what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2011-03-31 to 2011-03-31

Mandriva Linux Security Advisory 2011-057
Posted Mar 31, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-057 - The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process.

tags | advisory, remote, web, root
systems | linux, mandriva
advisories | CVE-2011-1176
SHA-256 | 22de56c09b08a58a738c13069e87c04573002b0b52ea84aadd8e486e46b65fee
Ubuntu Security Notice USN-1100-1
Posted Mar 31, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1100-1 - It was discovered that OpenLDAP did not properly check forwarded authentication failures when using a slave server and chain overlay. If OpenLDAP were configured in this manner, an attacker could bypass authentication checks by sending an invalid password to a slave server. It was discovered that OpenLDAP did not properly perform authentication checks to the rootdn when using the back-ndb backend. An attacker could exploit this to access the directory by sending an arbitrary password. Ubuntu does not ship OpenLDAP with back-ndb support by default. This issue did not affect Ubuntu 8.04 LTS. It was discovered that OpenLDAP did not properly validate modrdn requests. An unauthenticated remote user could use this to cause a denial of service via application crash.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1024, CVE-2011-1025, CVE-2011-1081
SHA-256 | 29371eb33f44bf7dd06b949a37d77a4725800566231420c8ea5ba3bedfe8b622
Interra Blog Machine 1.84 Cross Site Scripting
Posted Mar 31, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Interra Blog Machine version 1.84 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b20872e61e3388d80cd3ac2001e598c77aa7b1f3e7066e5a946db11d9e4b790d
Nixory Anti-Spyware Tool 1.1
Posted Mar 31, 2011
Site nixory.sourceforge.net

Nixory is an innovative, fast, and powerful anti-spyware program, with a user-friendly graphical interface. It protects Mozilla Firefox from dangerous spyware and harmful cookies. Platform independent source tarball.

Changes: Support for Firefox 4 was added and some minor bugs were fixed.
systems | unix
SHA-256 | a341664a497bbc82a1f3e312a03e67fcf0a40cfe91b220abd500a628a9faee0b
MaxSite Anti Spam Image Anti-Automation
Posted Mar 31, 2011
Authored by MustLive

The MaxSite Anti Spam Image plugin version 0.6 for WordPress suffers from an anti-automation vulnerability.

tags | advisory
SHA-256 | 56d360a31b05be7e932af17d7096c50a9708ff525c05619413139fae2e6c2956
Feng Office 1.7.3.3 Cross Site Request Forgery
Posted Mar 31, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Feng Office version 1.7.3.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 6f382e14d75ba5747b9dbb1d2cfd589442d1740e15b170e29291e302ad08d24f
Collabtive 0.6.5 XSS / XSRF / Directory Traversal
Posted Mar 31, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Collabtive version 0.6.5 suffers from cross site request forgery, cross site scripting, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, csrf
SHA-256 | d2c5bc279c635ee10b524daef2da96cdde8272b3fefdcde49f0ea0499ea410c6
Debian Security Advisory 2208-2
Posted Mar 31, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2208-2 - The BIND, a DNS server, contains a defect related to the processing of new DNSSEC DS records by the caching resolver, which may lead to name resolution failures in the delegated zone. If DNSSEC validation is enabled, this issue can make domains ending in .COM unavailable when the DS record for .COM is added to the DNS root zone on March 31st, 2011. An unpatched server which is affected by this issue can be restarted, thus re-enabling resolution of .COM domains.

tags | advisory, root
systems | linux, debian
SHA-256 | f731e91d3be36cf5817c4082103d78fb8988f511662f8a796e0adbc0d8384d82
Ubuntu Security Notice USN-1099-1
Posted Mar 31, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1099-1 - Sebastian Krahmer discovered that GDM (GNOME Display Manager) did not properly drop privileges when handling the cache directories used to store users' dmrc and face icon files. This could allow a local attacker to change the ownership of arbitrary files, thereby gaining root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2011-0727
SHA-256 | d514ab3fe4b1a1fc21f19d2440ed651da9ef009bb9076b19c86d194bffa0846f
Secunia Security Advisory 43924
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Secure Access Control System, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | cisco
SHA-256 | 7f70a634fa64a380bdcc4eb0d1148099ca41fde73533c68a3fc73d78cd260363
Secunia Security Advisory 43950
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Translation Management module for Drupal, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, sql injection, csrf
SHA-256 | 7abc02772be82cbccd871453ca125bd663ced4ccd104195d2f5dc8daffc1984f
Secunia Security Advisory 43949
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in PHPBoost, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 13163ff7aa9f81c688f26f45f546b8de3c627b8963e1f9b23ed786f0da30a646
Secunia Security Advisory 43936
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 9aad6c995bd098a7957c9d61bc240d56c8025998c67f53c0d14e7fa313bb2a67
Secunia Security Advisory 43885
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in VMware Workstation, which can be exploited by malicious, local users to gain potentially escalated privileges.

tags | advisory, local
SHA-256 | be6cd4acffee4a7abd81f0165b9e698ada31eab61bbc7d3dae1bcda8d8a6e99c
Secunia Security Advisory 43878
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for mahara. This fixes two vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
systems | linux, debian
SHA-256 | 8615c84a0ecdeacc8953a88a3b16defa598f8b4af3546a56d95ea0cdaa4ac633
Secunia Security Advisory 43935
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged two vulnerabilities in Solaris, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | solaris
SHA-256 | a733c7a7f705b2bbb383c00919f2b1ef29f3f656b6f2c6d55e5388246ce925dd
Secunia Security Advisory 43941
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for wordpress. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
SHA-256 | 218059dbe6f8a6bedb9aaeb60c7258ed0fa4bf53e4980f54022993768608b313
Secunia Security Advisory 43943
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in VMware VIX API, which can be exploited by malicious, local users to gain potentially escalated privileges.

tags | advisory, local
SHA-256 | 07e61602571d009a8c1b6e3b0b8530f6983e04111eef89654ef80ce775888b5e
Secunia Security Advisory 43919
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in Spitfire, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | c1d37795f57f4a7ae3b5fbec1caca690ed85418b04fb55902f32522d08af83f7
Secunia Security Advisory 43542
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in RunCMS, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | d07958d980219d5ab8990c96a177fed52a1661e29d3b96472c672e2be1310e83
Secunia Security Advisory 43888
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for tomcat6. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability, xss
systems | linux, ubuntu
SHA-256 | b67d24f01a679ff2f0d476c508d2ec133aa3e35ca21d9426e9b66d7ab9957aa4
Secunia Security Advisory 43863
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for tomcat5.5. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious users to disclose sensitive information and manipulate certain data and by malicious people to disclose sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | b32785b886596f1ca523adfff672fc6f0ad0fc484d2f2a38f71688f417ea5180
Secunia Security Advisory 43767
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | aa610583e94c39fa444831e618e087917782462880fa8ff0e17b340713d7b472
Secunia Security Advisory 43909
Posted Mar 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mesut Timur has discovered a vulnerability in Tracks, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2cef57f61ec9ea0c61f12f6d346d40ca8f2b113ea1aebdc5f6cfac02a8b87f2b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close