what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 58 RSS Feed

Files Date: 2009-11-17

Yahoo! Messenger 9 Denial Of Service
Posted Nov 17, 2009
Site hackattack.com

Yahoo Messenger version 9.0.0.2162 may suffer from an Active-X related denial of service vulnerability.

tags | exploit, denial of service, activex
SHA-256 | 9c9f06c980115572cc48233067a38d9a26d5105b4e5a905cdbf57643c172acf9
HP ProCurve Web Management XSS
Posted Nov 17, 2009
Authored by BugsNotHugs

The HP ProCurve web management interface suffers from multiple cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, xss
SHA-256 | e57756a4a34597d8f2dd62ec80ec67f4d64fc33db533090b009807bf7f4e53ff
McAfee Network Security Manager Bypass / Hijack
Posted Nov 17, 2009
Authored by Daniel King

The McAfee Network Security Manager suffers from authentication bypass and session hijacking vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2009-3566
SHA-256 | b12872dd251208a1cc15c410cb1e33a05ce1ed4893ee463b09b90a098f0298b1
McAfee Network Security Manager XSS
Posted Nov 17, 2009
Authored by Daniel King

The McAfee Network Security Manager suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2009-3565
SHA-256 | 09c7a1dfab50d5489985fd9b9a43cdaa64983e2cf8977b27fd6fd900163dbcce
Secunia Security Advisory 37366
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for samba3x. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious users to bypass certain security restrictions, disclose sensitive information, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | c9d2f17b1fae25fb4d4e9f0822f346065d1e70ffd6331a87fdb6de538e838a51
Secunia Security Advisory 37383
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, slackware
SHA-256 | a5f937ebfda46dbf9cdb07c73fef01e81a914e7ae40846fce63fbbf45898d038
Secunia Security Advisory 37388
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Discovery & Dependency Mapping Inventory (DDMI), which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | ef4a82694dd691d06b155f17cf72fbb8d72b3011743aa239d2b6df44e30b91d8
Secunia Security Advisory 37381
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Home FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 4c1a2260efbfeb0b0d8052d4bab1839fb72e2798ec3a75164e0976d7269ad90e
Secunia Security Advisory 37392
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-openjdk. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
SHA-256 | ae7820847a5f50f6b8d5c8e66acd92324efe514743d1e6f203972cc7a4e55c40
Secunia Security Advisory 37382
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for apache2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, and manipulate certain data.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | c68379ae58b0faa87f311e32533494ba6dc3945b1c8c7ccd1c6845f3948b51a3
Secunia Security Advisory 37377
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Wikipedia Toolbar extension for Firefox, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 9b3dd62f5112b7b868ff5d0a22ac9ef1539fdc8f7b545efc954f18806afb3d67
Secunia Security Advisory 37368
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in avast! Home/Professional, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.

tags | advisory, denial of service, local
SHA-256 | 8e2fc64c3bcbfc363fd360cdf5be920c323bd2096d2bbcb2308465b745da8bf0
Secunia Security Advisory 37357
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, kernel, local
systems | linux
SHA-256 | 1a6a878512a6930d632134eec73d30f8ee4cd5cc0bbc30801fe18c7f72f14c59
Secunia Security Advisory 37348
Posted Nov 17, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Gimp, which potentially can be exploited by malicious people compromise a user's system.

tags | advisory
SHA-256 | ff7e4be6b62e2fa9d73dabd4a43b7866ab27e5b63c92ca6aa67e341651db0b56
PDFResurrect PDF Analyzer 0.9
Posted Nov 17, 2009
Authored by enferex | Site 757labs.com

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.

Changes: This is a bugfix release and addresses the gathering of data (within limit) for the Creator MetaData at the end of a PDF. The previous version would stop prematurely, or possibly get too much information (in certain cases).
tags | tool, forensics
SHA-256 | a0ff0a8ec79bf6713fe5bd669e6ff55f9916ec2d34e69f219fc8a3fcb182a836
wtmpclean Record Wiper 0.6.7
Posted Nov 17, 2009
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: When a login is terminated by a system halt or reboot, this release prints \'down\' as the logout time. It will correctly display login times with negative values.
tags | tool, rootkit
systems | unix
SHA-256 | d54b68ed1a2b635e4e252c69427bd57bfcb99c9e27bdbd8734c034ff9b278290
Stunnel SSL Wrapper 4.28
Posted Nov 17, 2009
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: A serious bug in asynchronous shutdown code was fixed. Win32 DLLs have been added for OpenSSL 0.9.8l. Transparent proxy support was added for Linux kernels versions 2.6.28 and above.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | 9be98fb1aa5e96e44095df267d89b776aa539e6dce90dd0d54db675e9a95cd80
Htrosbif HTTP Server Fingerprinting Tool
Posted Nov 17, 2009
Authored by Erik Inge Bolso

htrosbif is a tool that actively probes an HTTP server. It prods the Web server in all sorts of old, new, basic, fancy, spec-compliant, and spec-breaking ways. It tries to characterize both the well-spoken educated responses and the seriously deviant babble it receives in return. Signatures contain no user data, only header names and HTTP-level quirks. As a useful side effect, this might detect reverse proxies, HTTP load balancers, intrusion prevention systems, and Web application firewalls.

tags | tool, web, scanner
systems | unix
SHA-256 | 9f2e98af019d3b5445bede40d649c0dc8245787e77eeaa688ee2285e7c7efeb0
Mandriva Linux Security Advisory 2009-299
Posted Nov 17, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-299 - Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. This update fixes these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1274, CVE-2009-0698
SHA-256 | 281d6a15f383eabd030d4a0d230719306faf859d62b9cd042d5e97ddc38ec6a2
Mandriva Linux Security Advisory 2009-297
Posted Nov 17, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-297 - The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file. FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a Tcp/udp memory leak. Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference. The updated packages fix this issue.

tags | advisory, remote, denial of service, arbitrary, udp, tcp, memory leak
systems | linux, mandriva
advisories | CVE-2008-3230, CVE-2008-4869, CVE-2009-0385
SHA-256 | 52cf9ea61bd4c6ecdc805d07ea7144e9a4e7ca015433a7ece41d5a0a0a789d34
Mandriva Linux Security Advisory 2009-298
Posted Nov 17, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-298 - xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via mp3 files with metadata consisting only of separators. Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. This update fixes these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2008-5248, CVE-2009-1274, CVE-2009-0698
SHA-256 | 5d042dccc94ef37a7d0408f534588f6948d25d09047cfc5837da14932f9f6036
Mandriva Linux Security Advisory 2009-296
Posted Nov 17, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-296 - Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. This update provides a solution to this vulnerability.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1570
SHA-256 | 4ac465217e3550eff56ead3dc617eaad69ffec140bdd9145c8d1774f14777969
WordPress 2.7.1 admin.php Bypass
Posted Nov 17, 2009
Authored by Fernando Arnaboldi

WordPress versions 2.0 through 2.7.1 suffer from a security bypass vulnerability in admin.php.

tags | exploit, php, bypass
SHA-256 | 751cbc34df5a1384e9a5e8cbac91523d1b2055903c93a05531f97a4ab2e12711
Ubuntu Security Notice 858-1
Posted Nov 17, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 858-1 - It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2009-3767
SHA-256 | a6024a3110c743272fbf0c499c8ca74b5389d0e98c503beef7f5a6a43719f0ed
Telepark Wiki 2.4.23 XSS / Code Execution
Posted Nov 17, 2009
Authored by Abysssec | Site abysssec.com

Telepark Wiki versions 2.4.23 and below suffer from code execution, delete page, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
SHA-256 | e05ff3e7914791681f62150cfc68fabd723e0080f71a3052bee1138a83e2fa59
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close