.:[ packet storm ]:.
                             
pushing oppressive envelopes
pushing oppressive envelopes

 Section:  .. / 0710-advisories  /

Page 2 of 27
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 >> Files 25 - 50 of 664
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: sa27458.txt
Description:
 Secunia Security Advisory - Bernhard Mueller has reported a vulnerability in Perdition, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Homepage:http://secunia.com/advisories/27454/
File Size:2627
Last Modified:Oct 31 14:46:50 2007
MD5 Checksum:6428795cc680c4c8f840a557727a3011

 ///  File Name: sa27454.txt
Description:
 Secunia Security Advisory - Duncan Gilmore has discovered a vulnerability in yarssr, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/27454/
File Size:2569
Last Modified:Oct 31 14:45:50 2007
MD5 Checksum:9d829529741529bc8f1021c76a2ea27c

 ///  File Name: macosx-fwissues.txt
Description:
 It appears that the firewall on the new Mac OS X Leopard system is a bit botched.
Author:Juergen Schmidt
Homepage:http://www.heise-security.co.uk/
File Size:1382
Last Modified:Oct 31 11:15:48 2007
MD5 Checksum:bdd41cdbb1eb7588c57821fad260351b

 ///  File Name: SA-20071031-0.txt
Description:
 SEC Consult Security Advisory 20071031-0 - The Perdition Mail Retrieval Proxy versions 1.17 and below suffer from a format string vulnerability.
Author:Bernhard Mueller
Homepage:http://www.sec-consult.com/
File Size:4152
Last Modified:Oct 31 11:14:35 2007
MD5 Checksum:8b94c6a2ea934c2582c4c95be156a6a6

 ///  File Name: secunia-cups.txt
Description:
 Secunia Research has discovered a vulnerability in CUPS, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "ippReadIO()" function in cups/ipp.c when processing IPP (Internet Printing Protocol) tags.
Author:Alin Rad Pop
Homepage:http://secunia.com/
File Size:4637
Related CVE(s):CVE-2007-4351
Last Modified:Oct 31 11:12:21 2007
MD5 Checksum:f050529925963e4d354c1ae9af386929

 ///  File Name: secunia-mcafee.txt
Description:
 Secunia Research has discovered a vulnerability in McAfee E-Business Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow within the e-Business administration utility service when parsing authentication packets. Affected is McAfee E-Business Server for Linux version 8.1.1.
Author:Dyon Balding
Homepage:http://secunia.com/
File Size:4802
Related CVE(s):CVE-2007-2957
Last Modified:Oct 31 11:11:02 2007
MD5 Checksum:6dae62c7ecd1fa070332a3f1e761cc2d

 ///  File Name: glsa-200710-30-2.txt
Description:
 Gentoo Linux Security Advisory GLSA 200710-30:02 - Andy Polyakov reported a vulnerability in the OpenSSL toolkit, that is caused due to an unspecified off-by-one error within the DTLS implementation. Versions greater than or equal to 0.9.8f are affected.
Homepage:http://security.gentoo.org
File Size:3006
Related CVE(s):CVE-2007-4995
Last Modified:Oct 30 20:31:44 2007
MD5 Checksum:d512f124ed8f60961db844caffc013cb

 ///  File Name: glsa-200710-31.txt
Description:
 Gentoo Linux Security Advisory GLSA 200710-31 - Michael A. Puls II discovered an unspecified flaw when launching external email or newsgroup clients. David Bloom discovered that when displaying frames from different websites, the same-origin policy is not correctly enforced. Versions less than 9.24 are affected.
Homepage:http://security.gentoo.org/
File Size:3022
Related CVE(s):CVE-2007-5540, CVE-2007-5541
Last Modified:Oct 30 20:31:36 2007
MD5 Checksum:7fab15791e85f4456625c973666069b1

 ///  File Name: 10.30.07-7.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a buffer overflow vulnerability in the bellmail program of IBM Corp.'s AIX operating system allows attackers to execute arbitrary code with root privileges. The problem specifically exists within sendrmt function. This function is called when a user tries to send mail using the "m" command. Within this function, several sprintf calls are made to concatenate user-supplied input with static strings. No bounds checking is performed to ensure that the resulting string will fit in the destination buffer located on the stack. By supplying a long parameter, an attacker is able to overwrite program control data located on the stack and take control of the affected process. iDefense has confirmed the existence of this vulnerability within AIX version 5.3 (5300-06) and 5.2. Previous versions are suspected to be vulnerable.
Author:Joshua J. Drake
Homepage:http://www.idefense.com/
File Size:3883
Related CVE(s):CVE-2007-4623
Last Modified:Oct 30 20:30:58 2007
MD5 Checksum:a185a185af8ec2c2ce27a46a467d032d

