what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 41 RSS Feed

Files Date: 2011-11-12

Mandriva Linux Security Advisory 2011-173
Posted Nov 12, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-173 - On Mandriva Linux 2010.2 they provided the old openssl 0.9.8 library but without a source RPM file. This could pose a security risk for third party commercial applications that still uses the older OpenSSL library, therefore the latest stable openssl 0.9.8r library is being provided.

tags | advisory
systems | linux, mandriva
SHA-256 | 296abdd78a31c919e7dae254da062c58cc5d9cc2adc4bec5e47953733e621595
LFI Fuzzploit Tool 1.1
Posted Nov 12, 2011
Authored by nullbyt3

LFI Fuzzploit is a simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Using special encoding and fuzzing techniques, lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a local file inclusion.

Changes: A bug in the file descriptor scan function is fixed. A command shell bug is fixed.
tags | tool, local, scanner, php, vulnerability, file inclusion
systems | linux, unix
SHA-256 | 164c07ad86594aa9bfe0936cec79654856d45223f5354927c0eba3f0fca68942
GNU Transport Layer Security Library 3.0.8
Posted Nov 12, 2011
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release fixes an issue in ECDSA key generation and reduces timing information provided to an adversary in DTLS.
tags | protocol, library
SHA-256 | ba4e194be89035b468e5db18e0582de42c9876f6cf91d56699de0986aa3c9761
Secunia Security Advisory 46106
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the MediaRSS external gallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 9c841fddf24fe85e335091956d64c551d7b34c8c57dbdd13c81b2823f539888a
Secunia Security Advisory 46123
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mesut Timur has discovered two vulnerabilities in TWiki, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 88d10f476a6554fc15696b47864e205a11edff93233cca40e828d8cb258915cd
Secunia Security Advisory 46151
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
systems | linux, ubuntu
SHA-256 | 45b4601961ea08969c265a1cd63a65bf12a8723ed86b9b7041047675ae9a1fe7
Secunia Security Advisory 46032
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Audacious has acknowledged some vulnerabilities in Audacious Plugins, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
SHA-256 | 436bc60bd00465ad97241e59d8bce215a9ae5ff96b168bb4bbe118075c57d8ea
Secunia Security Advisory 46142
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.

tags | advisory, vulnerability, xss
systems | linux, redhat
SHA-256 | fd382faef9132070abd231c3eddf46b24494832be793a3994bdce8d75ea45cbd
Secunia Security Advisory 46012
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rgod has reported a vulnerability in Nortel Contact Recording, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | d01dc3ba83ff78dcb20cc71f98274d190608b053bb3473584e4a008724357300
Secunia Security Advisory 46099
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Digital Echidna has discovered a vulnerability in ScriptFTP, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 15dd888f5508ec389cb1cb027e6758c75256873af4164a6cb84d5d6185081f65
Secunia Security Advisory 46038
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Adsense Extreme plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | dd50c7a7f600b31dbbc3c3343d19e752e3979e898e21f6e4b8e7f5a19cdeb11e
Secunia Security Advisory 46806
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for apache2. This fixes a weakness and a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | dc32db44c902cd359ba3d7fe360a012430d303fae90d199b435505d24f57e93b
Secunia Security Advisory 46818
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | c30690827e4d0c72b610930d97331c2e349bb4f0b2ed5d4dff9e7e2ea14f1db9
Secunia Security Advisory 46791
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in IBM Lotus Domino, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user's session.

tags | advisory
SHA-256 | 8a8f317da31956d5ea21d01b9102e136266856f937d74c6b1aea3ac66e608ef2
Secunia Security Advisory 46763
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Benjamin Kunz Mejri has reported a vulnerability in iGuard Biometric Access Control, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | d0455756c1fb2f7778d3e7ecdfd8ac809952e517a404430418c45ac1720407a8
Secunia Security Advisory 46820
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner-1.9.2. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, and compromise a user's system.

tags | advisory, vulnerability, xss
systems | linux, ubuntu
SHA-256 | 21fd63b243e4c60fda4d3ac4c64f7311fd20ed73eca5dd3bb3c4a5b8b4d743ed
Secunia Security Advisory 46826
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 5360836931cf97377c905a0186ad601748f5bede32ae90b38472fbd139f687e8
Secunia Security Advisory 46825
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for radvd. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | aa9c9da38f807fdb8d60bfb2cb580c7090697e91896e3c70444e2ebad684e18a
Secunia Security Advisory 46747
Posted Nov 12, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to disclose certain sensitive information, conduct spoofing attacks, and compromise a user's device.

tags | advisory, spoof, vulnerability
systems | cisco, apple
SHA-256 | 55a3ba85923de56aded5b5daf44f69be06472cce30c4ec2484d39a504f51cb85
strongSwan IPsec Implementation 4.6.1
Posted Nov 12, 2011
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: Because Ubuntu 11.10 activated the --as-needed ld option that discards included links to dynamic libraries that are not actually used by the charon daemon itself, the loading of plugins depending on external symbols provided by the libsimaka, libtls, or libtnccs libraries failed. As a fix, the plugins include the required libraries directly, and due to relinking during the installation, the approach of computing integrity checksums for plugins had to be changed radically by moving the hash generation from the compilation to the post-installation phase.
tags | encryption, protocol
systems | linux, unix, freebsd, apple, osx
SHA-256 | d750ec16bc32c3d7f41fdbc7ac376defb1acde9f4d95d32052cdb15488ca3c34
Zero Day Initiative Advisory 11-328
Posted Nov 12, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-328 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server. Authentication is required to exploit this vulnerability in order to have access to the ftp command set. The specific flaw exists within how the server manages the response pool that is used to send responses from the server to the client. When handling an exceptional condition the application will fail to restore the original response pointer which will allow there to be more than one reference to the response pointer. The next time it is used, a memory corruption can be made to occur which can allow for code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
SHA-256 | b042b6cfefe59bf1569e922d7012f959d2ae5e85844b6ddcc1fa014ac415dd41
Gentoo Linux Security Advisory 201111-04
Posted Nov 12, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201111-4 - phpDocumentor bundles Smarty which contains an input sanitation flaw, allowing attackers to call arbitrary PHP functions. Versions less than 1.4.3-r1 are affected.

tags | advisory, arbitrary, php
systems | linux, gentoo
advisories | CVE-2008-1066
SHA-256 | 15090de5826324024b831e63a61e6a4e9ad35fcdd8b96ed6d93a9d44c2882f40
Debian Security Advisory 2345-1
Posted Nov 12, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2345-1 - Several vulnerabilities have been discovered in Icedove, a mail client based on Thunderbird.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3647, CVE-2011-3648, CVE-2011-3650
SHA-256 | ffa4bfae51c5089b64879ee7d178a8ca96cedfe9d97fa61d66728c1daffe82e9
Suricata IDPE 1.1
Posted Nov 12, 2011
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Performance, accuracy, and stability were improved. Many HTTP rule keywords added. Several SSL keywords have been added. Event suppression support was added. SCTP decoding support was added. IPS mode was improved. An SMTP parser was added. Protocol detection was improved. Extended HTTP output was added. AF_PACKET support was added. PF_RING support was improved. Pcap logging was added. The stream engine was improved.
tags | tool, intrusion detection
systems | unix
SHA-256 | dc76a25ff5ca9df613a9ea69f52ad506f05aa62852c242b3450ce8b02e405a39
Kool Media Converter 2.6.0 Denial Of Service
Posted Nov 12, 2011
Authored by swami

Kool Media Converter version 2.6.0 denial of service exploit that creates a malicious .ogg file.

tags | exploit, denial of service
SHA-256 | cc75a992f0262dc577852abe71fa9192e933cdc77c65f3a152f64dc98a717b6e
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close