what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 57 RSS Feed

Files Date: 2008-12-16

Gentoo Linux Security Advisory 200812-18
Posted Dec 16, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200812-18 - Multiple memory management errors in JasPer might lead to execution of arbitrary code via jpeg2k files. Versions less than 1.900.1-r3 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2008-3520, CVE-2008-3522
SHA-256 | 4d57aebd7f1e7f3c83b382b57ad902e73ac27115f7b4c7d96b63d1bae4385111
Joomla Session Hijacking
Posted Dec 16, 2008
Authored by Hanno Boeck | Site hboeck.de

Joomla fails to set the secure flag in the session cookie allowing the possibility of a session getting hijacked.

tags | advisory
advisories | CVE-2008-4122
SHA-256 | a0f0b11a97d38cd11e6da4f7b89ff1d72b8153bcd12e0b35bdbafea736cee8af
Barracuda Message Archiver
Posted Dec 16, 2008
Authored by Dr. Marian Ventuneac

The Barracuda Networks Message Archiver product is vulnerable to persistent and reflect cross site scripting attacks.

tags | exploit, xss
advisories | CVE-2008-0971
SHA-256 | 7d5ba643cb91e384c25bc6c8b9b798506aa2c146a0eb1e25cdc27fb3cdcc863e
Barracuda Spam Firewall SQL Injection
Posted Dec 16, 2008
Authored by Dr. Marian Ventuneac

The Barracuda Networks Spam Firewall is vulnerable to various remote SQL injection attacks.

tags | exploit, remote, sql injection
advisories | CVE-2008-1094
SHA-256 | 4a06cf636ddf600a8fa7b1e3104ca846b7810df35ab3c3da2a438c7b755bd9e4
v6 IRC Scanner Utility
Posted Dec 16, 2008
Authored by Osirys | Site y-osirys.com

v6 is a script that performs SQL Injection, local/remote file inclusion and code execution scanning. It's controlled via irc as an irc-bot. It scans on a lot of engines, performs a mass scan, and a bypass for google and yahoo.

tags | tool, remote, local, scanner, code execution, sql injection, file inclusion
systems | unix
SHA-256 | 8e71b5b683b5e169ff5eded068320ed3e6687e1d1b55d98aa69608504172e1f0
EvimGibi Pro Resim Galerisi 1.0 SQL Injection
Posted Dec 16, 2008
Authored by ZoRLu

EvimGibi Pro Resim Galerisi version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e8f5f29204963b8d74595cdf4d48b630601e20142e1af996f81579d2fd52400a
Gentoo Linux Security Advisory 200812-17
Posted Dec 16, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200812-17 - Multiple vulnerabilities have been discovered in Ruby that allow for attacks including arbitrary code execution and Denial of Service. Versions less than 1.8.6_p287-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability, code execution, ruby
systems | linux, gentoo
advisories | CVE-2008-1447, CVE-2008-2376, CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2008-3905
SHA-256 | fc3d0e1000f9f9bfede1eca24d080fd7125be4acdc61e8d5f8e06afcd003ef16
Zero Day Initiative Advisory 08-088
Posted Dec 16, 2008
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 08-088 - This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of Oracle E-Business Suite Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists in the APPS.ICXSUPWF.DisplayContacts package. The procedure fails to validate the contents of a WHERE clause containing user-suppled input. This allows an attacker to execute arbitrary SQL statements in the context of the APPS user.

tags | advisory, remote, arbitrary
SHA-256 | 45aace3526309f21ce527289fb342b9e73195493e59ce9dce43e859c100cfa9e
Aiyoota! CMS SQL Injection
Posted Dec 16, 2008
Authored by Lidloses_Auge

Aiyoota! CMS remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 5fe1f519e4f3e8d6131052331a1e2520afba7ff252c5e3d08ca8a8fedffe9878
FLDS 1.2a SQL Injection
Posted Dec 16, 2008
Authored by ka0x

FLDS version 1.2a remote SQL injection exploit that leverages report.php.

tags | exploit, remote, php, sql injection
SHA-256 | 5d94a5a7ea6dce7ddf65ab0bab80b2fb2417b49558d782fe174b397b373b41e1
Ubuntu Security Notice 691-1
Posted Dec 16, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-691-1 - Laurent Gaffie discovered that Ruby did not properly check for memory allocation failures. If a user or automated system were tricked into running a malicious script, an attacker could cause a denial of service. This update also fixes a regression in the upstream patch previously applied to fix CVE-2008-3790. The regression would cause parsing of some XML documents to fail.

tags | advisory, denial of service, ruby
systems | linux, ubuntu
advisories | CVE-2008-3443, CVE-2008-3790
SHA-256 | 8e6e9a4a0c546126aa35f85750f347d27b3886321646d22ce793a2ac11d744df
FLDS 1.2a Blind SQL Injection
Posted Dec 16, 2008
Authored by SirGod | Site insecurity.ro

FLDS version 1.2a suffers from a blind SQL injection vulnerability in lpro.php.

tags | exploit, php, sql injection
SHA-256 | eeca86bfa60726d6d88db68e98029bc47a279b2dd021a83f352a48710f441c60
Table Editor Database Disclosure
Posted Dec 16, 2008
Authored by Pouya Server

TableEditoR suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | c4025d206d7d798e5a6a3687064bcda8448b91f3dd12926fa6bb04cae009a72a
Portail PHP 2.0 Local File Inclusion
Posted Dec 16, 2008
Authored by Osirys | Site y-osirys.com

Portail PHP version 2.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, php, file inclusion
SHA-256 | f2a3c3253a127a6e100615a5eb7e4007d153297fdd9c9c2fb3eff3acc48f8c09
Web Wiz Database Disclosure
Posted Dec 16, 2008
Authored by Cold z3ro | Site hack-teach.com

Web Wiz Guestbook version 8.21 suffers from a remote database disclosure vulnerability.

tags | exploit, remote, web, info disclosure
SHA-256 | 12a1d911ce3e44a1ae03dc5639f41d374c1b052712e7fd084fdf6804f3106b06
FaScript FaUpload SQL Injection
Posted Dec 16, 2008
Authored by ZAC003 | Site aria-security.net

FaScript FaUpload suffers from a remote SQL injection vulnerability in download.php.

tags | exploit, remote, php, sql injection
SHA-256 | 23ef236a5ece965a75b46e1929801b3871f530cb11ecb0241168031615b46eb7
GNU SIP Witch Telephony Server
Posted Dec 16, 2008
Authored by David Sugar | Site gnutelephony.org

GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.

Changes: Small fixes for memset in forward and messages. Pedantic code clean up.
tags | telephony, protocol
SHA-256 | 896f9eae255dd403dea8c387a2642b6f82e829828c9731874a0b7b48721d414d
Secunia Security Advisory 33183
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - shinnai has discovered a vulnerability in Realtek Media Player (RtlRack), which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | f8b0bb94897577ded3db589558d8e8a830733120f8c9b84cf836b2e8faced230
Secunia Security Advisory 33151
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for freeradius. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, vulnerability
systems | linux, suse
SHA-256 | 706f37e282f37557acfc21a241647be3a0239af982011de3d79d13eacdacfd55
Secunia Security Advisory 33195
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
SHA-256 | c363e382bc9b1ef47fb92de14e7fb9bba0cc83be09f7ed4eaaba2c2ae4a628fb
Secunia Security Advisory 33194
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for IBM Java. This fixes some vulnerabilities, which can be exploited by malicious people to disclose system and potentially sensitive information and bypass certain security restrictions.

tags | advisory, java, vulnerability
systems | linux, suse
SHA-256 | 7f68293b74255ad08d1de471f04ffba4f068dfd5ea47ff735a7f44898650dad8
Secunia Security Advisory 33164
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Dr. Marian Ventuneac has reported some vulnerabilities in various Barracuda products, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 62d39486e0c0180ede2c66aa137ae9ae285954ed51fb2bb3b43db2127bb1f18a
Secunia Security Advisory 33181
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for enscript. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 89f251820b78e8a90b6fabc6659f6e0c23a8fb55454ff1770c36b71d798b08fb
Secunia Security Advisory 33139
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for aview. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, gentoo
SHA-256 | 71413bd02aec3c0a7e8a1cd3b8073ca68b14411ad7fd70982e32433ab22765a9
Secunia Security Advisory 33144
Posted Dec 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for gallery2. This fixes some vulnerabilities, can be exploited by malicious users to disclose sensitive information and conduct script insertion attacks.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | 7c7247d88ee7fa6cea7f067a4f59534cbacc403ff2f07c41ce05766d0352523f
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close