 ///  File Name: 10.30.07-6.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a buffer overflow vulnerability in the ftp client of IBM Corp.'s AIX operating system allows attackers to execute arbitrary code with root privileges. The problem specifically exists within the domacro() function. This function is called when executing a macro via the '$' command within the ftp program. When executing a macro, the parameter is copied to a fixed size stack buffer using an unbounded call to strcpy(). By specifying a long argument, an attacker is able to overwrite program control data located on the stack and take control of the affected process. iDefense has confirmed the existence of this vulnerability in AIX version 5.3 (5300-06). Previous versions are suspected to be vulnerable.
Author:Joshua J. Drake
Homepage:http://www.idefense.com/
File Size:3482
Related CVE(s):CVE-2007-4217
Last Modified:Oct 30 20:30:04 2007
MD5 Checksum:3e29520806c28983f3fe4b7bdecdcd7d

 ///  File Name: 10.30.07-5.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a stack buffer overflow vulnerability in IBM Corp.'s AIX operating system may allow an attacker to execute arbitrary code with root privileges. The vulnerability exists within the parsing of the '-V' command line option. The argument to this option is copied into a fixed size stack buffer using the sprintf() function without properly validating the length. This leads to an exploitable stack buffer overflow. iDefense has confirmed the existence of this vulnerability in AIX version 5.2 and 5.3. Previous versions may also be affected.
Author:Sean Larsson
Homepage:http://www.idefense.com/
File Size:3093
Related CVE(s):CVE-2007-4513
Last Modified:Oct 30 20:29:14 2007
MD5 Checksum:6b7ef8143a1978882368835cc0236a7f

 ///  File Name: 10.30.07-4.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a stack buffer overflow vulnerability in IBM Corp.'s AIX operating system may allow an attacker to execute arbitrary code with root privileges. The vulnerability exists within the parsing of the '-p' command line option. The argument to this option is copied into a fixed size stack buffer using the sprintf() function without properly validating the length. This leads to an exploitable stack buffer overflow. iDefense has confirmed the existence of this vulnerability in AIX version 5.2 and 5.3. Previous versions may also be affected.
Author:Sean Larsson
Homepage:http://www.idefense.com/
File Size:3076
Related CVE(s):CVE-2007-4513
Last Modified:Oct 30 20:28:14 2007
MD5 Checksum:f2ea5507b88b98c70d8372163d1fd68c

 ///  File Name: 10.30.07-3.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of an integer underflow vulnerability in the dig program of IBM Corp.'s AIX operating system allows attackers to execute arbitrary code with root privileges. The problem specifically exists within dns_name_fromtext function within the libdns.a library. This function is called when processing the '-y' command line parameter to the dig program. By supplying a specially crafted TSIG key parameter, an attacker is able to cause an integer underflow, resulting in potentially exploitable heap corruption. iDefense has confirmed the existence of this vulnerability within AIX version 5.2. Previous versions are suspected to be vulnerable. AIX 5.3 is not vulnerable since the dig command is no longer installed set-uid root.
Homepage:http://www.idefense.com/
File Size:3499
Related CVE(s):CVE-2007-4622
Last Modified:Oct 30 20:27:09 2007
MD5 Checksum:e9d35b47c15f1b28d3fd059f92b68189

 ///  File Name: 10.30.07-2.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a buffer overflow vulnerability in the crontab program of IBM Corp.'s AIX 5.2 operating system allows attackers to execute arbitrary code with root privileges. The problem specifically exists within the main function. While processing command line arguments, the crontab program will copy a user-supplied argument to a fixed size BSS (data segment) buffer. Since no bounds checking is performed, it's possible to overwrite a large portion of the data stored in the BSS memory area. iDefense has confirmed the existence of this vulnerability within AIX version 5.2. Previous versions are suspected to be vulnerable. AIX 5.3 does not appear to be vulnerable.
Homepage:http://www.idefense.com/
File Size:3402
Related CVE(s):CVE-2007-4621
Last Modified:Oct 30 20:26:17 2007
MD5 Checksum:702b614f37ff173a32386b75ea06bd8c

 ///  File Name: 10.30.07-1.txt
Description:
 iDefense Security Advisory 10.30.07 - Local exploitation of a file access vulnerability in the swcons command included in multiple versions of IBM Corp.'s AIX could allow for the creation or modification of arbitrary files anywhere on the system. The vulnerability specifically exists due to a lack of sanity checking when using the -p option. If a user specifies a file with the -p option, the contents of that file will be overwritten with 65,535 bytes of uncontrolled data. If the file doesn't exist, it will be created. In both cases, the file will also be converted to mode 222, which allows all users on the system to modify it. By specifying a system file, users can cause a denial of service condition or elevate privileges. iDefense has confirmed the existence of this vulnerability on IBM AIX version 5.2. It is suspected that previous versions are also vulnerable.
Author:Alex DeLarge
Homepage:http://www.idefense.com/
File Size:3531
Last Modified:Oct 30 20:16:36 2007
MD5 Checksum:fcf212ebff605766dd2255cf3455a4a9

 ///  File Name: sa27438.txt
Description:
 Secunia Security Advisory - A security issue has been reported in Liferea, which can be exploited by malicious, local users to disclose sensitive information.
Homepage:http://secunia.com/advisories/27438/
File Size:2386
Last Modified:Oct 30 19:58:36 2007
MD5 Checksum:69b45d7d6b4d0267956e72e781be0e40

 ///  File Name: sa26905.txt
Description:
 Secunia Security Advisory - Secunia Research has discovered a vulnerability in the IMail Client, which potentially can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/26905/
File Size:2745
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:cefa3411dc88b877a12b9ab9fd410c8b

 ///  File Name: sa27384.txt
Description:
 Secunia Security Advisory - Fatih Ozavci and Caglar Cakici have reported some vulnerabilities in RSA KEON Registration Authority, which can be exploited by malicious people to conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/27384/
File Size:2781
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:e45790b0c1f3d19af9ec60c2eb2af0fe

 ///  File Name: sa27395.txt
Description:
 Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Homepage:http://secunia.com/advisories/27395/
File Size:2462
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:6771941ae935718e881cca19395e77b4

 ///  File Name: sa27399.txt
Description:
 Secunia Security Advisory - SUSE has issued updates for multiple packages. These fix some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges, and by malicious people to conduct cross-site scripting attacks and compromise a user's system.
Homepage:http://secunia.com/advisories/27399/
File Size:2987
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:5f3aaa96ee8a096b691f2f3cd1122233

 ///  File Name: sa27407.txt
Description:
 Secunia Security Advisory - Janek Vind has discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/27407/
File Size:2708
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:d0583679f2a8d08ede25326a0321d7e5

 ///  File Name: sa27416.txt
Description:
 Secunia Security Advisory - A vulnerability has been reported in Sun Fire X2100 M2 and X2200 M2, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/27416/
File Size:2684
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:ddc7e3aab0102baadb91d2dca4fcbc63

 ///  File Name: sa27418.txt
Description:
 Secunia Security Advisory - rgod has discovered a vulnerability in GOM Player, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/27418/
File Size:2534
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:c5332f19e665b68fd070a1ba2f3dc3c1

 ///  File Name: sa27430.txt
Description:
 Secunia Security Advisory - 0x90 has reported a vulnerability in PHP-AGTC membership system, which can be exploited by malicious people to bypass certain security restrictions.
Homepage:http://secunia.com/advisories/27430/
File Size:2335
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:c1efb5259112ab2caa152220c994b467

 ///  File Name: sa27432.txt
Description:
 Secunia Security Advisory - Fedora has issued an update for ruby. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
Homepage:http://secunia.com/advisories/27432/
File Size:5193
Last Modified:Oct 30 19:58:14 2007
MD5 Checksum:ee98c4bdb964cf3c8bc1aa4d5d732518
 

 ///  Last 10 Files
  1. :· emf_MS08-046.rar
  2. :· minipub03-multi.txt
  3. :· apm-sql.txt
  4. :· cubecartcms-sql.txt
  5. :· dsa-1652-1.txt
  6. :· dsa-1651-1.txt
  7. :· dsa-1650-1.txt
  8. :· MDVSA-2008-210-1.txt
  9. :· MDVSA-2008-211.txt
  10. :· dsa-1646-2.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· dsa-1652-1.txt
  2. :· dsa-1651-1.txt
  3. :· dsa-1650-1.txt
  4. :· MDVSA-2008-210-1.txt
  5. :· MDVSA-2008-211.txt
  6. :· dsa-1646-2.txt
  7. :· ZDI-08-067.txt
  8. :· CVE-2008-3271.txt
  9. :· USN-651-1.txt
  10. :· nokiaminimap-crash.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· emf_MS08-046.rar
  2. :· minipub03-multi.txt
  3. :· apm-sql.txt
  4. :· cubecartcms-sql.txt
  5. :· cabrightstor-exec.txt
  6. :· joomlajeux-sql.txt
  7. :· joomlavideos-sql.txt
  8. :· joomlaphotos-sql.txt
  9. :· joomlaflash-sql.txt
  10. :· joomlaownbiblio-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· scapy-2.0.0.10.tar.gz
  2. :· bf10BETA.tar.gz
  3. :· RFIDIOt-Windows-0.1t.zip
  4. :· RFIDIOt-0.1t.tgz
  5. :· opennhrp-0.8.tar.bz2
  6. :· zfz20BETA.tar.gz
  7. :· fwknop-1.9.8.tar.gz
  8. :· msnshadow-0.3_beta.tar.bz2
  9. :· geoipgen0.2b.tgz
  10. :· thc-rfidiot.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· metasploitSMB.pdf
  2. :· webapps-attack.txt
  3. :· dirTraversal.txt
  4. :· targeting-voip.pdf
  5. :· oracle-assault.pdf
  6. :· ShellCodeForBeginners.pdf
  7. :· linux-setresuid.txt
  8. :· nufw-2.2.17.tar.gz
  9. :· slackfire-0.65.d-noarch-1.tgz
  10. :· strongswan-4.2.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice