.:[ packet storm ]:.
                             
mowing the security landscape
mowing the security landscape

 Section:  .. / 0602-advisories  /

Page 7 of 21
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 >> Files 150 - 175 of 514
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sa18904.txt
Description:
 Secunia Security Advisory - A security issue has been reported in various Cisco products, which can be exploited by malicious people to bypass certain security restrictions.
Homepage:http://secunia.com/advisories/18904/
File Size:3111
Last Modified:Feb 16 22:45:30 2006
MD5 Checksum:1fb5c2e5d192ae7f9da10500b34bbd48

 ///  File Name: sa18937.txt
Description:
 Secunia Security Advisory - Maksymilian Arciemowicz has reported some vulnerabilities in PostNuke, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and to bypass certain security restrictions.
Homepage:http://secunia.com/advisories/18937/
File Size:3098
Last Modified:Feb 21 21:14:58 2006
MD5 Checksum:0ae212bd61f8bb9c665b81e5a728e0b8

 ///  File Name: EEYEB-20051017.txt
Description:
 EEYEB-20051017 Windows Media Player BMP Heap Overflow - eEye Digital Security has discovered a critical vulnerability in Windows Media Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code in the context of the user who executed the player.
Homepage:http://www.eeye.com/
File Size:3094
Last Modified:Feb 17 00:43:00 2006
MD5 Checksum:6328114b9c4187c9e360740e4b88f309

 ///  File Name: MDKSA-2006-030.txt
Description:
 Mandriva Linux Security Advisory - poppler - Heap-based buffer overflow in Splash.cc in xpdf allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. Poppler uses a copy of the xpdf code and as such has the same issues.
Homepage:http://www.mandriva.com/security/
File Size:3091
Last Modified:Feb 3 01:08:04 2006
MD5 Checksum:a672b24065a18d0c9415773f6c38b5cb

 ///  File Name: 02.01.06-1.txt
Description:
 iDefense Security Advisory 02.01.06 - It has been found that a specially crafted m3u or pls file with a target filename having the .wma extension can crash Winamp giving the attacker control over the EAX register. The vulnerability appears to have been silently fixed in Winamp 5.11.
Author:b0f
Homepage:http://www.idefense.com
File Size:3088
Related CVE(s):CVE-2005-3188
Last Modified:Feb 2 20:33:54 2006
MD5 Checksum:79ed6959a0c4e0e3aeb4166d0c99e956

 ///  File Name: sa18799.txt
Description:
 Secunia Security Advisory - Román Medina-Heigl Hernández has reported some vulnerabilities in VHCS, which can be exploited by malicious people to conduct script insertion attacks, and by malicious users to bypass certain security restrictions and gain escalated privileges.
Homepage:http://secunia.com/advisories/18799/
File Size:3084
Last Modified:Feb 13 20:29:16 2006
MD5 Checksum:00ff856308d6315d066b92d06ce4161a

 ///  File Name: glsa-200602-10.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-10 - Tavis Ormandy of the Gentoo Linux Security Auditing Team discovered that automated systems relying on the return code of GnuPG or gpgv to authenticate digital signatures may be misled by malformed signatures. GnuPG documentation states that a return code of zero (0) indicates success, however gpg and gpgv may also return zero if no signature data was found in a detached signature file. Versions less than 1.4.2.1 are affected.
Homepage:http://security.gentoo.org
File Size:3079
Last Modified:Feb 20 21:22:35 2006
MD5 Checksum:a25305af869c11377e193f52d8282158

 ///  File Name: USN-257-1.txt
Description:
 Ubuntu Security Notice USN-257-1 - Jim Meyering discovered that tar did not properly verify the validity of certain header fields in a GNU tar archive. By tricking an user into processing a specially crafted tar archive, this could be exploited to execute arbitrary code with the privileges of the user.
Homepage:http://security.ubuntu.com/
File Size:3066
Related CVE(s):CVE-2006-0300
Last Modified:Feb 26 04:43:43 2006
MD5 Checksum:3983d648b1aaeeca0a801b90f7d8f35f

 ///  File Name: everyone.net.txt
Description:
 www.everyone.net suffers from XSS. POC included.
Author:simo
Homepage:http://www.morx.org/
File Size:3061
Last Modified:Feb 13 11:15:51 2006
MD5 Checksum:9b5ff72ef76ddbb1ee88bd1426982a3a

 ///  File Name: sa18977.txt
Description:
 Secunia Security Advisory - Mandriva has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information and cause a DoS (Denial of Service), or by malicious people to cause a DoS.
Homepage:http://secunia.com/advisories/18977/
File Size:3039
Last Modified:Feb 22 20:02:22 2006
MD5 Checksum:917d95855aad2ce2dfb4d5089e56fdf6

 ///  File Name: dsa-966-1.txt
Description:
 Debian Security Advisory DSA 966-1 - Thomas Reifferscheid discovered that adzapper, a proxy advertisement zapper add-on, when installed as plugin in squid, the Internet object cache, can consume a lot of CPU resources and hence cause a denial of service on the proxy host.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:3006
Related CVE(s):CVE-2006-0046
Last Modified:Feb 10 03:11:18 2006
MD5 Checksum:72ec72525f57fcf4c856ef7ac47c95fd

 ///  File Name: IRM-017.txt
Description:
 IRM Security Advisory No. 017 - PortalSE version 2.0 allows a remote attacker to read any file on the filesystem as it runs with root privileges by default. It is also susceptible to a directory revelation issue.
Author:P. Robinson
Homepage:http://www.irmplc.com/advisories
File Size:2994
Last Modified:Feb 26 02:36:31 2006
MD5 Checksum:53a6d085c73194ed7e99b4fceb971453

 ///  File Name: sa18698.txt
Description:
 Secunia Security Advisory - A security issue has been reported in some Adobe products, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges.
Homepage:http://secunia.com/advisories/18698/
File Size:2977
Last Modified:Feb 4 15:12:24 2006
MD5 Checksum:ebe1a154fee826d316999cb75b637207

 ///  File Name: 02.07.06-2.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a race condition vulnerability in QNX Neutrino RTOS's (QNX) phfont command allows attackers to gain root privileges. QNX Neutrino RTOS is a real-time operating system designed for use in embedded systems. The problem specifically exists because phfont spawns another command, phfontphf, without proper sanity checking. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are also suspected to be susceptible to exploitation.
Author:Knud Hojgaard
Homepage:http://www.idefense.com
File Size:2971
Last Modified:Feb 8 06:26:41 2006
MD5 Checksum:e0bc6779d4f1d17549b26c4a6809691a

 ///  File Name: Kyoceraprinters.txt
Description:
 It is possible to gain administrative access on Kyocera 3830 printers by using telnet.
Author:evader
Homepage:http://evader.wordpress.com/2006/02/16/kyocera-printers/
File Size:2969
Last Modified:Feb 20 22:41:19 2006
MD5 Checksum:6db2d97acaf3238129c57fcc77ad3ce1

 ///  File Name: 02.07.06-6.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a design vulnerability in QNX Software Systems QNX Realtime Operating System (RTOS) allows attackers to execute arbitrary commands with root privileges. The problem specifically exists because QNX RTOS 6.3.0 ships with world writable permissions on the file /etc/rc.d/rc.local. iDefense has confirmed the existence of this vulnerability in QNX RTOS version 6.3.0. Version 6.0 was also tested and found to not be vulnerable.
Homepage:http://www.idefense.com
File Size:2969
Last Modified:Feb 8 06:30:49 2006
MD5 Checksum:5159b61548c532863f51b5a32633c3f9

 ///  File Name: dsa-970-1.txt
Description:
 Debian Security Advisory DSA 970-1 - Johannes Greil of SEC Consult discovered several cross-site scripting vulnerabilities in kronolith, the Horde calendar application.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:2943
Last Modified:Feb 15 00:18:49 2006
MD5 Checksum:cdc1c255a16e966fe61d5044123668f7

 ///  File Name: sa18756.txt
Description:
 Secunia Security Advisory - Sudhakar Govindavajhala and Andrew W. Appel have reported some security issues in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
Homepage:http://secunia.com/advisories/18756/
File Size:2935
Last Modified:Feb 9 01:56:34 2006
MD5 Checksum:00395013d20702b884f7365f939ba68c

 ///  File Name: estaraDoS.txt
Description:
 eStara SIP softphone is susceptible to denial of service and format string flaws.
Author:zwell
File Size:2934
Last Modified:Feb 25 02:09:17 2006
MD5 Checksum:c7301e05816c9ce79dd1fe72fb6865d4

 ///  File Name: 02.07.06-4.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'su' command allows attackers to gain root privileges. The problem specifically exists in the parsing of a long string passed as the first argument to the set user id (setuid) binary 'su'. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.0. Earlier versions are suspected to be susceptible to exploitation as well.
Author:Texonet
Homepage:http://www.idefense.com
File Size:2934
Last Modified:Feb 8 06:28:47 2006
MD5 Checksum:4b68bb38a3931b8a9961642e65081d8d

 ///  File Name: glsa-200602-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-02 - Andy Staudacher discovered that ADOdb does not properly sanitize all parameters. Versions less than 4.71 are affected.
Homepage:http://security.gentoo.org
File Size:2927
Last Modified:Feb 7 22:18:10 2006
MD5 Checksum:99bbebe91b834b28249490a84fe6a9d7

 ///  File Name: ZDI-06-002.txt
Description:
 Adobe Macromedia Shockwave is susceptible to a remote code execution flaw. This specific flaw exists within the ActiveX control with CLSID 166B1BCA-3F9C-11CF-8075-444553540000. Specifying large values for two specific parameters to this control results in an exploitable stack based buffer overflow. Due to the nature of this vulnerability, the target user is not required to have fully completed an installation of Shockwave to be vulnerable.
Author:Peter Vreugdenhil
Homepage:http://www.zerodayinitiative.com
File Size:2908
Related CVE(s):CVE-2005-3525
Last Modified:Feb 26 04:54:25 2006
MD5 Checksum:aa146a3f81da882868d19fcf7e9f69ae

 ///  File Name: glsa-200602-06.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-06 - The SetImageInfo function was found vulnerable to a format string mishandling. Daniel Kobras discovered that the handling of %-escaped sequences in filenames passed to the function is inadequate. This is a new vulnerability that is not addressed by GLSA 200503-11. Versions less than 6.2.5.5 are affected.
Homepage:http://security.gentoo.org
File Size:2904
Last Modified:Feb 14 08:42:51 2006
MD5 Checksum:d3f65409f6de37db6b7d10491be78303

 ///  File Name: 02.07.06-7.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'passwd' command allows attackers to gain root privileges. The problem specifically exists in the parsing of a long string passed as the first argument to the set user id (setuid) binary 'passwd'. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.0. Earlier versions are suspected to be susceptible to exploitation as well.
Author:Texonet
Homepage:http://www.idefense.com
File Size:2902
Last Modified:Feb 8 06:31:45 2006
MD5 Checksum:5f12d0b59a4332564f7ed6f236088883

 ///  File Name: 02.07.06-3.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'phgrafx' command allows attackers to gain root privileges. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are suspected to be susceptible to exploitation as well.
Author:Knud Hojgaard
Homepage:http://www.idefense.com
File Size:2883
Last Modified:Feb 8 06:27:38 2006
MD5 Checksum:0a6b5c3a37e249f27172383d9db37d35
 

 ///  Last 10 Files
  1. :· oracle-assault.pdf
  2. :· ifoto-disclose.txt
  3. :· phpwebexplorer-lfi.txt
  4. :· interdynamic-sql.txt
  5. :· verisign-xss.txt
  6. :· jmweb-lfi.txt
  7. :· galerie-blindsql.txt
  8. :· foss10-upload.txt
  9. :· foss-upload.txt
  10. :· ppim-lfi.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· vmware-emulation.txt
  2. :· VMSA-2008-0016.txt
  3. :· MDVSA-2008-210.txt
  4. :· MDVSA-2008-209.txt
  5. :· secunia-trendtraverse.txt
  6. :· USN-650-1.txt
  7. :· juniper-xss.txt
  8. :· flash9-dereference.txt
  9. :· FreeBSD-SA-08.10.nd6.txt
  10. :· USN-649-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· ifoto-disclose.txt
  2. :· phpwebexplorer-lfi.txt
  3. :· interdynamic-sql.txt
  4. :· verisign-xss.txt
  5. :· jmweb-lfi.txt
  6. :· galerie-blindsql.txt
  7. :· foss10-upload.txt
  8. :· foss-upload.txt
  9. :· ppim-lfi.txt
  10. :· kwalbum-upload.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· opennhrp-0.8.tar.bz2
  2. :· zfz20BETA.tar.gz
  3. :· fwknop-1.9.8.tar.gz
  4. :· msnshadow-0.3_beta.tar.bz2
  5. :· geoipgen0.2b.tgz
  6. :· thc-rfidiot.zip
  7. :· sp3.rar
  8. :· openstego-0.5.0.tgz
  9. :· Vuurmuur-0.6.tar.gz
  10. :· ctunnel-0.2.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· oracle-assault.pdf
  2. :· ShellCodeForBeginners.pdf
  3. :· linux-setresuid.txt
  4. :· nufw-2.2.17.tar.gz
  5. :· slackfire-0.65.d-noarch-1.tgz
  6. :· ENG_in_a_nutshell.pdf
  7. :· strongswan-4.2.7.tar.gz
  8. :· linux-iopl.txt
  9. :· ShmooConCFP-2009.txt
  10. :· openssl-0.9.8i.tar.gz
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice