what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2012-05-24

Debian Security Advisory 2480-1
Posted May 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2480-1 - Several vulnerabilities were discovered in Request Tracker, an issue tracking system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-2082, CVE-2011-2083, CVE-2011-2084, CVE-2011-2085, CVE-2011-4458, CVE-2011-4459, CVE-2011-4460
SHA-256 | 4d0921714e92a3caf9ffbb786ca18511edabedc064e7f7072f96aa34077367e0
Social Engine 4.2.2 Cross Site Request Forgery / Cross Site Scripting
Posted May 24, 2012
Authored by Tiago Natel de Moura

Social Engine version 4.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2012-2216
SHA-256 | 0fa6f5de7bdbe3290ed0ede01f2bace1adff3a4674976586858e62e0e8ba2d18
Apache Commons Compress / Apache Ant Denial Of Service
Posted May 24, 2012
Authored by David Jorm

Apache Commons Compress versions 1.0 through 1.4 and Apache Ant versions 1.5 through 1.8.3 suffer from a denial of service vulnerability. The bzip2 compressing streams in Apache Commons Compress and Apache Ant internally use sorting algorithms with unacceptable worst-case performance on very repetitive inputs. A specially crafted input to Compress' BZip2CompressorOutputStream or Ant's <bzip2> task can be used to make the process spend a very long time while using up all available processing time effectively leading to a denial of service.

tags | advisory, denial of service
advisories | CVE-2012-2098
SHA-256 | 764b4680811098ad5654daa7aacc0274f9de6ab81bef5b8286b792367f7e802c
EMC AutoStart Multiple Buffer Overflows
Posted May 24, 2012
Site emc.com

EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2012-0409
SHA-256 | 1d0445ba9e2d754fa11ecd05aaf43d0b4ef3dc02e0430db42104435fd5421234
Mandriva Linux Security Advisory 2012-081
Posted May 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-081 - Security issues were identified and fixed in mozilla firefox. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. Various other issues have also been addressed.

tags | advisory
systems | linux, windows, mandriva
advisories | CVE-2012-0468, CVE-2012-0467, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2012-0479
SHA-256 | b4728ca55ce3cfd40444a11b5acd5298ece8e9bf6c775569b96cc5d90bcd9a33
Uncovering ZeroDays And Advanced Fuzzing
Posted May 24, 2012
Authored by Kingcope

This is a presentation called Uncovering ZeroDays and Advanced Fuzzing. It has one PDF of the presentation and one of the full script used during the presentation. This was presented at AthCon 2012.

tags | paper
systems | linux
SHA-256 | ed4e76db85a1968d96d0b168a230dcf62722f0fc8e23574007b3bcc95e50099c
Wireshark DIAMETER Denial Of Service
Posted May 24, 2012
Authored by Wireshark

Wireshark versions 1.4.0 through 1.4.12 and 1.6.0 through 1.6.7 suffer from a DIAMETER dissector denial of service vulnerability.

tags | exploit, denial of service
systems | linux
SHA-256 | e6f77a65be835da3e603a103f2c0bcabc8223ab38cfca9aa785e589fc21ac947
Wireshark Dissector Denial Of Service
Posted May 24, 2012
Authored by Laurent Butti

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from multiple dissector related denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | linux
SHA-256 | e3de518339a43d0a5f512990af923fedfb53c8e45b810e538dc48e45374c8f12
Wireshark Misaligned Memory Denial Of Service
Posted May 24, 2012
Authored by Klaus Heckelmann

Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12 suffer from a misaligned memory denial of service vulnerability.

tags | exploit, denial of service
systems | linux
advisories | CVE-2012-2394
SHA-256 | 6f40723d1c25a14ace173c31accd9416895fc2c1be2de9994389ad008ea69ad4
Jaow 2.4.5 Blind SQL Injection
Posted May 24, 2012
Authored by kallimero

Jaow versions 2.4.5 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 17bcc9a70dabb36b21745a5acce3fd83ccd2bda58d99ebddf8329eeee0b55a99
bsnes 0.87 Denial Of Service
Posted May 24, 2012
Authored by Pr0T3cT10n

bsnes version 0.87 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 27d8383734f9c7ed9fc5d3b879938acc56c7b08d1cdc6b9cc4f08bae17606375
Mandriva Linux Security Advisory 2012-080
Posted May 24, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-080 - It may be possible to make Wireshark hang for long or indefinite periods by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. It may be possible to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory
systems | linux, mandriva
SHA-256 | 10a172fbdd9a1956fcadc521595975f06bf508f0c5f7cc83e8e96be95744ada7
Mobius Forensic Toolkit 0.5.13
Posted May 24, 2012
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: This release adds support for Skype 5.x log files (main.db), makes the Hive extension show Protected Storage as a subtree under the PSSP registry key, and adds an Internet Explorer Autocomplete report.
tags | tool, python, forensics
systems | unix
SHA-256 | 5a829776586783c6e948605b05d02fbaa7cc8b630bf68572c37757028b44c81f
OpenOffice OLE Importer DocumentSummaryInformation Stream Handling Overflow
Posted May 24, 2012
Site metasploit.com

This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2008-0320, OSVDB-44472
SHA-256 | 7f7fa7d76079ea7a99a629f8223bcb4b881b275d2d9b9c051e830361276e7852
appRain CMF Arbitrary PHP File Upload Vulnerability
Posted May 24, 2012
Authored by EgiX, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in appRain's Content Management Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php file, a malicious user can upload a file to the uploads/ directory without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2012-1153, OSVDB-78473
SHA-256 | ecfbba7aea3ed45a511e747ceee47ff495011c2a8d081ea91351b0810e76fecc
Red Hat Security Advisory 2012-0688-01
Posted May 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0688-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-09, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the specially-crafted SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.183.19.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2012-0779
SHA-256 | 5d3d94c580242304ad1db49f92b8d1b2db7dde614f6355c09efaba9df53cd86d
Debian Security Advisory 2479-1
Posted May 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2479-1 - Jueri Aedla discovered an off-by-one in libxml2, which could result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2011-3102
SHA-256 | 5e62d60e907638254c3219bad9aae0a157a50cc91b3cbaa54606ea417f886ce3
Debian Security Advisory 2478-1
Posted May 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2478-1 - It was discovered that sudo misparsed network masks used in Host and Host_List stanzas. This allowed the execution of commands on hosts, where the user would not be allowed to run the specified command.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2337
SHA-256 | fa49469a07a4c2e333f036a694c17b0a83d1f089b43d38e1c25cb2dfb19e3c66
Ubuntu Security Notice USN-1450-1
Posted May 24, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1450-1 - It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-2141
SHA-256 | 3b977734c077d0a8b53a81dede80897dca3542072cb2371b9fec6ca89ec6c4ab
Secunia Security Advisory 49285
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Quickr for Domino, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 19df3425d40faaa71b7a01048bbccae0da66ea610c7d23677cc0f5376352beaf
Secunia Security Advisory 49266
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Jaow CMS, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | ebc058729c8fa49563976442ce8cba0f79250e4a09fb4064f1413bae4da06da5
Secunia Security Advisory 49243
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, debian
SHA-256 | 71ae0977cd6471f470e24207acef816402ec306aa61872c11bb662a6088d2f93
Secunia Security Advisory 49191
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
SHA-256 | c38b9347d50954c559842e03b6c1385e44ab45daab3c8fbf92075477f56b28d9
Secunia Security Advisory 49238
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Taxonomy List module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 2079874c6056698377252b7148ee06f0a6017d82424720ae19aaa9f33b1d9876
Secunia Security Advisory 49244
Posted May 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, debian
SHA-256 | 45916e02ab6f88324abc68b37498ba0d6555327630b36320f4e11555c981b7d8
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close