exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2007-03-28 to 2007-03-29

adv78-K-159-2007.txt
Posted Mar 28, 2007
Authored by eufrato | Site k-159.echo.or.id

C-Arbre versions 0.6PR7 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | d5d3686703e6bbdc57b0c60d120c2dd60ee1c9dce1c842ac579cacd4170ae670
advisory-realGuestbook_V5-en.txt
Posted Mar 28, 2007
Authored by Ruben Ventura Pina | Site trew.icenetx.net

realGuestbook_V5 suffers from a HTML injection vulnerability.

tags | exploit
SHA-256 | b86ba6f04ebc3607caae18cbb9583cca99aa5c34260a4f01415eda8a014f5b3c
KDE Security Advisory 2007-03-26.1
Posted Mar 28, 2007
Authored by KDE Desktop | Site kde.org

KDE Security Advisory - The KDE FTP ioslave parses the host address in the PASV response of a FTP server response. mark from bindshell.net pointed out that this could be exploited via JavaScript for automated port scanning. It was not possible to demonstrate the vulnerability via JavaScript with Konqueror from KDE 3.5.x. However, other scenarios are possible. Systems affected are KDE up to and including KDE version 3.5.6.

tags | advisory, javascript
advisories | CVE-2007-1564
SHA-256 | 11a8b2185f26494437aee4a5b794dd9dfc7df3072b51c8db1a96b3d190915204
Ubuntu Security Notice 445-1
Posted Mar 28, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 445-1 - Sven Krewitt of Secunia Research discovered that XMMS did not correctly handle BMP images when loading GUI skins. If a user were tricked into loading a specially crafted skin, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2007-0653, CVE-2007-0654
SHA-256 | e266e06f177d39efc971ec36eaf88b0d5d9d0d133e7c84c3f8d2d42ec2966ac0
Ubuntu Security Notice 444-1
Posted Mar 28, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 444-1 - A stack overflow was discovered in OpenOffice.org's StarCalc parser. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. A flaw was discovered in OpenOffice.org's link handling code. If a user were tricked into clicking a link in a specially crafted document, a remote attacker could execute arbitrary shell commands with user privileges.

tags | advisory, remote, overflow, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2007-0238, CVE-2007-0239
SHA-256 | dcedce99eb92d93c1a698358523dc0e85c4d2330d3ab5a24910aba66705750fc
Ubuntu Security Notice 443-1
Posted Mar 28, 2007
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 443-1 - A flaw was discovered in how Firefox handled PASV FTP responses. If a user were tricked into visiting a malicious FTP server, a remote attacker could perform a port-scan of machines within the user's network, leading to private information disclosure.

tags | advisory, remote, info disclosure
systems | linux, ubuntu
advisories | CVE-2007-1562
SHA-256 | 58646c1cfd058aba882bd432342de1d5ef5a77df5689e6b60b68c1753dd4ce77
Debian Linux Security Advisory 1273-1
Posted Mar 28, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1273-1 - Several vulnerabilities have been discovered in nas, the Network Audio System. A stack-based buffer overflow in the accept_att_local function in server/os/connection.c in nas allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection. Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value. The AddResource function in server/dia/resource.c allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID. Array index error allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c. The ReadRequestFromClient function in server/os/io.c allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547
SHA-256 | 1e4f485fabdc7a6df39aba602cc017d7080e34af96a042dda8fc9d8dddd5c602
Mandriva Linux Security Advisory 2007.070
Posted Mar 28, 2007
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2007-1002
SHA-256 | 303330030e6f55cb5e27b3158c57236a5547755445f23a98d029aeca2072f934
framework-3.0.tar.gz
Posted Mar 28, 2007
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: Version 3.0 contains 177 exploits, 104 payloads, 17 encoders, and 3 nop modules. Additionally, 30 auxiliary modules are included that perform a wide range of tasks, including host discovery, protocol fuzzing, and denial of service testing.
tags | tool, ruby
systems | unix
SHA-256 | cb27df6dafe7b2d1c2d2174000afd07965cdc09e759e8cda5147cfc58e445251
Secunia Security Advisory 24628
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for nas. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | 8ab7b61979801379bdfa4a85b6f2134abc8bd59a8aa5b45a2b3526a147a1fc92
Secunia Security Advisory 24633
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Domino and Lotus Domino Web Access, which can be exploited by malicious people to conduct cross-site scripting attacks or cause a DoS (Denial of Service).

tags | advisory, web, denial of service, vulnerability, xss
SHA-256 | 4ade0a2f36493ebed88d65ffc560ca73795e35ac090c0fe9deaeb56b27a49b62
Secunia Security Advisory 24638
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for nas. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges or malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
SHA-256 | e4af7ed34dd8c07dee3b2dc70857fa34bce15d1f6cd953cf2b3b9e0de1120d2f
Secunia Security Advisory 24639
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ArcSDE, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 6f10ae71056254d923e5f9a42a96286dd9ec704fc1e54fb8513fe0e5f69fd83f
Secunia Security Advisory 24643
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tim Rees has discovered a security issue in TrueCrypt, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

tags | advisory, denial of service, local
SHA-256 | 4e16d4933bfd69aac4490a4abd439463a205178c8e12571fa3f5555fc7b9fbb4
Secunia Security Advisory 24645
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for xmms. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 6f72da827b8381c976212e45d00b320d178958e87b6a254d72efd7d8bc724af7
Secunia Security Advisory 24647
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 9a5940cc85a243c51e102a0a5d47cf2f170e73e6837e65a25e92831898e3f518
Secunia Security Advisory 24648
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 7caa511d27d5b785ef2a529a264c205574d451b47b83c88ccbb8f9a72139a874
Secunia Security Advisory 24663
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - KEZZAP66345 has discovered a vulnerability in Web Content System, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, web
SHA-256 | f492445ecd828bb7b72ce47023ac065bbf0cd6cb5cf23f92729e77a09b022db9
Secunia Security Advisory 24668
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mandriva has issued an update for evolution. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, mandriva
SHA-256 | a0c3d9dfb5d4fb4a82d2d345a591572c42980c6ef9e3e26ba6a32c8f4fbf5336
Secunia Security Advisory 24672
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - UniquE-Key{UniquE-Cracker} has discovered a vulnerability in the Articles module for Xoops, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | e93f758674d30b60aa5307074f8472dd699c77dfcbe25a999f40a778b20b54ac
Secunia Security Advisory 24673
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - skillTube has reported a vulnerability in NaviCOPA Web Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, web
SHA-256 | 6e70a35d52f80814c4d5b200e2c8355f4d52caf00db6ded9d24aea84093b44ca
Secunia Security Advisory 24679
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Lostmon has discovered some vulnerabilities and weaknesses in aBitWhizzy, which can be exploited by malicious people to disclose system information or conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 5701dc1296401d5a02c9c1da5d68d87ba4f2fbbebfc1fca7750403c9a9527d60
Secunia Security Advisory 24587
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Park Gyu Tae has reported a vulnerability in SignKorea's SKCommAX ActiveX control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
SHA-256 | 8aa06d9a470b41380ee24be062f2d08764f15ccbb69b351697fc18213f77683a
Secunia Security Advisory 24591
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for libwpd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, slackware
SHA-256 | b6a23fa5c4d2c79d10bfc1ecd064712bcb7d4096a5b013f6f6ed4b9174e9d1dc
Secunia Security Advisory 24625
Posted Mar 28, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 659a2e54d19eb8c3a5e143b28e737898eacaf52aa64fd1198ad31b0f89821208
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close