffer overflows in the processing of long Content-Type: and long non-ASCII MIME headers. Additionally, Frederik Reiss discovered a heap-based buffer overflow in the conversion of a CSS cursor. Different vulnerabilities involving memory corruption in the browser engine were also fixed. Mozilla Thunderbird also contains less severe vulnerabilities involving JavaScript and Java. Versions less than 1.5.0.9 are affected.
Homepage:http://security.gentoo.org
File Size:4093
Last Modified:Jan 5 02:34:25 2007
MD5 Checksum:9ac7abcd42771382de13026561f83eeb

 ///  File Name: glsa-200701-04.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-04 - An anonymous researcher found evidence of memory corruption in the way SeaMonkey handles certain types of SVG comment DOM nodes. Georgi Guninski and David Bienvenu discovered buffer overflows in the processing of long Content-Type: and long non-ASCII MIME email headers. Additionally, Frederik Reiss discovered a heap-based buffer overflow in the conversion of a CSS cursor. Several other issues with memory corruption were also fixed. SeaMonkey also contains less severe vulnerabilities involving JavaScript and Java. Versions less than 1.0.7 are affected.
Homepage:http://security.gentoo.org
File Size:4122
Last Modified:Jan 13 18:30:45 2007
MD5 Checksum:43908e5da5c2e6a39a34fcf3b48a6236

 ///  File Name: glsa-200701-05.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-05 - Marcus Meissner of the SUSE security team discovered a stack overflow vulnerability in the code processing EXIF information in the kfile JPEG info plugin. Versions less than 3.5.5-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2596
Last Modified:Jan 13 20:00:53 2007
MD5 Checksum:5ba8a757a118bf3dad2108eab8225def

 ///  File Name: glsa-200701-06.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-06 - w3m in -dump or -backend mode does not correctly handle printf() format string specifiers in the Common Name (CN) field of an X.509 SSL certificate. Versions less than 0.5.1-r4 are affected.
Homepage:http://security.gentoo.org
File Size:2581
Last Modified:Jan 13 20:01:07 2007
MD5 Checksum:a2e780abc83c689cf3dc1a79d7828c0c

 ///  File Name: glsa-200701-07.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-07 - John Heasman of NGSSoftware has discovered integer overflows in the EMR_POLYPOLYGON and EMR_POLYPOLYGON16 processing and an error within the handling of META_ESCAPE records. Versions less than 2.1.0 are affected.
Homepage:http://security.gentoo.org
File Size:3277
Last Modified:Jan 13 20:01:40 2007
MD5 Checksum:773ed98805fd2342a933048ee1b95508

 ///  File Name: glsa-200701-08.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-08 - Christoph Deal discovered that JPEG files with a specially crafted DHT marker can be exploited to cause a heap overflow. Furthermore, an anonymous person discovered that Opera does not correctly handle objects passed to the createSVGTransformFromMatrix() function. Versions less than 9.10 are affected.
Homepage:http://security.gentoo.org
File Size:3094
Last Modified:Jan 13 20:01:56 2007
MD5 Checksum:b9390704b0a88f412d42778f70031082

 ///  File Name: glsa-200701-09.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-09 - By specifying an unsupported address family in the arguments to a LPRT or LPASV command, an assertion in oftpd will cause the daemon to abort. Versions less than 0.3.7-r3 are affected.
Homepage:http://security.gentoo.org
File Size:2410
Last Modified:Jan 15 22:24:25 2007
MD5 Checksum:08417d7dc5ed17bb271f0f1ce1f8b9e3

 ///  File Name: glsa-200701-10.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-10 - When decoding trackbacks with alternate character sets, WordPress does not correctly sanitize the entries before further modifying a SQL query. WordPress also displays different error messages in wp-login.php based upon whether or not a user exists. David Kierznowski has discovered that WordPress fails to properly sanitize recent file information in /wp-admin/templates.php before sending that information to a browser. Versions less than 2.0.6 are affected.
Homepage:http://security.gentoo.org
File Size:3292
Last Modified:Jan 15 22:39:07 2007
MD5 Checksum:dcb3e28bd38089a1c38245d8ab203566

 ///  File Name: glsa-200701-11.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-11 - Kronolith contains a mistake in lib/FBView.php where a raw, unfiltered string is used instead of a sanitized string to view local files. Versions less than 2.1.4 are affected.
Homepage:http://security.gentoo.org
File Size:2688
Last Modified:Jan 19 19:36:54 2007
MD5 Checksum:a77646fe48b24d4a6757bc41bf1a949b

 ///  File Name: glsa-200701-12.txt
Description:
 Gentoo Linux Security Advisory GLSA 200701-12 - José Ramón Palanco has discovered that the System.Web class in the XSP for the ASP.NET server 1.1 through 2.0 in Mono does not properly validate or sanitize local pathnames which could allow server-side file content disclosure. Versions less than 1.2.2.1 are affected.
Homepage:http://security.gentoo.org
File Size:2677
Last Modified:Jan 19 19:37:13 2007
MD5 Checksum:6363c3536927f77a8df6cbd3523358aa
 

 ///  Last 10 Files
  1. :· browser_insecurity_iceberg_2008.pdf
  2. :· SSRT080039.txt
  3. :· 25C3-CFP.txt
  4. :· SCANIT-2008-003.txt
  5. :· SCANIT-2008-002.txt
  6. :· SCANIT-2008-001.txt
  7. :· usurdat.zip
  8. :· usurdat.txt
  9. :· glsa-200807-02.txt
  10. :· glsa-200807-01.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· SSRT080039.txt
  2. :· SCANIT-2008-003.txt
  3. :· SCANIT-2008-002.txt
  4. :· SCANIT-2008-001.txt
  5. :· usurdat.txt
  6. :· glsa-200807-02.txt
  7. :· glsa-200807-01.txt
  8. :· USN-617-2.txt
  9. :· haloloop2.txt
  10. :· stalker39x.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· usurdat.zip
  2. :· blogparticle-traverse.txt
  3. :· hbr-rfi.txt
  4. :· 0806-exploits.tgz
  5. :· mambongal-sql.txt
  6. :· psys070-sql.txt
  7. :· pivot-disclosure.txt
  8. :· rcm-sql.txt
  9. :· barenuked-admin.txt
  10. :· faname10-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· pktanon-1.2.0-dev.tar.gz
  2. :· unhide20080519.tgz
  3. :· prelude-manager-0.9.13.tar.gz
  4. :· nwldapbf.txt
  5. :· dnsenum1.2.tar.gz
  6. :· grubbrute.txt
  7. :· bsqlbf-v2.1.zip
  8. :· rfdump-1.6.tar.gz
  9. :· tmin-0.04.tar.gz
  10. :· iptables-1.4.1.1.tar.bz2
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· browser_insecurity_iceberg_2008.pdf
  2. :· 25C3-CFP.txt
  3. :· bacom2008-cfp.txt
  4. :· strongswan-4.2.4.tar.gz
  5. :· Reverse.Engineering.AntiCracking.Techniques.pdf
  6. :· An-approach-to-malware-collection-log-visualization.pdf
  7. :· the-extended-html-form-attack-revisited.pdf
  8. :· ISOI-CFP2008.txt
  9. :· DEFE-24-1925.pdf
  10. :· DEFE-24-1924.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice