Local sys_uselib root exploit for the Linux 2.4 and 2.6 kernel series.
e95832127ef41cadddcf73aab42cbb0168d07344395d3aa6b43c4b4a5ffb0fdcProof of concept exploit for PostScript utility psnup from the psutils-p17 package.
0b506f07a5d1f0a237c5075cf1c8fd8938692639618c6508c4c64f7b34f0c8f4The Bastille Hardening program locks down an operating system, configuring the system for increased security. It currently supports Red Hat, Fedora Core, Red Hat Enterprise, SuSE, SuSE Enterprise, Mandrake, Debian, and Gentoo, HP-UX, and Apple's Mac OS X. Screenshot available here..
5cc11e42d0aa3982a2e77237a98f2512101cda25e5199ba55c98a46cac5a74c6iDEFENSE Security Advisory 03.21.05 - Local exploitation of a buffer overflow vulnerability within the Core Foundation Library included by default in Apple Computer Inc.'s Mac OS X could allow an attacker to gain root privileges. iDEFENSE has confirmed this vulnerability in Mac OS X 10.3.5 and Mac OS X 10.3.6. Earlier versions are suspected vulnerable.
db5ff37bdf6a8f47915914d8f018372251de8b3a79547f3275e8348007440d4aEXPL-A-2005-002 exploitlabs.com Advisory 031 - The Samsung ADSL Modem ships with default root, admin, and user accounts and also allows for arbitrary file access on the underlying filesystem.
8781cdcc8a0e6d219a4402867b7c5194121711e509530df3a557353ae00e8bfeAuthentication processes in web-based applications are frequently vulnerable to automated brute force guessing attacks. Whilst commonly proposed solutions make use of escalating time delays and minimum lockout threshold strategies, these tend to prove ineffectual in real attacks and may actually promote additional attack vectors. Resource metering through client-side computationally intensive "electronic payments" can provide an alternative strategy in defending against brute force guessing attacks. This whitepaper discusses how such a solution works and the security advantages it can bring.
15245aa7f4bb6184fef5aa8d48258f1200f40a2d9cf75e582ce17ce1140f0645Secunia Security Advisory - GSS-IT has reported a vulnerability in Ocean FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
a2b519c47034e0e65c7b8571c06f33240265b3913a4b7569f1187786497e4aedSecunia Security Advisory - Frank brOmstar Reissner has reported a vulnerability in CzarNews, which can be exploited by malicious people to compromise a vulnerable system.
efe1c37f050bab7dd90817583b171388cca3c7eae6c25e0f6aca7db84e896d86Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes various vulnerabilities.
d87ba2ac40f1b31da87c55ee7facde4aca09427dd95342779954299cf62c9767Secunia Security Advisory - farhad koosha has reported a vulnerability and a security issue in betaparticle blog, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information.
a2690ed0643bec9a674ab7806dd5be3d054911cd1b01620e22564bb9dc4ad207Secunia Security Advisory - Frank brOmstar Reissner has reported a vulnerability in TRG News Script, which can be exploited by malicious people to compromise a vulnerable system.
e6532258e320011fd364633ecdac7e3951d46202bad9579e660277d13456c82bSecunia Security Advisory - Two vulnerabilities have been reported in FileZilla Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
0c21fb4f548e41244590a286aa33dbf0f8ac33dd64a436c62b5c47005027ca2fSecunia Security Advisory - HP has acknowledged some vulnerabilities in HP-UX Apache, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
11c8f2774af56a9180784ff2138e7cb6d350ba2db8082af54b49fc1103322f2cGentoo Linux Security Advisory GLSA 200503-27 - Toby Dickenson discovered that dyndnsupdate suffers from multiple overflows. Versions less than or equal to 0.6.15 are affected.
c5ecd1b5d0d2ea8ae31d4f6f9b092fd3b5a8b3d26ac86361e761466b1b1c8bccDebian Security Advisory 695-1 - Several vulnerabilities have been discovered in xli, an image viewer for X11.
efcecea1bc6135c1707ecf485761a84bc91da389a3ce02499bf8610ee7431d2aphpBB plus versions 1.53 and below allow for system information to be leaked via phpinfo.
14da6f698848e5bc8b0b2c1fa87d70c7c80e6c007ffd431bf2e34b2ffc8b6327MacSpoof DB is a database of MAC prefixes for spoofing your MAC address in Linux. Ideal for in war driving situations. It comes with 7500+ available MAC prefixes, the ability to search and sort by company name or MAC prefix, and an option to pick from the results at random. It then sets the MAC accordingly.
143ccbbf46ef702acd674f4ff14ba7cf651d9f48607b01753e51ea2645161b03Secunia Security Advisory - Patrick has discovered a vulnerability in Icecast, which can be exploited by malicious people to disclose potentially sensitive information.
d7e69be3f2c96d33b8e018ae45497e0e122db38b1d81f74cc1c75b2c607168ccSecunia Security Advisory - Thomas Liam Romanis has reported two vulnerabilities in AnswerBook2 Documentation Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
33d3ab7a6e47f45db2abeecc15eaf4567e8b9db547df5e8ac2d243b8d3d095c9Gentoo Linux Security Advisory GLSA 200503-26 - Sylpheed and Sylpheed-claws fail to properly handle non-ASCII characters in email headers when composing reply messages. Versions less than 1.0.3 are affected.
b7067bae00d3c3ec4e9cae4b2ec45b16494bb2966c073bcd28d6aeb03caa868dGentoo Linux Security Advisory GLSA 200503-25 - Multiple buffer overflows have been found in OpenSLP, when handling malformed SLP packets. Versions less than 1.2.1 are affected.
2bfc836984b3935a2d88c3b3572cc0393d099eb2c68cbeae3bd8e47e4a5a48eeGentoo Linux Security Advisory GLSA 200503-24 - LTris is vulnerable to a buffer overflow when reading the global highscores file. Versions less than 1.0.10 are affected.
e3dee4ff1d5ee71be43f54ee8475b5b2cd19b4d5a3376e255e545149542f0967Gentoo Linux Security Advisory GLSA 200503-23 - Rob Holland of the Gentoo Linux Security Audit Team discovered that rxvt-unicode fails to properly check input length. Versions less than 5.3 are affected.
2e84983b32e29000a641b9fe7d872959be3892656e1e798a99cdca1a2bbde68fphpMyFamily version 1.4.0 is susceptible to SQL injection attacks. Proof of concept included.
6b7e36f14583eff443efbb039fd5c131bfd667623eae3a9ac7d812b68b3db2f7CoolForum versions 0.8.1 Beta and below may be susceptible to SQL injection attacks.
c639cf90e16e7b79ccaca1f474d4530cae0f2308e97844097dc253846f520ef4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed