.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / 0707-advisories  /

Page 23 of 23
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 >> Files 550 - 557 of 557
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: ZDI-07-039.txt
Description:
 A vulnerability allows attackers to create a denial of service condition on software with vulnerable installations of the Symantec's AntiVirus engine. Authentication is not required to exploit this vulnerability. The specific flaw resides in a forged PACK_SIZE field of a RAR file header. By setting this field to a specific value an infinite loop denial of service condition will occur when the scanner processes the file.
Homepage:http://www.zerodayinitiative.com/
File Size:3099
Related CVE(s):CVE-2007-3699
Last Modified:Jul 13 23:58:15 2007
MD5 Checksum:ef3052215879695af8421987750c8dd3

 ///  File Name: ZDI-07-040.txt
Description:
 A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of Symantec's AntiVirus Engine. User interaction is not required to exploit this vulnerability. The specific flaw exists during the process of scanning multiple maliciously formatted CAB archives. The parsing routine implicitly trusts certain user-supplied values that can result in an exploitable heap corruption.
Homepage:http://www.zerodayinitiative.com/
File Size:3106
Related CVE(s):CVE-2007-0447
Last Modified:Jul 13 23:59:13 2007
MD5 Checksum:be8e5cb1bb99fd0fd8db4aeca12bec60

 ///  File Name: ZDI-07-041.txt
Description:
 A vulnerability allows remote attackers to execute arbitrary code on affected installations of Panda AdminSecure. Authentication is not required to exploit this vulnerability.
Homepage:http://www.zerodayinitiative.com/
File Size:3246
Related CVE(s):CVE-2007-3026
Last Modified:Jul 25 06:30:18 2007
MD5 Checksum:684a05286a2436521a88c1ca8d97400c

 ///  File Name: ZDI-07-042.txt
Description:
 A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability. The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition.
Author:Sebastian Apelt
Homepage:http://www.zerodayinitiative.com/
File Size:3289
Related CVE(s):CVE-2007-2795
Last Modified:Jul 25 06:31:47 2007
MD5 Checksum:e595d01aebe1824018e5170a0c039dc9

 ///  File Name: ZDI-07-043.txt
Description:
 This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is required to exploit this vulnerability. The specific flaw exists due to a lack of bounds checking during the parsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs.
Author:Sebastian Apelt
Homepage:http://www.zerodayinitiative.com/
File Size:3175
Related CVE(s):CVE-2007-2795
Last Modified:Jul 25 06:32:46 2007
MD5 Checksum:4d9363e8bfef764f9a43302e007ecf63

 ///  File Name: ZDI-07-044.txt
Description:
 A vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of BakBone NetVault Reporter. User interaction is not required to exploit this vulnerability. BakBone NetVault Reporter version 3.5 prior to Update4 is susceptible.
Author:Tenable Network Security
Homepage:http://www.zerodayinitiative.com/
File Size:4275
Related CVE(s):CVE-2007-3911
Last Modified:Jul 26 07:26:04 2007
MD5 Checksum:51d457a83d1c128abf33d53e47450e09

 ///  File Name: zencart-fixation.txt
Description:
 Zen Cart version 1.3.7 suffers from a session fixation issue in its backend administration interface.
Author:Tomaz Bratusa
Homepage:http://www.teamintell.com/
File Size:5126
Last Modified:Jul 7 06:48:39 2007
MD5 Checksum:51fbe0f53ba148f62706b43478709dec
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice