what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2010-05-05

Secunia Security Advisory 39709
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Photoshop CS3, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 23cefb02f39d2573efca8902dbc39f7011b79b133bfd9f4f7b3dca38822f4ffa
Secunia Security Advisory 39667
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in KV AntiVirus 2010, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
SHA-256 | 53e8286f3fb116a77d292db544efb52ab7b0844df34ec8ac828bf57da00fca5b
Secunia Security Advisory 39703
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Ziepod, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | e87997de28f167e6f239eda9767a56f538b9cd65e9dca68441c3686facd54d3e
Secunia Security Advisory 39690
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in Knowledgeroot Knowledgebase, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 4a3f17b9c71416cd9d02cc9f612c9cf08ff15047b3b86f3f09d42d43c0823233
Secunia Security Advisory 39634
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in 360 Safe, which can be exploited by malicious, local users to perform certain actions with escalated privileges, cause a DoS (Denial of Service), or potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
SHA-256 | ade5c9fd218e6fe9113f79b22469ba77e5e9d823e01e6340daeefe8c12212b0d
Secunia Security Advisory 39668
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 360 Anti-Virus and 360 Security Guard, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, virus
SHA-256 | dac2b9ed0340286b46a409c1779710b4879e5699a3d60ebab7bc2b7ec57826a1
Secunia Security Advisory 39610
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 360 Anti-Virus and 360 Security Guard, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, virus
SHA-256 | e62ff03279721347c5df5f889d6a7a04630283ca81d6c2c740ccafd76b6bd505
Secunia Security Advisory 39676
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for httpd and httpd22 for JBoss Enterprise Web Server. This fixes two vulnerabilities, which can be exploited by malicious people to gain access to potentially sensitive information or cause a DoS (Denial of Service).

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 62273d9008f3c8898a8b35bc247f7a48f9ee668a6110423b8b831ddb7a455589
Secunia Security Advisory 39697
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, disclose potentially sensitive information, and cause a DoS (Denial of Service), and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | c29930e31220b1ba1c7b7119a92a04ccd63d01cf08394e59fb4961adb068919e
Samhain File Integrity Checker 2.7.0
Posted May 5, 2010
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: The login monitoring module has been enhanced to check for anomalies. The kernel integrity check now supports Linux/x86_64, as well as Linux kernels that have /dev/kmem disabled.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 7e1384bb16fadb56efd506c88a8148fc7ce798d891fbdf821c243cf4404e608c
eliteCMS 1.01 Cross Site Request Forgery
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eliteCMS version 1.01 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 1c6b22e991aafca486d5d9f136825bf46856c5c7bb5188eaf6aa0335d56f8750
Zikula Application Framework 1.2.2 Cross Site Request Forgery
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Zikula Application Framework version 1.2.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 8f921a9905f04920469c4ad4be5af76d8f98eff4329486ab2c0da7972286b714
Core Security Technologies Advisory 2010.0427
Posted May 5, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - Prior to MS10-024 the Windows SMTP Service generated DNS queries with trivially guessable values in the transaction ID field. The issue was addressed in MS10-024 by adding a call to the 'CAsyncDns::GenerateRandWord' method when building the DNS query. Prior to MS10-024 the Windows SMTP Service did not check that the value of the ID field of a DNS response received from the network actually matched the value of the ID field of a corresponding DNS query packet previously sent. The issue was addressed in MS10-024 by adding validation logic to the 'CAsyncDns::ProcessReadIO' method.

tags | advisory
systems | windows
advisories | CVE-2010-1689, CVE-2010-1690
SHA-256 | f9f3d7f24dfb5f26df59a62a6054cd9aaf1939a9958a82a13d2f856165222d6a
Mandriva Linux Security Advisory 2010-091
Posted May 5, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-091 - This update provides a new OpenOffice.org version 3.1.1. An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow. A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing. A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file. Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file. OpenOffice's xmlsec uses a bundled Libtool which might load.la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled.

tags | advisory, remote, overflow, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2009-0200, CVE-2009-0201, CVE-2009-2139, CVE-2009-2140, CVE-2009-3736
SHA-256 | 8d9c5f17ff17abb01c346325d44694318ba9b0991da8314b424d66dd738fe7f5
REC0N 2010 Call For Papers Reminder
Posted May 5, 2010
Authored by Recon | Site recon.cx

REC0N 2010 Call For Papers Reminder - REC0N is a security conference taking place in downtown Montreal from July 9th through the 11th.

tags | paper, conference
SHA-256 | f3694d0bdbd88eac9bef2c626e0e33a9e79df9ec45e25ac40db87e0a4ea14a67
thEngine 0.1 Local File Inclusion
Posted May 5, 2010
Authored by TEAMELITE

thEngine version 0.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d031ad56172e09f98df1fa9c912f57b9c53ae6544afdf73be3fc3fa2adbbc1d7
Linux/x86 execve("/bin/bash","-p",NULL) Shellcode
Posted May 5, 2010
Authored by Jonathan Salwan

33 bytes small Linux/x86 execve("/bin/bash","-p",NULL) shellcode.

tags | x86, shellcode, bash
systems | linux
SHA-256 | cfaa5b5b6456a7736b0887b9dcfe7b971a523d979d04def460f60fdf878fd352
Wing FTP Server 3.4.3 Directory Traversal
Posted May 5, 2010
Authored by chr1x

Wing FTP Server version 3.4.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | d7fb4ac82e2b9d3473faa005fc39eebb2473b9c4233535710d7434aa884e0454
Mandriva Linux Security Advisory 2010-090
Posted May 5, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-090 - client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mountpoint, and gain privileges, via a symlink attack on the mountpoint directory file. The updated packages have been patched to correct these issues.

tags | advisory, denial of service, arbitrary, local
systems | linux, mandriva
advisories | CVE-2010-0547, CVE-2010-0747
SHA-256 | ccfda0113d596bf024ec0360c4b46676053de6e3625e6ae746bb90f51efa9c31
SQL Injection - Working With MySQL
Posted May 5, 2010
Authored by fred777

Whitepaper called SQL Injection - Working With MySQL. Written in German.

tags | paper, sql injection
SHA-256 | a6b1548d65f07d81d842b7e94aaf26483dcaecae4a856edc4829b214b4f9bfa3
Acuity CMS 2.6.2 Cross Site Scripting
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Acuity CMS version 2.6.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ea95c9c269be5d443a90f5eb227dfbb767e6e256db1a8ba12e83fa0efb3635f2
Technique Of Quick Exploitation Of Double Blind SQL Injection
Posted May 5, 2010
Authored by Dmitriy Evteev

Whitepaper called Technique Of Quick Exploitation Of Double Blind SQL Injection.

tags | paper, sql injection
SHA-256 | 6fd6d8f9f3df57755617038b830d13a062458ae3a6053f3f323e9e60bed9e712
Knowledge Root 0.9.9.5 Shell Upload
Posted May 5, 2010
Authored by eidelweiss

Knowledge Root version 0.9.9.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, root
SHA-256 | 77750d0a1084389df3ffa46dce6384fb28c90ce9b509ada90c8569e803c09b4c
eliteCMS Cross Site Scripting
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eliteCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ecad1e917d010d68a5c8d5fdbe2658eb710f3ff72925e62c627725b4e3f12af2
ecoCMS Cross Site Scripting
Posted May 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

ecoCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 59be35be497e3769b700f2f33e796250a3a07afce482f7a80a1e1368a8f0cd91
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close