exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2007-10-09

Gentoo Linux Security Advisory 200710-7
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-07 - Reinhard Max discovered a boundary error in Tk when processing an interlaced GIF with two frames where the second is smaller than the first one. Versions less than 8.4.15-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4851
SHA-256 | 6af99de5f09c5966ca3d185d72e9400e77f3b6b37a1166b04d3184d53ef2113f
Gentoo Linux Security Advisory 200710-6
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-06 - Moritz Jodeit reported an off-by-one error in the SSL_get_shared_ciphers() function, resulting from an incomplete fix of CVE-2006-3738. A flaw has also been reported in the BN_from_montgomery() function in crypto/bn/bn_mont.c when performing Montgomery multiplication. Versions less than 0.9.8e-r3 are affected.

tags | advisory, cryptography
systems | linux, gentoo
advisories | CVE-2006-3738, CVE-2007-3108, CVE-2007-5135
SHA-256 | 0b7f742d6f45bd21e2f630fffb548c74e417ec802f803d9f557efab7654c51fd
Gentoo Linux Security Advisory 200710-5
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-05 - Raphael Marichez discovered that the DataLoader::doStart() method creates temporary files in an insecure manner and executes them. Versions less than 1.5.7 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-4631
SHA-256 | 773613846f6d77270c88683f54fd3dac922a3c1da0be8a29a45eb1eeac6516d1
Gentoo Linux Security Advisory 200710-4
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-04 - Robert Buchholz of the Gentoo Security team discovered that the flac_buffer_copy() function does not correctly handle FLAC streams with variable block sizes which leads to a heap-based buffer overflow. Versions less than 1.0.17-r1 are affected.

tags | advisory, overflow
systems | linux, gentoo
advisories | CVE-2007-4974
SHA-256 | cb6be2c374e0dbf08552c7a74d4275119375285f4d3baeb02a4840bc3cb7b298
Gentoo Linux Security Advisory 200710-3
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-03 - David Thiel of iSEC Partners discovered a heap-based buffer overflow in the _01inverse() function in res0.c and a boundary checking error in the vorbis_info_clear() function in info.c. libvorbis is also prone to several Denial of Service vulnerabilities in form of infinite loops and invalid memory access with unknown impact. Versions less than 1.2.0 are affected.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, gentoo
advisories | CVE-2007-3106, CVE-2007-4029, CVE-2007-4065, CVE-2007-4066
SHA-256 | 7a907b2348ce906142b3aba0da5822b07995f88558fb4c797503d30416a2a1e2
Gentoo Linux Security Advisory 200710-2
Posted Oct 9, 2007
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200710-02 - Several vulnerabilities were found in PHP. Mattias Bengtsson and Philip Olausson reported integer overflows in the gdImageCreate() and gdImageCreateTrueColor() functions of the GD library which can cause heap-based buffer overflows. Gerhard Wagner discovered an integer overflow in the chunk_split() function that can lead to a heap-based buffer overflow. Its incomplete fix caused incorrect buffer size calculation due to precision loss, also resulting in a possible heap-based buffer overflow. A buffer overflow in the sqlite_decode_binary() of the SQLite extension found by Stefan Esser that was addressed in PHP 5.2.1 was not fixed correctly. Versions less than 5.2.4_p20070914-r2 are affected.

tags | advisory, overflow, php, vulnerability
systems | linux, gentoo
advisories | CVE-2007-1883, CVE-2007-1887, CVE-2007-1900, CVE-2007-2756, CVE-2007-2872, CVE-2007-3007, CVE-2007-3378, CVE-2007-3806, CVE-2007-3996, CVE-2007-3997, CVE-2007-3998, CVE-2007-4652, CVE-2007-4657, CVE-2007-4658, CVE-2007-4659, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662
SHA-256 | 0954c820cef174c83409c66ee739a3d9955c800b776a51d4b17c9452a9f19875
carolinacon-2008-cfp.txt
Posted Oct 9, 2007
Site carolinacon.org

The CarolinaCon 2008 Call For Papers is now open. It's an annual technology conference to enhance local and global awareness of current technology issues and developments, provide affordable technology education sessions to the unwashed masses, deliver varied/informative/interesting presentations on a wide variety of InfoSec/hacking/technology/science topics, and mix in enough entertainment and side contests/challenges to make for a truly fun event. It will be taking place March 28th through the 30th in Chapel Hill, NC, USA.

tags | paper, local, conference
SHA-256 | b2131f497fe1b4a3c1c6d8e33cfb7735b888ad4158afb9d07ca3a284a188f157
Debian Linux Security Advisory 1362-2
Posted Oct 9, 2007
Authored by Debian | Site debian.org

Debian Security Advisory 1362-2 - A problem was discovered in lighttpd, a fast webserver with minimal memory footprint, which could allow the execution of arbitary code via the overflow of CGI variables when mod_fcgi was enabled. This updated advisory correctly patches the security issue, which was not handled in DSA-1362-1.

tags | advisory, overflow, cgi
systems | linux, debian
advisories | CVE-2007-4727
SHA-256 | 8f2ce185c7b6d39f79b8a50243c553a71135c01a934c8220d4cd825f5884f2bf
Secunia Security Advisory 27037
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Apache. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, conduct cross-site scripting attacks, cause a DoS (Denial of Service), or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability, xss
SHA-256 | adf69b7e2b3ff9c4bf08a8fe7140d5833f411da205f40bdc00b8874def4225a1
Secunia Security Advisory 27106
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for kdebase. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct spoofing attacks.

tags | advisory, local, spoof, vulnerability
systems | linux, redhat
SHA-256 | 0a71914446b2a0509444795815be2f0aa4451c0f3a6a0c9fd7c8c1c3a1bb6ebf
Secunia Security Advisory 27085
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xen-utils. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.

tags | advisory, local, vulnerability
systems | linux, debian
SHA-256 | cb3ad53be1f8525947e08c92bafc8de72b9cf4186877dc21d6fcea5cbe3fd9c1
Secunia Security Advisory 27108
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for kdelibs. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.

tags | advisory, spoof, vulnerability, xss
systems | linux, redhat
SHA-256 | a223f38e6248360354a9acd303c4cb9e96151381fa57a5acc1a5ae8ad4e43905
Secunia Security Advisory 27114
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SnIpEr_SA has reported a vulnerability in SkaDate, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | e1f591cf48d07daf3b032ed3e675479be03eaf9feffc44f8bb595c870bbd3e0a
Secunia Security Advisory 27117
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in AlsaPlayer, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | e654ea33618ce6c4ed493c6d18c5a4593f6aa4e20bcb90a8c2a363d935ffae03
Secunia Security Advisory 27125
Posted Oct 9, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - rPath has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 5a3e5495c4c5d2bb5ba822242a22a486993412d9bacaaf6f6a8e7782e377fffb
sqlninja-0.2.1-r1.tgz
Posted Oct 9, 2007
Authored by icesurfer | Site sqlninja.sourceforge.net

sqlninja is a small tool to exploit SQL injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable database server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a database Server when a SQL injection vulnerability has been discovered. It is written in perl and runs on Unix-like boxes.

Changes: New flavor of bruteforce attack, auth mode detection, and various other enhancements and bug fixes.
tags | tool, remote, web, shell, scanner, perl, vulnerability, sql injection
systems | unix
SHA-256 | e1f2978750e3d86dc04e6d185157d4936156bc2761f67fb73ff822ccd721f704
kismet-2007-10-R1.tar.gz
Posted Oct 9, 2007
Authored by Mike Kershaw | Site kismetwireless.net

Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible "interesting" (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data.

Changes: Various additions and fixes.
tags | tool, wireless
systems | cisco, linux, freebsd, openbsd, apple, osx
SHA-256 | 023e7f47039c1ad8615052e464f76a3cd496a423449b931036d127c56d58b2b9
nuface-1.2.8.tar.gz
Posted Oct 9, 2007
Authored by Vincent Deffontaines | Site inl.fr

Nuface is a web-based administration tool that generates Edenwall, NuFW, or simple Netfilter firewall rules. It features a high level abstraction on the security policy set by the administrator, and works internally on an XML data scheme. Its philosophy is to let you agglomerate subjects, resources, or protocols into meta-objects, and use those meta objects to generate ACLs, which are then interpreted as netfilter rules by Nupyf, the internal XML parser. This tool may easily be extended to support firewall implementations other than Netfilter.

Changes: Fixed bug when auth subject with ipv4 address on included nets. Fixed bug when remote ipsec router is not in a net in desc.
tags | tool, web, firewall, protocol
systems | unix
SHA-256 | 7074f84bb3bf6e05073cf78ed90da0d8a4fa43fbec2741dbfcaa357117a7f8e5
snortsms-1.7.8.tar.gz
Posted Oct 9, 2007
Authored by SmithJ108 | Site snortsms.servangle.net

SnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and synchronize all sensor configurations.

Changes: Remote agent rewrite. Updated SnortSMS Collector to handle new agent format.
tags | tool, web, sniffer
SHA-256 | 9e67221d06ccef9d285cdd521f9843717495626dabe06fa5e22e8c571417d262
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close