what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2011-06-13

Ubuntu Security Notice USN-1148-1
Posted Jun 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1148-1 - It was discovered that libmodplug did not correctly handle certain malformed S3M media files. If a user or automated system were tricked into opening a crafted S3M file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. It was discovered that libmodplug did not correctly handle certain malformed ABC media files. If a user or automated system were tricked into opening a crafted ABC file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1574, CVE-2011-1761
SHA-256 | 47572f380d544382e12b13f2e36edd46917b95d1734b4774a69a591b5847824c
Ubuntu Security Notice USN-1147-1
Posted Jun 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1147-1 - Nils Philippsen discovered that GIMP incorrectly handled malformed PSP image files. If a user were tricked into opening a specially crafted PSP image file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1782
SHA-256 | 9a0dabd4967dd12b853bd86ec1bf6545bdc5c550d1a6ebad3429bbcf87ce8025
Mandriva Linux Security Advisory 2011-109
Posted Jun 13, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-109 - Cross-site scripting vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real field, related to useradmin/index.cgi and useradmin/user-lib.pl.

tags | advisory, web, arbitrary, local, cgi, xss
systems | linux, mandriva
advisories | CVE-2011-1937
SHA-256 | 2979eb987feab5a10d626a2c9dbdabfa61d8ecc1f406797392b89e4358d17f2d
Mandriva Linux Security Advisory 2011-108
Posted Jun 13, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-108 - Apache Xerces2 Java, as used in Sun Java Runtime Environment in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework.

tags | advisory, java, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2625
SHA-256 | 36474762543fd2efb0f44fd4865e7e2b9783b3ed2e9b6dbf845f00b3cd0de55c
PHP Nuke 8.3 MT Shell Upload
Posted Jun 13, 2011
Authored by Pentesters.ir

PHP Nuke version 8.3 MT suffers from an arbitrary shell upload vulnerability.

tags | exploit, arbitrary, shell, php
SHA-256 | 181c0fcc602b1deb943f8fdeb52a8071760462be19ecfb091d5e21fce82afd2c
Vitaminedz Blind SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

Vitaminedz suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b6e3107bd47facb38e4641043cac3190a5677f7807ed93479482b8529cb9bbf9
Microsoft Lync 4.0.7577.0 Javascript Injection
Posted Jun 13, 2011
Authored by Mark Lachniet | Site foofus.net

Microsoft Lync version 4.0.7577.0 suffers from a javascript insertion vulnerability.

tags | exploit, javascript
SHA-256 | 9acd1aca4807a7c979ac9855bff7008e1cc076bfe2053fcb09c6116d049ef43d
Debian Security Advisory 2258-1
Posted Jun 13, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2258-1 - It was discovered that the STARTTLS implementation of the Kolab Cyrus IMAP server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted IMAP, LMTP, NNTP and POP3 sessions by sending a cleartext command that is processed after TLS is in place. Please note that the advisory number listed in this advisory incorrectly calls it 2257-1, but it is 2258-1.

tags | advisory, imap
systems | linux, debian
advisories | CVE-2011-1926
SHA-256 | 60c5310993e97c19c5cdcdcf134c44109b643441cbeea79d62de1831cea396a1
HITB Magazine Volume 1 Issue 6
Posted Jun 13, 2011
Authored by hitb | Site hackinthebox.org

HITB Magazine Volume 1 Issue 6 - Topics include Social Security, Botnet-Resistant Coding, Hardening Java Applications with Custom Security Policies, Windows Numeric Handle Allocation In-Depth, and more.

tags | java, magazine
systems | windows
SHA-256 | 9eacfcbf4858146cc29b89cbcae803908973204a08ad6d2a0b48070b2ac8a2f8
DNS Distributed Reflected Denial Of Service Tool
Posted Jun 13, 2011
Authored by noptrix | Site nullsecurity.net

Proof of concept code that demonstrates a distributed DNS reflection denial of service attack.

tags | denial of service, proof of concept
SHA-256 | 7be16c76bc50e0af17b21f118fbb3b1ea2b08b93b013a433d54cec209c969b5a
OATH Toolkit 1.10.2
Posted Jun 13, 2011
Site nongnu.org

The OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: This release fixes liboath self tests to work regardless of local time zone.
tags | tool
systems | unix
SHA-256 | 78c3152a268abcb69d89c5cd88f9beae9b53670bfd1a4d91de4219b2806d0939
ZRTP Protocol Library 2.0.0
Posted Jun 13, 2011
Site gnutelephony.org

ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.

