.:[ packet storm ]:.
                               
four continents, one idea
four continents, one idea

 Section:  .. / 0706-advisories  /

Page 3 of 8
<< 1 2 3 4 5 6 7 8 >> Files 50 - 75 of 180
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: explorer-overflow.txt
Description:
 Explorer.exe version 6.00.2900.2180 suffers from a buffer overflow vulnerability.
Author:Lostmon
Homepage:http://lostmon.blogspot.com/
File Size:17606
Last Modified:Jun 7 00:58:59 2007
MD5 Checksum:77511d82c3b562bc08f28b8019488d22

 ///  File Name: firefox-traverse.txt
Description:
 The directory traversal fix in Firefox version 2.0.0.4 only partially fixed the flaw and accidentally circumvents an existing input validation check.
Author:Thor Larholm
File Size:606
Last Modified:Jun 7 01:02:29 2007
MD5 Checksum:1cc2a8fe6f6588e18153f536b0ab8b06

 ///  File Name: flac123-overflow.txt
Description:
 flac123 version 0.0.9, also known as flac-tools, is vulnerable to a buffer overflow in vorbis comment parsing. This allows for the execution of arbitrary code.
Author:David Thiel
Homepage:http://www.isecpartners.com/
File Size:1480
Last Modified:Jun 29 22:44:05 2007
MD5 Checksum:3f267591db23c699112102a030ecc7b4

 ///  File Name: fusetalk-sql.txt
Description:
 FuseTalk version 2.0 suffers from a SQL injection vulnerability.
Author:Charles H. Kim
File Size:3715
Last Modified:Jun 20 00:27:18 2007
MD5 Checksum:4e99df24fc4578088e34bba914c63324

 ///  File Name: gdbupx-overflow.txt
Description:
 GDB versions 6.6 and above suffer from a buffer overflow vulnerability.
Author:Lau KaiJern
File Size:7051
Last Modified:Jun 6 19:40:10 2007
MD5 Checksum:b0b22857d7bc8add8eadabcae4ce770c

 ///  File Name: GdiPlus.pdf
Description:
 The CSIS Security Group has discovered an "Integer division by zero" flaw in the GDI+ component of Windows XP. Exploitation of this flaw can result in a denial of service condition.
Author:Dennis Rand
Homepage:http://www.csis.dk/
File Size:130523
Last Modified:Jun 7 02:54:59 2007
MD5 Checksum:1e1a69cf8e1d200e9b8cae5681f23af8

 ///  File Name: glsa-200706-01.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-01 - Victor Stinner reported an integer overflow in the exif_data_load_data_entry() function from file exif-data.c while handling Exif data. Versions less than 0.6.15 are affected.
Homepage:http://security.gentoo.org
File Size:2774
Related CVE(s):CVE-2007-2645
Last Modified:Jun 7 01:24:03 2007
MD5 Checksum:b90109964f6ae8aa646dc77291ea2fd2

 ///  File Name: glsa-200706-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-02 - Ulf Harnhammar from Secunia Research has discovered a format string error in the write_html() function in the file calendar/gui/e-cal-component-memo-preview.c. Versions less than 2.8.3-r2 are affected.
Homepage:http://security.gentoo.org/
File Size:2575
Related CVE(s):CVE-2007-1002
Last Modified:Jun 7 03:11:27 2007
MD5 Checksum:df86243b07fc06482e28abe7acfdf474

 ///  File Name: glsa-200706-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-03 - Arnaud Giersch discovered that the add_filename_to_string() function in file intl/gettext/loadmsgcat.c uses an untrusted relative path, allowing for a format string attack with a malicious .po file. Versions less than 0.11.2-r1 are affected.
Homepage:http://security.gentoo.org
File Size:2639
Related CVE(s):CVE-2007-2027
Last Modified:Jun 7 03:11:38 2007
MD5 Checksum:982cbc5aee208bcdc1b4c154b09bfa41

 ///  File Name: glsa-200706-04.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-04 - Md Sohail Ahmad from AirTight Networks has discovered a division by zero in the ath_beacon_config() function (CVE-2007-2830). The vendor has corrected an input validation error in the ieee80211_ioctl_getwmmparams() and ieee80211_ioctl_getwmmparams() functions(CVE-207-2831), and an input sanitization error when parsing nested 802.3 Ethernet frame lengths (CVE-2007-2829). Versions less than 0.9.3.1 are affected.
Homepage:http://security.gentoo.org
File Size:3036
Related CVE(s):CVE-2007-2829, CVE-2007-2830, CVE-2007-2831
Last Modified:Jun 12 20:31:03 2007
MD5 Checksum:3af3b5a0a95eb9ccb94dcdf88753de7c

 ///  File Name: glsa-200706-05.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-05 - ClamAV contains several vulnerabilities leading to a Denial of Service. Versions less than 0.90.3 are affected.
Homepage:http://security.gentoo.org
File Size:3570
Related CVE(s):CVE-2007-2650, CVE-2007-3023, CVE-2007-3024, CVE-2007-3122, CVE-2007-3123
Last Modified:Jun 19 14:33:43 2007
MD5 Checksum:0cb9690a962a7f744a3ba139db68180a

 ///  File Name: glsa-200706-06.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-06 - Mozilla developers fixed several bugs involving memory corruption through various vectors (CVE-2007-2867, CVE-2007-2868). Additionally, several errors leading to crash, memory exhaustion or CPU consumption were fixed (CVE-2007-1362, CVE-2007-2869). Finally, errors related to the APOP protocol (CVE-2007-1558), XSS prevention (CVE-2007-2870) and spoofing prevention (CVE-2007-2871) were fixed. Versions less than 2.0.0.4 are affected.
Homepage:http://security.gentoo.org
File Size:5791
Related CVE(s):CVE-2007-1362, CVE-2007-1558, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871
Last Modified:Jun 21 14:33:48 2007
MD5 Checksum:5a300a1b7e16245de39560d40541fd2f

 ///  File Name: glsa-200706-07.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-07 - Alexios Fakos from n.runs AG has discovered multiple vulnerabilities in PHProjekt, including the execution of arbitrary SQL commands using unknown vectors (CVE-2007-1575), the execution of arbitrary PHP code using an unrestricted file upload (CVE-2007-1639), cross-site request forgeries using different modules (CVE-2007-1638), and a cross-site scripting attack using unknown vectors (CVE-2007-1576). Versions less than 5.2.1 are affected.
Homepage:http://security.gentoo.org
File Size:3159
Related CVE(s):CVE-2007-1575, CVE-2007-1576, CVE-2007-1638, CVE-2007-1639
Last Modified:Jun 21 14:37:43 2007
MD5 Checksum:968e9959aa4eb7d59e528a545d790d4b

 ///  File Name: glsa-200706-09.txt
Description:
 Gentoo Linux Security Advisory GLSA 200706-09 - iDefense Labs have discovered that the exif_data_load_data_entry() function in libexif/exif-data.c improperly handles integer data while working with an image with many EXIF components, allowing an integer overflow possibly leading to a heap-based buffer overflow. Versions less than 0.6.16 are affected.
Homepage:http://security.gentoo.org
File Size:2768
Related CVE(s):CVE-2006-4168
Last Modified:Jun 29 00:31:23 2007
MD5 Checksum:25f011fc6cb7b0c4fa78bdcef1a05486

 ///  File Name: ibm-ds400.txt
Description:
 The IBM Totalstorage ds400 comes with unpassworded root access.
Author:kokanin
Homepage:http://www.lort.dk
File Size:2673
Last Modified:Jun 12 21:01:45 2007
MD5 Checksum:cde2ff111e2bfc41e6e205d930cc416d

 ///  File Name: icf-xss.txt
Description:
 The Internet Communication Framework from SAP suffers from a cross site scripting vulnerability. SAP Basis component versions 640 SP19 and below and SAP Basis component versions 700 SP11 and below are vulnerable.
Author:Cyrill Brunschwiler
Homepage:http://www.csnc.ch/
File Size:2276
Last Modified:Jun 29 01:05:04 2007
MD5 Checksum:b99a70ec87a15421b7c3258a9006d935

 ///  File Name: kaspersky-is6.txt
Description:
 Kaspersky Internet Security 6 hooks many functions in SSDT and in at least nine cases it fails to validate arguments that come from the user mode.
Homepage:http://www.matousec.com/
Related Exploit:BTP00000P006KA.zip
File Size:1433
Last Modified:Jun 15 14:45:25 2007
MD5 Checksum:7c65a8678ae988278cfbb4e964b3c93d

 ///  File Name: maradns-dos.txt
Description:
 MaraDNS versions 1.2.12.05-stable and below and 1.3.04-testing and below suffer from a denial of service condition.
Author:Joao Antunes
File Size:1309
Last Modified:Jun 20 00:58:34 2007
MD5 Checksum:43b9ef6d73586725777de4d3463a7a3a

 ///  File Name: MDKSA-2007-110.txt
Description:
 Mandriva Linux Security Advisory - A security hole was discovered in all versions of the PEAR Installer (http://pear.php.net/PEAR). The security hole is the most serious hole found to date in the PEAR Installer, and would allow a malicious package to install files anywhere in the filesystem. The vulnerability only affects users who are installing an intentionally created package with a malicious intent. Because the package is easily traced to its source, this is most likely to happen if a hacker were to compromise a PEAR channel server and alter a package to install a backdoor. In other words, it must be combined with other exploits to be a problem.
Homepage:http://www.mandriva.com/security/
File Size:4061
Related CVE(s):CVE-2007-2519
Last Modified:Jun 7 01:04:11 2007
MD5 Checksum:f6ecbce3634caf15e62dd8912f2a1b76

 ///  File Name: MDKSA-2007-111.txt
Description:
 Mandriva Linux Security Advisory - login in util-linux-2.12a (and later versions) skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok.
Homepage:http://www.mandriva.com/security/
File Size:5545
Related CVE(s):CVE-2006-7108
Last Modified:Jun 7 01:05:10 2007
MD5 Checksum:1525838457cd13c0565a4cdee3d87c97

 ///  File Name: MDKSA-2007-112.txt
Description:
 Mandriva Linux Security Advisory - Buffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches.
Homepage:http://www.mandriva.com/security/
File Size:5193
Related CVE(s):CVE-2006-6172
Last Modified:Jun 7 01:06:18 2007
MD5 Checksum:031625c37cb4542b1e4d1782a2c52e11

 ///  File Name: MDKSA-2007-113.txt
Description:
 Mandriva Linux Security Advisory - A flaw in the way mutt processed certain APOP authentication requests was discovered. By sending certain responses when mutt attempted to authenticate again an APOP server, a remote attacker could possibly obtain certain portions of the user's authentication credentials. A flaw in how mutt handled certain characters in gecos fields could lead to a buffer overflow. A local user able to give themselves a carefully crafted Real Name could potentially execute arbitrary code if a victim used mutt to expand the attacker's alias.
Homepage:http://www.mandriva.com/security/
File Size:4130
Related CVE(s):CVE-2007-1558, CVE-2007-2683
Last Modified:Jun 7 01:08:58 2007
MD5 Checksum:44522efdf33254500a24afe3d7a65841

 ///  File Name: MDKSA-2007-114.txt
Description:
 Mandriva Linux Security Advisory - The update to correct CVE-2007-1536 (MDKSA-2007:067), a buffer overflow in the file_printf() function, introduced a new integer overflow as reported by Colin Percival. This flaw, if an attacker could trick a user into running file on a specially crafted file, could possibly lead to the execution of arbitrary code with the privileges of the user running file. As well, in file 4.20, flawed regular expressions to identify OS/2 REXX files could lead to a denial of service via CPU consumption.
Homepage:http://www.mandriva.com/security/
File Size:6926
Related CVE(s):CVE-2007-2026, CVE-2007-2799
Last Modified:Jun 7 02:17:51 2007
MD5 Checksum:263caaec3eab0679a08a0df193a1ffc7

 ///  File Name: MDKSA-2007-115.txt
Description:
 Mandriva Linux Security Advisory - A vulnerability in the OLE2 parser in ClamAV was found that could allow a remote attacker to cause a denial of service via resource consumption with a carefully crafted OLE2 file.
Homepage:http://www.mandriva.com/security/
File Size:8097
Related CVE(s):CVE-2007-2650
Last Modified:Jun 7 01:16:25 2007
MD5 Checksum:b77ed71d32d55b8e04eafb3ba7be4d8b

 ///  File Name: MDKSA-2007-116.txt
Description:
 Mandriva Linux Security Advisory - A flaw how libpng handled malformed images was discovered. An attacker able to create a carefully crafted PNG image could cause an application linked with libpng to crash when the file was manipulated.
Homepage:http://www.mandriva.com/security/
File Size:5491
Related CVE(s):CVE-2007-2445
Last Modified:Jun 7 02:18:46 2007
MD5 Checksum:6ce6e06e41a0642ff41b2db091ad2d4a
 

 ///  Last 10 Files
  1. :· DDIVRT-2008-15.txt
  2. :· openssh-cbc-adv.txt
  3. :· joomlathyme-sql.txt
  4. :· BitDefenderDOS.zip
  5. :· fwknop-1.9.9.tar.gz
  6. :· kvirc-exec.txt
  7. :· vcalendar-disclose.txt
  8. :· ZDI-08-076.txt
  9. :· ZDI-08-075.txt
  10. :· toursmanager-blindsql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· DDIVRT-2008-15.txt
  2. :· openssh-cbc-adv.txt
  3. :· ZDI-08-076.txt
  4. :· ZDI-08-075.txt
  5. :· MDVSA-2008-233.txt
  6. :· SSRT080059.txt
  7. :· MDVSA-2008-220-1.txt
  8. :· MDVSA-2008-232.txt
  9. :· USN-674-1.txt
  10. :· dsa-1667-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· joomlathyme-sql.txt
  2. :· BitDefenderDOS.zip
  3. :· kvirc-exec.txt
  4. :· vcalendar-disclose.txt
  5. :· toursmanager-blindsql.txt
  6. :· phprsgal-sql.txt
  7. :· natterchat-sql.txt
  8. :· php526-bypass.txt
  9. :· phpfusion7001-sql.txt
  10. :· social-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· fwknop-1.9.9.tar.gz
  2. :· pysumpas-0.2.0.tar.gz
  3. :· framework-3.2.tar.gz
  4. :· tor.uclibc.i686.20081115.iso
  5. :· RFIDIOt-Windows-0.1u.zip
  6. :· RFIDIOt-0.1u.tgz
  7. :· dps-v1.5.tar.gz
  8. :· smbrelay3.zip
  9. :· mptrey.tar.gz
  10. :· dotnetsploitsrc-1.0.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· java2-malware.pdf
  2. :· return-to-libc-linux.txt
  3. :· stack-overflow-linux.txt
  4. :· smallest_setuid_execve_sc.c
  5. :· sudoers-shellcode.txt
  6. :· strongswan-4.2.9.tar.gz
  7. :· hodetector-shellcode.txt
  8. :· rtm-essential5.pdf
  9. :· unixasm-1.3.0.tar.gz
  10. :· bnd-networks.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice