what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50 RSS Feed

Files Date: 2009-03-10

Socket Capable Browser Plugins Result In Transparent Proxy Abuse
Posted Mar 10, 2009
Authored by Robert Auger

Whitepaper called Socket Capable Browser Plugins Result In Transparent Proxy Abuse.

tags | paper
SHA-256 | 65eb3183b07857bbd608feebd92c0299d36ca985daae597dca43bbc3f0bd50f9
Gentoo Linux Security Advisory 200903-24
Posted Mar 10, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-24 - An insecure temporary file usage in Shadow may allow local users to gain root privileges. Paul Szabo reported a race condition in the login executable when setting up tty permissions. Versions less than 4.1.2.2 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2008-5394
SHA-256 | 024dea4d4945ff11e176b4d3f8e31a9f6fab11c9d699ae4e96d59d56ecce6f05
commerce35.pair.com Cross Site Scripting
Posted Mar 10, 2009
Authored by Max Dietz

commerce35.pair.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fefe9b8f7502d1abb958d5e6a58da6492ac244adee03f1d83521fd0367ae8226
WordPress MU Cross Site Scripting
Posted Mar 10, 2009
Authored by Juan Galiana Lara

WordPress MU versions below 2.7 suffer from a Host HTTP header cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 4113cda2b941db88f0101e9657393b355c6a879ccc46d2953d89e73cafc8d026
RoomPHPlanning 1.5 Create User Exploit
Posted Mar 10, 2009
Authored by Jonathan Salwan | Site shell-storm.org

RoomPHPlanning version 1.5 remote administrative user creation exploit.

tags | exploit, remote
SHA-256 | 208a451c3dc7fc271fe8b5602ee73f403947dfc68be86f0c9b9b930578ed078e
WeBid 0.7.3 Remote File Inclusion
Posted Mar 10, 2009
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

WeBid versions 0.7.3 RC9 and below suffer from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion
SHA-256 | cc032baa87192c68451ce6313b9f796925f6d37b4d41bef2dba0784a80ffcb8a
Asterisk Project Security Advisory - AST-2009-002
Posted Mar 10, 2009
Site asterisk.org

Asterisk Project Security Advisory - A remote crash vulnerability exists in the SIP channel driver allow for a denial of service condition.

tags | advisory, remote, denial of service
SHA-256 | ca3545fb7ff461a737f99935a89bf271977ba6509b3a6a50c11000b7d15536f7
Joomla Djice Shoutbox 1.0 XSS
Posted Mar 10, 2009
Authored by XaDoS

Joomla Djice Shoutbox version 1.0 suffers from a permanent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ab0983764c6ae2589c7647ff07614d3c2113d33e06c2b3f5ed24b6f240991231
Mandriva Linux Security Advisory 2009-071
Posted Mar 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-071 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0675, CVE-2009-0676
SHA-256 | 62b36ae835832a2ca1a529bc8dc60e7dfd2ad25732679f7b1be252a91160c5e3
Debian Linux Security Advisory 1735-1
Posted Mar 10, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1735-1 - It was discovered that znc, an IRC proxy/bouncer, does not properly sanitize input contained in configuration change requests to the webadmin interface. This allows authenticated users to elevate their privileges and indirectly execute arbitrary commands (CVE-2009-0759).

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2009-0759
SHA-256 | c7050e28cdec2b23cd3e001e95a49c799e6f63b9f49b26ce0d87a88aafdde18d
Technical Cyber Security Alert 2009-69A
Posted Mar 10, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-069A - Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.

tags | advisory, vulnerability
systems | windows
SHA-256 | 9ff852dd830e814efb4f93f15ca7c66fe392ee0d93aec87740c0b7c7d8f4c056
Ubuntu Security Notice 732-1
Posted Mar 10, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-732-1 - Wolfgang M. Reimer discovered that dash, when invoked as a login shell, would source .profile files from the current directory. Local users may be able to bypass security restrictions and gain root privileges by placing specially crafted .profile files where they might get sourced by other dash users.

tags | advisory, shell, local, root
systems | linux, ubuntu
advisories | CVE-2009-0854
SHA-256 | 248625dfa29b8e4233d57c94a13683f32a4a76cb842fd10cf237efc5ff11131a
Ubuntu Security Notice 731-1
Posted Mar 10, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-731-1 - Various cross site scripting and cross site request forgery issues have been addressed in the Apache2 package.

tags | advisory, xss, csrf
systems | linux, ubuntu
advisories | CVE-2007-6203, CVE-2007-6420, CVE-2008-1678, CVE-2008-2168, CVE-2008-2364, CVE-2008-2939
SHA-256 | 53c042689592505b6cc1714dc0b02d8469fa878b9973b4b6057be919a686c447
Circumference WebAuth Client
Posted Mar 10, 2009
Authored by Jan Engelhardt | Site circum.sourceforge.net

Circumference is an implementation of a WebAuth client and server to supplement the recently-written specification for the WebAuth Diameter Application, complete with an extensible Diameter server and base library. Diameter is specified in RFC3588 and its updates.

Changes: Implemented changes stemming from the RFC3588bis16 update. A couple of other changes.
tags | tool
systems | unix
SHA-256 | cd9befa5150d71dabd2d314c05507db6f3ef6c64c93de0b823e6bb91315cd4b4
PHP-Fusion Book Panel SQL Injection
Posted Mar 10, 2009
Authored by SuB-ZeRo | Site dz-security.com

The PHP-Fusion Book Panel module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 7711480980e8a89f5acb59861c327c9d786ad36cca49d85b494f11d57ab74e6d
Mandriva Linux Security Advisory 2009-070
Posted Mar 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-070 - senddoc uses temporary files (/tmp/log.obr.4043) in an insecure way which enables local attackers to overwrite arbitrary files by using a symlink attack. This update provides a fix for that vulnerability. Also, this update is a rebuild against (latest) xulrunner 1.9.0.6.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2008-4937
SHA-256 | 0640a490a00105b5aeba2a2760baee91c692e5ec3a87a7679597723cf21fd0b0
RainbowPlayer 0.91 SEH Overwrite
Posted Mar 10, 2009
Authored by His0k4

RainbowPlayer version 0.91 playlist related universal SEH overwrite exploit.

tags | exploit
SHA-256 | cac584521a4b5bbd8fbc6456be71941227f97a2346dd24d8dbb5662c94770bae
Gentoo Linux Security Advisory 200903-22
Posted Mar 10, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-22 - A buffer-overflow in Ganglia's gmetad might lead to the execution of arbitrary code. Spike Spiegel reported a stack-based buffer overflow in the process_path() function when processing overly long pathnames in gmetad/server.c. Versions less than 3.1.1-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2009-0241
SHA-256 | d82d1afc3792aca891062de3ccb6945580ab8592dfba3ffe27583f6250d12fbb
CMS WEBjump! SQL Injection
Posted Mar 10, 2009
Authored by M3NW5

CMS WEBjump! suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 45a61661293a5ed9e48ce77ca710110cffa74f50a773993664d0b94a98e9f6f9
IBM Director Privilege Escalation
Posted Mar 10, 2009
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20090305-2 - IBM Director for Windows versions 5.20.3 Service Update 2 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
systems | windows
SHA-256 | 2c4bdf15757ef2a4d79baa1f93e9076442d2eb8f9826084c908501199c234703
IBM Directory CIM Denial Of Service
Posted Mar 10, 2009
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20090305-1 - IBM Director for Windows versions 5.20.3 Service Update 2 and below suffer from a remote denial of service vulnerability.

tags | advisory, remote, denial of service
systems | windows
SHA-256 | 6ec03fbbc9d5a504fb1686b5770ec4c08945779d3dfcac2447a621f6e80a6a21
NextApp Echo XML Injection
Posted Mar 10, 2009
Site sec-consult.com

SEC Consult Security Advisory 20090305-0 - NextApp Echo2 versions below 2.1.1 suffer from a XML injection vulnerability.

tags | exploit, xxe
SHA-256 | e364a88c2cc90f61eeb02c0e5b44a6ff6992024991a758fa3a4903a2fe77a6b5
VUPlayer 2.49 .cue File Overflow
Posted Mar 10, 2009
Authored by Stack | Site v4-team.com

VUPlayer versions 2.49 and below .cue file universal buffer overflow exploit. Win32 bindshell code that ties to port 5555.

tags | exploit, overflow
systems | windows
SHA-256 | b92e3d1c5b3faa53203419f25f64d31b16ec4a45ea5fcd1da8c0414ab5342add
Secunia Security Advisory 34222
Posted Mar 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Mahara, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 91e700f15765c78343d0657672f798048411f7741e14a005ac76fcac75403150
Secunia Security Advisory 34210
Posted Mar 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libpng10. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | c3c0b423f6fe41bee77f8c21f2c7052d7529a3328c875eb5cea2da767ed0c7cf
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close