Changes: Updated to build using ccrtp 2.x and GNU uCommon 5.x libraries.
tags | protocol, library
systems | unix
SHA-256 | 71a8b09e0b60248d6598c95f2503bbfee6d8671f76ebf7f7ec12c8db8b45dc17
Debian Security Advisory 2259-1
Posted Jun 13, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2259-1 - It was discovered that fex, a web service for transferring very large, files, is not properly validating authentication IDs. While the service properly validates existing authentication IDs, an attacker who is not specifying any authentication ID at all, can bypass the authentication procedure.

tags | advisory, web
systems | linux, debian
advisories | CVE-2011-1409
SHA-256 | 9908ad9a1c5938f3bddc674991c324057146b539427b7b9d1b47d1129dc59394
Technofact SQL Injection
Posted Jun 13, 2011
Authored by eXeSoul

Technofact suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 35da100d665874f66ccdc76228dbfb685e6d20a5480848ce5fad0ee92c007c87
Web Application SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

Web Application from Site By Wapps suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, sql injection
SHA-256 | 0926f0d36a2e55d88c1da6d9d937205a25aa30e31c182361a61a3d848279507a
MGF SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

MGF suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 295783e50df681bff1aef24000e8ef3fec57383912b9bf79e07a36243c6d03a3
CyberScribe SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

CyberScribe suffers multiple remote SQL injection vulnerabilities one of which allows for authentication bypass.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 96d942971f20795194b658222aec09900cee4b458b7f27034bc4247c88aac75c
Athollsweb SQL Injection
Posted Jun 13, 2011
Authored by Kalashinkov3

Athollsweb suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e37d712df6637b966e55d2cf9e9a7d7853d6a66019e64af337a9117ea40ca378
WebFileExplorer 3.6 SQL Injection
Posted Jun 13, 2011
Authored by Cru3l.b0y

WebFileExplorer version 3.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 44b3d587145cc97fdec0a1cdb44c1f309ce0131173e63b8c10cc4c88861dbee0
Blind SQL Injection With Regular Expressions Attack
Posted Jun 13, 2011
Authored by IHTeam, white_sheep | Site ihteam.net

Whitepaper called Blind SQL Injection with Regular Expressions Attack.

tags | paper, sql injection
SHA-256 | 167010ab38c65a1b629b2eb5767870004cb391e155573d9cd652fbf5476b540f
Secunia Security Advisory 44928
Posted Jun 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for cyrus-imapd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, fedora
SHA-256 | 1c593d0135f6626863dc3cfda261296b93045b4619a0ff50eb8329247f398110
Secunia Security Advisory 44940
Posted Jun 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for fex. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, debian
SHA-256 | 3e106436b8a93cd6ad560add11268109ca1026e7d5f8590d523cfa546e6c5842
Secunia Security Advisory 44934
Posted Jun 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for java-1.6.0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, fedora
SHA-256 | dba78f7ecd8dbe025661211373b755a7a2e2bfde256836b52c2d00fe4df5be90
Secunia Security Advisory 44932
Posted Jun 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel
systems | linux, fedora
SHA-256 | 8b284f27d2b47e9133f4be13ec69f485d81aa3e2600633403837aa10259e25ec
Secunia Security Advisory 44900
Posted Jun 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for qemu-kvm. This fixes some vulnerabilities, which can be exploited by malicious, local users in a guest system to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | 01199afbb217017e0003f91d6ef9796983fe7c83835e382a5539b75b2beb7126
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close