what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2009-05-07 to 2009-05-08

Garmin Communicator Plug-In Domain Locking Security Bypass
Posted May 7, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Garmin Communicator Plug-In, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to a synchronisation error in the GARMINAXCONTROL.GarminAxControl_t.1 ActiveX control (npGarmin.dll). This can be exploited to bypass the domain locking and dialog box presented to the user asking for confirmation that the untrusted site may access private data. Successful exploitation allows full access (such as deleting data, retrieving personal information, or installing firmware updates) to any Garmin GPS products connected to the user's system. Garmin Communicator Plug-In (npGarmin.dll) version 2.6.4.0 is affected.

tags | advisory, activex
advisories | CVE-2009-0194
SHA-256 | d2f086ac3f174a9241e5c568f24970ed3a5b1893adb4e0b56c252fa22c46ae09
Debian Linux Security Advisory 1795-1
Posted May 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1795 - Stefan Kaltenbrunner discovered that ldns, a library and set of utilities to facilitate DNS programming, did not correctly implement a buffer boundary check in its RR DNS record parser. This weakness could enable overflow of a heap buffer if a maliciously-crafted record is parsed, potentially allowing the execution of arbitrary code. The scope of compromise will vary with the context in which ldns is used, and could present either a local or remote attack vector.

tags | advisory, remote, overflow, arbitrary, local
systems | linux, debian
advisories | CVE-2009-1086
SHA-256 | 07bc2c872a94cc909bd0fc99b18912317c0adfa1ce9d83e608314726b9497ada
Debian Linux Security Advisory 1794-1
Posted May 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1794-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to denial of service, privilege escalation, or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2008-4307, CVE-2008-5395, CVE-2008-5701, CVE-2008-5702, CVE-2008-5713, CVE-2009-0028, CVE-2009-0029, CVE-2009-0031, CVE-2009-0065, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676, CVE-2009-0834, CVE-2009-0859, CVE-2009-1192, CVE-2009-1265, CVE-2009-1336, CVE-2009-1337
SHA-256 | 4dd5ca78b1581eba15c84ff4a8157b0c7fb2f4a484b039cab416d46b6e595b0c
Secunia Security Advisory 34980
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for drupal6. This fixes some vulnerabilities, which can be exploited by malicious people to conduct script insertion attacks or to disclose potentially sensitive information.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | e7bf22e01e934f2435c4bba740b980f8527274ab9fdc9b57c9a367578cbb4adf
Secunia Security Advisory 34326
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Garmin Communicator Plug-In, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | a222892bc7d44bb73f3d691a65c009062e73283d9e270f45cd4562cf6c218008
Secunia Security Advisory 34941
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Methodman has discovered a vulnerability in VerliHub Control Panel, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 040b577d9980b96ec92ae300cc3ce9547099c353645a75bec27dd537d7555d5e
Secunia Security Advisory 34772
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities and a weakness have been discovered in freePBX, which can be exploited by malicious people to disclose certain system information, and to conduct cross-site scripting and cross-site request forgery attacks.

tags | advisory, vulnerability, xss, csrf
SHA-256 | a9b5a3dfd1fe231792d31beeaabc629663ebc661ddc0f3e3160adc8197777ced
Secunia Security Advisory 35012
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in Coccinelle, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
SHA-256 | 26dac76e07248c1d6130087fa1d76e6a94ca32866dd37acf896f3ca232f20b96
Secunia Security Advisory 34991
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for kdegraphics. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | ffb074554af501aab311e7495c3eaabd712f16b267287bd2c57c10d3f6167ffd
Secunia Security Advisory 35014
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can potentially be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 60ac39938d3cac504f5966b303deffbaa4b6fdaf456eb37521ba069bfcd1a50b
Secunia Security Advisory 35013
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for ldns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 5f5e803c6129bab79a425e4742de19a5313950805976e2fcbd6bc32abb75a5ba
Secunia Security Advisory 35015
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some weaknesses, security issues, and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and bypass certain security restrictions.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | 1e9bf61baf6cafa3c517f3b38706617d185914121f1ff5b838bd5cdd2b23ed27
Secunia Security Advisory 34972
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.5.0-ibm. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of service), or compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
SHA-256 | a99567cb19e766174a54af36ba1f623a6b7c9b42c332017c83945dd2c694a438
Secunia Security Advisory 35011
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for linux-2.6. This fixes some weaknesses, security issues, and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), bypass certain security restrictions, expose potentially sensitive information, and gain escalated privileges, and by malicious people to potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
SHA-256 | 7721db45a10a35552307828eb23b1c11d4908f65cf43f843c11fc4aa6bd04baa
Secunia Security Advisory 35010
Posted May 7, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for acpid. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, redhat
SHA-256 | d08867157d582f7cb2560a7001bf4d9d58d4b4d80014463c905a0e263753c234
cryptmount Filesystem Manager
Posted May 7, 2009
Authored by RW Penney | Site cryptmount.sourceforge.net

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

Changes: Support for encrypted filesystems without separate key files or partition headers was added. The security of the built-in SHA1/Blowfish key manager was improved through more extensive password hashing. Facilities for creating LUKS encrypted partitions were improved. Robustness to possible race conditions in handling udev events was improved. Many areas of legacy code were tidied.
tags | kernel, encryption
systems | linux
SHA-256 | f10d60c51661fe4bb06dbd97638d45b27392522bad1f294096122cb187193cb7
GoGo Inflight Internet Interception
Posted May 7, 2009
Authored by Adriel T. Desautels | Site netragard.com

Netragard, L.L.C Advisory - The GoGo Inflight Internet service fails to encrypt wireless connections between users and the access point.

tags | advisory
SHA-256 | e15a68a398d9fbb9df850bb9e64eb1d67cbb71a7114d0a7fa4d220d64af99af9
Mandriva Linux Security Advisory 2009-107
Posted May 7, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-107 - The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop. The updated packages have been patched to prevent this.

tags | advisory, remote, denial of service
systems | linux, unix, mandriva
advisories | CVE-2009-0798
SHA-256 | d94fd35c4764320bd601a47485976ca2678d1034fb77663aa166536a148e38dc
Kayako Support Suite 3.04.10 Cross Site Scripting
Posted May 7, 2009
Site comodo.com

A persistent cross site scripting vulnerability has been discovered in Kayako Support Suite version 3.04.10.

tags | advisory, xss
SHA-256 | 3ccbe914fa63fed3536b149427f819e5382b4beba195b050915cf278eb0c5b30
Debian Linux Security Advisory 1793-1
Posted May 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1793-1 - kpdf, a Portable Document Format (PDF) viewer for KDE, is based on the xpdf program and thus suffers from similar flaws to those described in DSA-1790.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
SHA-256 | b23d78885ee2f7f2ae0596c7da062bf5b220086cc14e2def2e10e1a0d7721933
Debian Linux Security Advisory 1792-1
Posted May 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1792-1 - Multiple vulnerabilities have been discovered in drupal, a web content management system.

tags | advisory, web, vulnerability
systems | linux, debian
SHA-256 | 8c1e6616a93cc6679ce5cb34784418dd80f5e7a851235a8651100e1a08b3eae8
Debian Linux Security Advisory 1791-1
Posted May 7, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1791-1 - It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks when renaming attachments or performing other sub-actions.

tags | advisory, xss, python
systems | linux, debian
advisories | CVE-2009-1482
SHA-256 | 3ae5e30c1170b20c9791d19e903cad613381a9ae18a2b48249517bba2d9ca090
VerliHub Control Panel 1.7e Cross Site Scripting
Posted May 7, 2009
Authored by TEAMELITE

VerliHub Control Panel version 1.7e suffers from cross site scripting and iframe injection vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7635916779b1974ce826340348988295154a3a9bfc52105687d3677be7db0d46
HP Security Bulletin HPSBMA02419 SSRT090060
Posted May 7, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with Insight Control suite for Linux (ICE-LX) running Nagios. The vulnerabilities could be remotely exploited via cross-site request forgery (CSRF) and remote authentication bypass.

tags | advisory, remote, vulnerability, csrf
systems | linux
advisories | CVE-2008-6373, CVE-2008-5028, CVE-2008-5027
SHA-256 | 705ec91f5f467524c9fce9e62505f8c8bf65546431a3dd799716c3c4b2975f50
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close