.:[ packet storm ]:.
                               
preserving full disclosure
preserving full disclosure

 Section:  .. / 0602-advisories  /

Page 17 of 21
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 >> Files 400 - 425 of 514
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 02.07.06-6.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a design vulnerability in QNX Software Systems QNX Realtime Operating System (RTOS) allows attackers to execute arbitrary commands with root privileges. The problem specifically exists because QNX RTOS 6.3.0 ships with world writable permissions on the file /etc/rc.d/rc.local. iDefense has confirmed the existence of this vulnerability in QNX RTOS version 6.3.0. Version 6.0 was also tested and found to not be vulnerable.
Homepage:http://www.idefense.com
File Size:2969
Last Modified:Feb 8 06:30:49 2006
MD5 Checksum:5159b61548c532863f51b5a32633c3f9

 ///  File Name: 02.07.06-5.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a denial of service vulnerability in QNX Software Systems QNX Realtime Operating System (RTOS) allows attackers to crash the operating system. iDefense has confirmed the existence of this vulnerability in QNX RTOS version 6.3.0. Version 6.0 was also tested and found to not be vulnerable.
Homepage:http://www.idefense.com
File Size:2675
Last Modified:Feb 8 06:29:51 2006
MD5 Checksum:a74427fdc0caa66182fbf13005ce4b41

 ///  File Name: 02.07.06-4.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'su' command allows attackers to gain root privileges. The problem specifically exists in the parsing of a long string passed as the first argument to the set user id (setuid) binary 'su'. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.0. Earlier versions are suspected to be susceptible to exploitation as well.
Author:Texonet
Homepage:http://www.idefense.com
File Size:2934
Last Modified:Feb 8 06:28:47 2006
MD5 Checksum:4b68bb38a3931b8a9961642e65081d8d

 ///  File Name: 02.07.06-3.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'phgrafx' command allows attackers to gain root privileges. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are suspected to be susceptible to exploitation as well.
Author:Knud Hojgaard
Homepage:http://www.idefense.com
File Size:2883
Last Modified:Feb 8 06:27:38 2006
MD5 Checksum:0a6b5c3a37e249f27172383d9db37d35

 ///  File Name: 02.07.06-2.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a race condition vulnerability in QNX Neutrino RTOS's (QNX) phfont command allows attackers to gain root privileges. QNX Neutrino RTOS is a real-time operating system designed for use in embedded systems. The problem specifically exists because phfont spawns another command, phfontphf, without proper sanity checking. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are also suspected to be susceptible to exploitation.
Author:Knud Hojgaard
Homepage:http://www.idefense.com
File Size:2971
Last Modified:Feb 8 06:26:41 2006
MD5 Checksum:e0bc6779d4f1d17549b26c4a6809691a

 ///  File Name: 02.07.06-1.txt
Description:
 iDefense Security Advisory 02.07.06 - Local exploitation of a stack-based buffer overflow vulnerability in QNX Inc.'s Neutrino RTOS Operating System allows local attackers to gain root privileges. The vulnerability specifically exists due to improper handling of environment variables in the libph system library. iDefense has confirmed the existence of this vulnerability on QNX Neutrino RTOS 6.3.0. All versions are suspected vulnerable.
Author:Filipe Balestra
Homepage:http://www.idefense.com
File Size:4842
Last Modified:Feb 8 06:25:07 2006
MD5 Checksum:94a5cddb5df520fc5e6adc3c707d9a0d

 ///  File Name: TA06-038A.txt
Description:
 Several vulnerabilities exist in the Mozilla web browser and derived products, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system. Version of Mozilla Firefox below 1.5.0.1 and versions of SeaMonkey below 1.0 are affected.
Homepage:http://www.kb.cert.org/
File Size:4445
Related CVE(s):CVE-2006-0296, CVE-2006-0295
Last Modified:Feb 8 06:14:28 2006
MD5 Checksum:50217de4119d3aa6ab0bb424c9e06e4e

 ///  File Name: lexmark.txt
Description:
 NGSSoftware has discovered a high risk vulnerability in the Lexmark Printer Sharing service which could allow a remote, unauthenticated attacker to execute arbitrary code on a Lexmark printer user's computer system with Local System privileges. A workaround is included in the advisory.
Author:Peter Winter-Smith
Homepage:http://www.ngssoftware.com/
File Size:3393
Last Modified:Feb 8 06:11:40 2006
MD5 Checksum:fbae06f8de8f7f05db51a23123ae4a1d

 ///  File Name: MDKSA-2006-034.txt
Description:
 Mandriva Linux Security Advisory - A flaw was discovered in the scp local-to-local copy implementation where filenames that contain shell metacharacters or spaces are expanded twice, which could lead to the execution of arbitrary commands if a local user could be tricked into a scp'ing a specially crafted filename.
Homepage:http://www.mandriva.com/security/
File Size:8559
Last Modified:Feb 7 22:45:09 2006
MD5 Checksum:0a2b09d1ab70260df41599f152e89796

 ///  File Name: dsa-965-1.txt
Description:
 Debian Security Advisory DSA 965-1 - The Internet Key Exchange version 1 (IKEv1) implementation in racoon from ipsec-tools, IPsec tools for Linux, try to dereference a NULL pointer under certain conditions which allows a remote attacker to cause a denial of service.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:7278
Last Modified:Feb 7 22:44:33 2006
MD5 Checksum:e78aee54cd22c116c6c58cdc8ebace62

 ///  File Name: DarkStarlings.txt
Description:
 DarkStarlings products are vulnerable to arbitrary script code inclusion sue to improperly sanitized user inputs.
Homepage:http://willboyce.com
File Size:841
Last Modified:Feb 7 22:39:04 2006
MD5 Checksum:2d2a4eba0a14730c864ab1b68c9afd56

 ///  File Name: PseudoRandom-php.txt
Description:
 Due to poor design the gen_rand_string() can only generate up to 1 million hashes or random strings. This allow an attacker to reset any account through the lost password request form by "predicting" the validation id and the new password for the account. Vulnerabilities verified on phpBB 2.0.19 and IPB 2.1.4.
Author:r-security
Homepage:http://www.r-security.net/tutorials/view/readtutorial.php?id=4
File Size:8520
Last Modified:Feb 7 22:37:41 2006
MD5 Checksum:0bd874e0735c50fd106fc6de4339c80e

 ///  File Name: cpanel10-mime_handle.txt
Description:
 The mime/handle.html of cPanel 10 is vulnerable to an XSS vulnerability.
Author:Shell
File Size:934
Last Modified:Feb 7 22:30:50 2006
MD5 Checksum:589b97b0065eac85bd7e7665b9aad032

 ///  File Name: PSCipher-enc.txt
Description:
 PeopleSoft People Tools 8.4x uses PSCipher() for encryption/hashing purposes which suffers from several problems that can allow the encryption to become compromised.
Author:i-assure
Homepage:http://www.i-assure.com
File Size:4641
Last Modified:Feb 7 22:24:38 2006
MD5 Checksum:7cf00ba2bb6d69badc7809d35111270a

 ///  File Name: glsa-200602-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-03 - Apache's mod_imap fails to properly sanitize the Referer directive of imagemaps in some cases, leaving the HTTP Referer header unescaped. A flaw in mod_ssl can lead to a NULL pointer dereference if the site uses a custom Error 400 document. These vulnerabilities were reported by Marc Cox and Hartmut Keil, respectively. Versions less than 2.0.55-r1 are affected.
Homepage:http://security.gentoo.org
File Size:4150
Last Modified:Feb 7 22:18:18 2006
MD5 Checksum:230c7b6d54832b4e8ea6a940f0fbc5b3

 ///  File Name: glsa-200602-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200602-02 - Andy Staudacher discovered that ADOdb does not properly sanitize all parameters. Versions less than 4.71 are affected.
Homepage:http://security.gentoo.org
File Size:2927
Last Modified:Feb 7 22:18:10 2006
MD5 Checksum:99bbebe91b834b28249490a84fe6a9d7

 ///  File Name: sa18748.txt
Description:
 Secunia Security Advisory - coderpunk has discovered a vulnerability in Mailback, which can be exploited by malicious people to bypass certain security restrictions.
Homepage:http://secunia.com/advisories/18748/
File Size:1946
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:5d1f101a61267db44f2c84bae5a417c6

 ///  File Name: sa18746.txt
Description:
 Secunia Security Advisory - Gentoo has issued an update for gst-plugins-ffmpeg. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
Homepage:http://secunia.com/advisories/18746/
File Size:1636
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:d4acecddc50986e7a6072f8d65efd144

