what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 49 RSS Feed

Files Date: 2009-04-29

Ubuntu Security Notice 768-1
Posted Apr 29, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-768-1 - Stephane Chazelas discovered that Apport did not safely remove files from its crash report directory. If Apport had been enabled at some point, a local attacker could remove arbitrary files from the system.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2009-1295
SHA-256 | 8fa2e9012d04e758cf0b8c191f63010cc6620ec6d34a72a2749e3139df9d66bd
iDEFENSE Security Advisory 2009-04-29.1
Posted Apr 29, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 04.29.09 - Remote exploitation of a design error vulnerability in Symantec Corp.'s Symantec System Center may allow an attacker to execute arbitrary code with SYSTEM privileges. The vulnerability exists within the 'Intel File Transfer' service, which runs the xfr.exe application. When sent a properly formatted request, this service will extract a string from the request, and use it as the path of a program to execute as a new Process. The process will be started with SYSTEM privileges. iDefense has confirmed the existence of this vulnerability in Symantec Client Security version 3.1. Previous versions may also be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1431
SHA-256 | 6e2b0f9eae90b4956e12a4bd18e62b1f41c4da41d29dfc69af01d2945fe6426a
iAWACS 2009 Call For Papers
Posted Apr 29, 2009
Authored by iawacs2009 | Site esiea-recherche.eu

Call For Papers for the first International Alternative Workshop on Aggressive Computing and Security. It will take place from October 23rd through the 25th, 2009 in Laval, France.

tags | paper, conference
SHA-256 | 3447f67b012f233371c6cb4878720ec911b585c972b36f92071e496ad09ac66a
S-CMS 1.1 Local File Inclusion
Posted Apr 29, 2009
Authored by ZoRLu

S-CMS version 1.1 suffers from a local file inclusion vulnerability in plugin.php.

tags | exploit, local, php, file inclusion
SHA-256 | 4a4a3b0b3843ec7861bccb3ebe429d18983fabf686e09d0c1475bee2cb218a33
Tiger DMS SQL Injection
Posted Apr 29, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

Tiger DMS suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e3be9fda1df89dba19e13af1895b32eead00a3b928a7639c0a9a64946a58749b
Trendmicro RAR/CAB/ZIP Bypass
Posted Apr 29, 2009
Authored by Thierry Zoller

The Trendmicro parsing engine can be bypassed by specially crafted and formatted ZIP, RAR, and CAB archives.

tags | advisory
SHA-256 | abed09554259c2e3388a70a248472bb87093766b256b9972dcf7ee400e610a4b
ESET Nod32 CAB Bypass
Posted Apr 29, 2009
Authored by Thierry Zoller

The ESET Nod32 parsing engine can be bypassed by a specially crafted and formatted CAB archive.

tags | advisory
SHA-256 | 1c69319e78e7b2c5cc45a466ee1778e1e75bb147ad1ae4612f28dc3cc03020ce
Zubrag Smart File Download 1.3 File Download
Posted Apr 29, 2009
Authored by Aodrulez | Site aodrulez.blogspot.com

Zubrag Smart File Download version 1.3 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | b4a68a7314a4a13323531468521e1d34fec1a11eaf11048054749b0f3fc75604
ProjectCMS 0.1b SQL Injection
Posted Apr 29, 2009
Authored by YEnH4ckEr

ProjectCMS version 1.0b suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
SHA-256 | 6b3590c0ce7aa31f3c3c8f0b97189e81616824240802c68ea371becce8e5f3f6
eLitius 1.0 SQL Injection
Posted Apr 29, 2009
Authored by Snakespc | Site snakespc.com

eLitius version 1.0 suffers from a remote SQL injection vulnerability in banner-details.php.

tags | exploit, remote, php, sql injection
SHA-256 | 5ab4c494cd4102eee45eabc2762e27a093df413b6af21940d53411e0b4cb509a
mpegable Player 2.12 Stack Overflow
Posted Apr 29, 2009
Authored by GolD_M | Site tryag.cc

mpegable Player version 2.12 local stack overflow proof of concept exploit that creates a malicious .yuv file.

tags | exploit, overflow, local, proof of concept
SHA-256 | d14ae85b3a52a1789b7852990c4e467e26ad305a767f031aaa8de0672ca2c7c3
Baby Web Server 2.7.2.0 File Disclosure
Posted Apr 29, 2009
Authored by ZoRLu

Baby Web Server version 2.7.2.0 arbitrary file disclosure exploit.

tags | exploit, web, arbitrary, info disclosure
SHA-256 | 6b17b31ff204c18d47dbfc2232e858107835c98b4ecb2a11da0ed60834001b6b
LevelOne AMG-2000 Wireless AP Proxy Bypass
Posted Apr 29, 2009
Authored by Johannes Greil | Site sec-consult.com

SEC Consult Security Advisory 20090429-0 - LevelOne AMG-2000 Wireless AP Management Gateway suffers from proxy bypass and plain text vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 21fedd3d58a60ec4be0f1b3d390a6efc6e4b55fd06209cf789610813125e1daf
Symantec WinFax Pro 10.03 Buffer Overflow
Posted Apr 29, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

Symantec Fax Viewer Control in WinFax Pro version 10.03 (DCCFAXVW.DLL) remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 2aed8b7e6e6ce96375af28dd2e4580c2567f748fbb45706ec2ce25127c08a6f9
Debian Linux Security Advisory 1783-1
Posted Apr 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1783 - Multiple vulnerabilities have been identified affecting MySQL, a relational database server, and its associated interactive client application.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2008-3963, CVE-2008-4456
SHA-256 | 378c24ed6865ec7a2fd8fd2b0301e6ad1f3da96ed58b9b53ff179426a24bca86
Debian Linux Security Advisory 1782-1
Posted Apr 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1782-1 - Several vulnerabilities have been discovered in mplayer, a movie player for Unix-like systems.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2009-0385, CVE-2008-4866, CVE-2008-5616
SHA-256 | ab45a988a3319574a71c625778a4441b1a197bf19918be539f70c5720add5dd7
Debian Linux Security Advisory 1781-1
Posted Apr 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1781-1 - Several vulnerabilities have been discovered in ffmpeg, a multimedia player, server and encoder.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-0385, CVE-2008-3162
SHA-256 | ffc625bd60046ffa450d5486a03b15d37373cd07c757e7b76e3ff2fde794b237
Mandriva Linux Security Advisory 2009-101
Posted Apr 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-101 - Multiple buffer overflows, integer overflows, NULL pointer dereference and various other vulnerabilities affect the JBIG2 decoder.

tags | advisory, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-1182, CVE-2009-1183
SHA-256 | 1f6303a55e2ad8d1888c82a4caa6883c76f13e3d36bdb15b5f1e3cc6bbaa4a0b
Zero Day Initiative Advisory 09-018
Posted Apr 29, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-018 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Symantec Client Security. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Alert Originator service, iao.exe, which listens by default on TCP port 38292. The process blindly copies user-supplied data to a stack buffer via a memcpy call. By supplying a specially crafted packet, an attacker can overflow that buffer leading to arbitrary code execution in the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution
advisories | CVE-2009-1430
SHA-256 | 6f2c6687de793a723fbc5c545b300bc7b6825f1d425a73288eeb566dd22d8ff4
Autodesk IDrop ActiveX Code Execution
Posted Apr 29, 2009
Authored by Elazar Broad

Autodesk IDrop remote code execution Active-X related exploit.

tags | exploit, remote, code execution, activex
SHA-256 | 7c9c190ffc784d425b6ced4e31666ab13e643782cb0241ab22e64961271029ed
Quick N Easy 3.3.5 File Disclosure
Posted Apr 29, 2009
Authored by Cyber-Zone | Site iq-ty.com

Quick 'N Easy Web Server version 3.3.5 arbitrary file disclosure exploit.

tags | exploit, web, arbitrary, info disclosure
SHA-256 | 28b096ec8d20eb70a76699f695c80411a360606cd936faada273201aaac98200
Secunia Security Advisory 34856
Posted Apr 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in various Symantec products, which can be exploited by malicious, local users to potentially gain escalated privileges and by malicious people to compromise a vulnerable system.

tags | advisory, local, vulnerability
SHA-256 | 6cac817f91203e66acaf9bfb848037e01cc7bd91f201709543d2c2f54442c15f
Secunia Security Advisory 34836
Posted Apr 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | solaris
SHA-256 | 3d91655fa2393c0db845b654ddc0d6d4a86ef4f991a49d1ad0b87b8cbd7b0f8f
Secunia Security Advisory 34915
Posted Apr 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in memcached, which can be exploited by malicious people to disclose system information.

tags | advisory
SHA-256 | 7d596b609e7279dd207869d1c28550b2b7567aa908f6460d98bd1eab4b1ab168
Secunia Security Advisory 34851
Posted Apr 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for mozilla-firefox. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
systems | linux, slackware
SHA-256 | e93cffd1dba8c5fd6a21e6e5bcc8d75f12eab42dfe917f4a95f378e7d66ae74d
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close