what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2012-09-14

Ubuntu Security Notice USN-1568-1
Posted Sep 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1568-1 - Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-3412, CVE-2012-3430, CVE-2012-3412, CVE-2012-3430
SHA-256 | 6b9d34007c4882aed53fd61fb185c0722bb11d517e945749865f6f33ef7b12d6
Ubuntu Security Notice USN-1567-1
Posted Sep 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1567-1 - A flaw was found in how the Linux kernel passed the replacement session keyring to a child process. An unprivileged local user could exploit this flaw to cause a denial of service (panic). Ben Hutchings reported a flaw in the Linux kernel with some network drivers that support TSO (TCP segment offload). A local or peer user could exploit this flaw to to cause a denial of service. Jay Fenlason and Doug Ledford discovered a bug in the Linux kernel implementation of RDS sockets. A local unprivileged user could potentially use this flaw to read privileged information from the kernel. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2012-2745, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511, CVE-2012-2745, CVE-2012-3412, CVE-2012-3430, CVE-2012-3511
SHA-256 | a552c2e69546f1e16f0319e244f33fe12786e003870c90d2f57d54f57df37dd4
Red Hat Security Advisory 2012-1267-01
Posted Sep 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1267-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-4244
SHA-256 | ebecc203c7e04d88efd06c185e8da4ce26edfe2550f01fc60ad98f74dcd02b4f
Red Hat Security Advisory 2012-1268-01
Posted Sep 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1268-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-4244
SHA-256 | 5a5972b72ed586ffbd6ffd738c1175d945bd835e8ee1421e32b31576a9ca94ec
Red Hat Security Advisory 2012-1266-01
Posted Sep 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1266-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-4244
SHA-256 | 5af1d32480efad3cc30f4342201d98c34ec8683c1105e96654890fad58076f93
Taller De Inyecciones LDAP
Posted Sep 14, 2012
Authored by The X-C3LL

This is a whitepaper called Taller De Inyecciones LDAP. It discusses various ways of attacking LDAP. Written in Spanish.

tags | paper
SHA-256 | dec8d85f1a07bc2d711c252c99af4c94eab01dceec060bd79489c9daec976af6
Linux Nmap Default Router Services Scan Shellcode
Posted Sep 14, 2012
Authored by Dark-Puzzle

73 bytes small Linux/x86 Nmap default router services scan shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | eba44ff0ad200eedf51987bb0b0229abe3206f8011b11dfebdffd9fbc460b183
Linux man /bin/cat Shellcode
Posted Sep 14, 2012
Authored by Dark-Puzzle

121 bytes small Linux/x86 man /bin/cat shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 1f23c312df1064018158e04828ddd8afd600f9b3bfa0d16a31f90d173ea332c3
Linux cp/chmod /etc/shadow Shellcode
Posted Sep 14, 2012
Authored by Dark-Puzzle

126 bytes small Linux/x86 cp /etc/shadow /tmp && chmod 777 /tmp/shadow shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 3281284185894711f02603966afa216e2b23233c3410d64c430071df5a8869c3
Web Biz India SQL Injection
Posted Sep 14, 2012
Authored by Net.W0lf, Hack Center Security Team

Web Biz India suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, web, sql injection
SHA-256 | 4c8b887299c6bb74d5f1c320fa89562c99f21650029fb5407ef1a7bfbf936e82
Internet Download Manager SEH Based Buffer Overflow
Posted Sep 14, 2012
Authored by Dark-Puzzle

Internet Download Manager SEH based buffer overflow exploit that spawns cmd.exe.

tags | exploit, overflow
SHA-256 | 6b1d1f0931da27bc6e7a701bad516d556bcb7d07ac95b7850477f687fe80adc6
Apis Design SQL Injection
Posted Sep 14, 2012
Authored by Net.W0lf, Hack Center Security Team

Apis Design suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 32481e797bcb310151a7e6e4bb4076e9e111381107140f68fa1c19723c254489
Mambo / Joomla FCKEditor Local File Inclusion
Posted Sep 14, 2012
Authored by BHG Security Center, Siavash

The FCKEditor as used with Mambo and Joomla appears to suffer from a local file inclusion vulnerability. Note that this finding houses site-specific data.

tags | exploit, local, file inclusion
SHA-256 | f219a4b356a444e51fa698fdc29ad6feefbbc50579e18c529aa2e589001587d8
Secunia Security Advisory 50630
Posted Sep 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Siemens SIMATIC S7-1200, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 2763624813a56ed46860856311b9ebb3439d2d6f011205811b386a35a013d083
Secunia Security Advisory 50527
Posted Sep 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Vino, which can be exploited by malicious people to disclose certain sensitive information.

tags | advisory
SHA-256 | 9953d5b0b956fcf7b689377a9ade94ad14379497d2528c22d36831c1d93d9a5a
Secunia Security Advisory 50622
Posted Sep 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Francis Provencher has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
SHA-256 | 237548edc60358a671167a824fddc34ff748c665a0f17e7328cc0acd535b0f95
Secunia Security Advisory 50582
Posted Sep 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for bind97. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 9abeffc8f2c8c29f30b1afedc639d40be5d28cac652edba61c9167ff79c3e06c
Secunia Security Advisory 50583
Posted Sep 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for tor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | d93c0ae723b9016dadd50ed7e8eeac4bdaa7da9a58a0e8de288b8e1aa7cd84a5
Secunia Security Advisory 50641
Posted Sep 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in eZ Publish, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | b502bd13559cf48bed88383d0aca89a1ec156abaa90c90b0133c04ca3cb1074e
IPv6 Address Monitoring Tool 1.0
Posted Sep 14, 2012
Authored by Fernando Gont

ipv6mon is a tool for monitoring IPv6 address usage on a local network. It is meant to be particularly useful in networks that employ IPv6 Stateless Address Auto-Configuration (as opposed to DHCPv6), where address assignment is decentralized and there is no central server that records which IPv6 addresses have been assigned to which nodes during which period of time. ipv6mon employs active probing to discover IPv6 addresses in use, and determine whether such addresses remain active.

Changes: Various updates.
tags | tool, local
systems | unix
SHA-256 | f714a877de4fbf80126c4b8ad2e3496739695ee1eb3a914eae344fdd6325e138
AsaanCart 0.9 Cross Site Scripting
Posted Sep 14, 2012
Authored by HTTPCS

AsaanCart version 0.9 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d012c781e38c2ca86b6dde2c8b0f0f267153528455524c83c5b4b438d1f74cfe
Apple Security Advisory 2012-09-12-1
Posted Sep 14, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-12-1 - iTunes 10.7 is now available and addresses multiple memory corruption issues in webkit.

tags | advisory
systems | apple
advisories | CVE-2011-3016, CVE-2011-3021, CVE-2011-3027, CVE-2011-3032, CVE-2011-3034, CVE-2011-3035, CVE-2011-3036, CVE-2011-3037, CVE-2011-3038, CVE-2011-3039, CVE-2011-3040, CVE-2011-3041, CVE-2011-3042, CVE-2011-3043, CVE-2011-3044, CVE-2011-3050, CVE-2011-3053, CVE-2011-3059, CVE-2011-3060, CVE-2011-3064, CVE-2011-3068, CVE-2011-3069, CVE-2011-3071, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3078
SHA-256 | 8f27ac75b6ce51b0fdc6c2b6f2d18541eb8e57e34aa68e9dc16e36ea16418c79
Mandriva Linux Security Advisory 2012-152
Posted Sep 14, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-152 - A nameserver can be caused to exit with a REQUIRE exception if it can be induced to load a specially crafted resource record. The updated packages have been upgraded to bind 9.7.6-P3 which is not vulnerable to this issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-4244
SHA-256 | 78d951a7fbb049be8ae3a444eed9539e697f76b92cd00ef591a1fa89759e1259
Sitecom Home Storage Center Command Injection
Posted Sep 14, 2012
Authored by Mattijs van Ommeren

Sitecom Home Storage Center suffers from a remote command injection vulnerability.

tags | advisory, remote
SHA-256 | 0e86a216a73385c42f5e1f3d018042013a88eaabb5e6776072ab9befbae3eacc
Sitecom Home Storage Center Arbitrary File Upload
Posted Sep 14, 2012
Authored by Mattijs van Ommeren

Sitecom Home Storage Center suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell
SHA-256 | 95301ce5c082876b54aa1eb5f0b12c6bba5aea60bc103a568674da684e52a0e5
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close