 ///  File Name: sa18745.txt
Description:
 Secunia Security Advisory - Gentoo has issued an update for adodb. This fixes a vulnerability, which potentially can be exploited by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/advisories/18745/
File Size:1546
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:d5da1a248a94d46d769cd7b49161caae

 ///  File Name: sa18743.txt
Description:
 Secunia Security Advisory - Gentoo has issued an update for apache. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and to cause a DoS (Denial of Service).
Homepage:http://secunia.com/advisories/18743/
File Size:1920
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:5674a8fa6008b37a4d9ff2704cf60082

 ///  File Name: sa18742.txt
Description:
 Secunia Security Advisory - Debian has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Homepage:http://secunia.com/advisories/18742/
File Size:6091
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:8f0aa5fd2d470f523e267f48f49bd395

 ///  File Name: sa18740.txt
Description:
 Secunia Security Advisory - bratax has discovered a vulnerability in Microsoft HTML Help Workshop, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/18740/
File Size:1945
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:aa3bf5cfb8a932e717a948d74ceae819

 ///  File Name: sa18739.txt
Description:
 Secunia Security Advisory - A vulnerability has been reported in GStreamer FFmpeg Plug-in, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
Homepage:http://secunia.com/advisories/18739/
File Size:1648
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:585e0e1d168bb175033b0ba361fde558

 ///  File Name: sa18738.txt
Description:
 Secunia Security Advisory - Evgeny Legerov has discovered a vulnerability in Lotus Domino, which can be exploited by malicious people to cause a DoS (Denial of Service).
Homepage:http://secunia.com/advisories/18738/
File Size:1825
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:52d8cd59e54a5e26439e50976c71e14a

 ///  File Name: sa18737.txt
Description:
 Secunia Security Advisory - Aliaksandr Hartsuyeu has reported a vulnerability in MyQuiz, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/18737/
File Size:1833
Last Modified:Feb 7 19:32:22 2006
MD5 Checksum:88ec035ed93e02959e1558c263e6b7e1
 

 ///  Last 10 Files
  1. :· BrowserRider.20081124.tar.bz2
  2. :· pieweb-rfi.txt
  3. :· FreeBSD-SA-08.11.arc4random.txt
  4. :· USN-677-1.txt
  5. :· dsa-1671-1.txt
  6. :· dsa-1670-1.txt
  7. :· quicksilverforums-rce.txt
  8. :· webstudio-sql.txt
  9. :· siemens-dos.txt
  10. :· nitrotech-rfisql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· FreeBSD-SA-08.11.arc4random.txt
  2. :· USN-677-1.txt
  3. :· dsa-1671-1.txt
  4. :· dsa-1670-1.txt
  5. :· USN-676-1.txt
  6. :· USN-675-2.txt
  7. :· USN-675-1.txt
  8. :· USN-674-2.txt
  9. :· SVRT-05-08.txt
  10. :· 2008-01-flash.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· pieweb-rfi.txt
  2. :· quicksilverforums-rce.txt
  3. :· webstudio-sql.txt
  4. :· siemens-dos.txt
  5. :· nitrotech-rfisql.txt
  6. :· bandwebsite-sqlxss.txt
  7. :· ftpzik-xsslfi.txt
  8. :· tvp-crash.txt
  9. :· googlechrome-obfuscate.tgz
  10. :· w3camayaid-overflow.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· BrowserRider.20081124.tar.bz2
  2. :· mp3nema-v0_2.tar.gz
  3. :· squid-nufw-helper-1.1.3.tar.gz
  4. :· xplico-0.1_deft4.tgz
  5. :· ksplice-0.9.4-src.tar.gz
  6. :· fwknop-1.9.9.tar.gz
  7. :· pysumpas-0.2.0.tar.gz
  8. :· framework-3.2.tar.gz
  9. :· tor.uclibc.i686.20081115.iso
  10. :· RFIDIOt-Windows-0.1u.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· tcpip_lib51.zip
  2. :· linuxrsa-shellcode.txt
  3. :· linuxcb-shellcode.txt
  4. :· 25bytes-execve.txt
  5. :· execve-shellcode.txt
  6. :· java2-malware.pdf
  7. :· return-to-libc-linux.txt
  8. :· stack-overflow-linux.txt
  9. :· smallest_setuid_execve_sc.c
  10. :· sudoers-shellcode.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice