.:[ packet storm ]:.
                             
the vulnerability safehouse
the vulnerability safehouse

 Section:  .. / 0611-advisories  /

Page 27 of 27
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 >> Files 650 - 670 of 670
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: USN-387-1.txt
Description:
 Ubuntu Security Notice 387-1 - Dovecot was discovered to have an error when handling its index cache files. This error could be exploited by authenticated POP and IMAP users to cause a crash of the Dovecot server, or possibly to execute arbitrary code. Only servers using the non-default option "mmap_disable=yes" were vulnerable.
Homepage:http://security.ubuntu.com/
File Size:6320
Related CVE(s):CVE-2006-5973
Last Modified:Nov 30 19:14:45 2006
MD5 Checksum:62f8dcbd3a3d4b3b0fdcc6f655dedd55

 ///  File Name: virtech-xss.txt
Description:
 The VIRtechs Netquery system suffers from a cross site scripting flaw.
Author:Tal Argoni
File Size:1846
Last Modified:Nov 2 20:42:15 2006
MD5 Checksum:a86194c66a8c5cd85e4dbaffa70d6b3d

 ///  File Name: VMSA-2006-0005.txt
Description:
 VMware Security Advisory - A new update has been released for VMware ESX versions 2.5.4 prior to upgrade patch 1. This patch addresses vulnerabilities in ucd-snmp, XFree86, an AMD fxsave/restore security flaw, some minor information leaks, and more.
Homepage:http://www.vmware.com/
File Size:4024
Related CVE(s):CVE-2005-2177, CVE-2006-3467, CVE-2006-1056, CVE-2006-1342, CVE-2006-1343, CVE-2006-1864, CVE-2006-2071
Last Modified:Nov 14 03:15:16 2006
MD5 Checksum:2c2c7135a54317ec1346817dca2e51fc

 ///  File Name: VMSA-2006-0006.txt
Description:
 VMware Security Advisory - A new update has been released for VMware ESX versions 2.5.3 prior to upgrade patch 4. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.
Homepage:http://www.vmware.com/
File Size:5470
Related CVE(s):CAN-2004-2069, CVE-2006-3403, CVE-2005-2177, CVE-2006-3467, CVE-2006-1056, CVE-2006-1342, CVE-2006-1343, CVE-2006-1864, CVE-2006-2071
Last Modified:Nov 14 03:17:33 2006
MD5 Checksum:3f5369604f0c4d48579db01e332e6a04

 ///  File Name: VMSA-2006-0007.txt
Description:
 VMware Security Advisory - A new update has been released for VMware ESX 2.1.3 versions prior to upgrade patch 2. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.
Homepage:http://www.vmware.com/
File Size:5214
Related CVE(s):CAN-2004-2069, CVE-2006-3403, CVE-2005-2177, CVE-2006-3467, CVE-2006-1056, CVE-2006-1342, CVE-2006-1343, CVE-2006-1864, CVE-2006-2071
Last Modified:Nov 14 03:19:47 2006
MD5 Checksum:4f3cbd421d4a3476d5b84152399b3673

 ///  File Name: VMSA-2006-0008.txt
Description:
 VMware Security Advisory - A new update has been released for VMware ESX 2.0.2 versions prior to upgrade patch 2. This patch addresses vulnerabilities in Openssh, samba, Python, ucd-snmp, XFree86, and more.
Homepage:http://www.vmware.com/
File Size:4672
Related CVE(s):CAN-2004-2069, CVE-2006-3403, CVE-2005-2177, CVE-2006-3467, CVE-2006-1056, CVE-2006-1342, CVE-2006-1343, CVE-2006-1864, CVE-2006-2071
Last Modified:Nov 14 03:20:33 2006
MD5 Checksum:bb35ebbd06f52a0140b2bf867e5172fa

 ///  File Name: VMSA-2006-0009.txt
Description:
 VMware Security Advisory - A new update has been released for VMware ESX Server version 3.0.0. This patch addresses the AMD fxsave/restore security vulnerability.
Homepage:http://www.vmware.com/
File Size:3413
Related CVE(s):CAN-2006-1056
Last Modified:Nov 14 03:22:15 2006
MD5 Checksum:fbb068276771c1e7463a3712434aea83

 ///  File Name: VMSA-2006-0010.txt
Description:
 VMware Security Advisory - VMware VirtualCenter client 2.x before 2.0.1 Patch 1 (Build 33643) and 1.4.x before 1.4.1 Patch 1 (Build 33425), does not verify the server's X.509 certificate when creating an SSL session, which allows remote malicious servers to spoof valid servers via a man-in-the-middle attack.
Homepage:http://www.vmware.com/
File Size:3676
Related CVE(s):CAN-2006-5990
Last Modified:Nov 26 20:35:21 2006
MD5 Checksum:fdd92aee26baac028d88a86ede28df38

 ///  File Name: walla-xss.txt
Description:
 The Web Mail service by "Walla! Communications LTD" suffers from a cross site scripting flaw.
Author:Tal Argoni
File Size:1906
Last Modified:Nov 2 20:42:54 2006
MD5 Checksum:a14fb3f6596c2db75bc4714e0e553547

 ///  File Name: WarFTPd-dos.txt
Description:
 WarFTPd 1.82.00-RC11 is vulnerable to a DOS condition when passing a long string to various commands.
Author:Joxean Koret
Related File:WarFTPd-dos.py
File Size:1731
Last Modified:Nov 8 18:36:51 2006
MD5 Checksum:93115b3f53712e34d1a190c780db15e0

 ///  File Name: webmail-xss.txt
Description:
 The Web Mail platform by "Mirapoint" suffers from a cross site scripting flaw.
Author:Tal Argoni
File Size:2306
Last Modified:Nov 2 20:41:29 2006
MD5 Checksum:e6a6b2cc18b61d5b4529491d0d66c77f

 ///  File Name: WFTPD-3.23.txt
Description:
 A buffer overflow with possible remote code execution was found in the APPE command in WFTPD Pro Server 3.23.
Author:Joxean Koret
Related Exploit:WFTPD-bof.py
File Size:937
Last Modified:Nov 8 18:59:05 2006
MD5 Checksum:5d7d6ddf80be23ea8a98131ab1767ee8

 ///  File Name: WR254-CA-dns.txt
Description:
 The Hawking Technology wireless router model WR254-CA contains a hardcoded DNS server address which is used first even when an ISP dns server is specified, thus sending information to a potentially hostile server about what sites you are connecting to.
Author:Nikolai Grigoriev
File Size:1860
Last Modified:Nov 1 17:34:23 2006
MD5 Checksum:c026af51dc3168fb4288dada6aceabc3

 ///  File Name: ZDI-06-036.txt
Description:
 ZDI-06-036: Novell Netmail User Authentication Buffer Overflow Vulnerability - The specific flaw exists within the user authentication component of Novell Netmail. The routine responsible for authenticating Netmail users lacks adequate bounds checking when processing a username containing one or more period (.) characters. The affected code is reused by several Netmail services including SMTP, POP, IMAP, HTTP and the proprietary NMAP. Each of these services is vulnerable to an exploitable stack-based buffer overflow.
Homepage:http://www.zerodayinitiative.com/
File Size:2992
Last Modified:Nov 3 18:06:15 2006
MD5 Checksum:82e9c8131cd176119f057ca5ffaa3941

 ///  File Name: ZDI-06-037.txt
Description:
 A vulnerability in the America Online ICQ ActiveX Control allows attackers to execute arbitrary code on vulnerable installations. User interaction is not required to exploit this vulnerability.
Homepage:http://www.zerodayinitiative.com/
File Size:2703
Related CVE(s):CVE-2006-5650
Last Modified:Nov 7 00:37:03 2006
MD5 Checksum:d14834e70ab1a4bf84b6f3029e90f945

 ///  File Name: ZDI-06-038.txt
Description:
 A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix MetaFrame Presentation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine IMA_SECURE_DecryptData1() defined in ImaSystem.dll and is reachable through the Independent Management Architecture (IMA) service (ImaSrv.exe) that listens on TCP port 2512 or 2513. The encryption scheme used is reversible and relies on several 32-bit fields indicating the size of the packet and the offsets to the authentication strings. During the decryption of authentication data an attacker can specify invalid sizes that result in an exploitable heap corruption.
Homepage:http://www.zerodayinitiative.com/
File Size:3098
Related CVE(s):CVE-2006-5821
Last Modified:Nov 13 10:35:03 2006
MD5 Checksum:f0bd5ceb8b34ccd9f92b4d36d57575d7

 ///  File Name: ZDI-06-039.txt
Description:
 A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Marshal MailMarshal (formerly of NetIQ). Authentication is not required to exploit this vulnerability. The specific flaw exists within the extraction and scanning of ARJ compressed attachments. Due to incorrect sandboxing of extracted filenames that contain directory traversal modifiers such as "../", an attacker can cause an executable to be created in an arbitrary location. Affected are MailMarshal SMTP 5.x, 6.x, and 2006 and MailMarshal for Exchange 5.x.
Homepage:http://www.zerodayinitiative.com/
File Size:2847
Related CVE(s):CVE-2006-5487
Last Modified:Nov 13 11:11:51 2006
MD5 Checksum:d482dcd713a7808dbf5015d0395dc535

 ///  File Name: ZDI-06-040.txt
Description:
 A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of WinZip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected is WinZip 10.0 (pre build 7245).
Homepage:http://www.zerodayinitiative.com/
File Size:2690
Related CVE(s):CVE-2006-5198
Last Modified:Nov 16 10:52:35 2006
MD5 Checksum:4590f18f8d729ff9e68c6744037ff57a

 ///  File Name: ZDI-06-041.txt
Description:
 A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper parsing of HTML CSS 'float' properties. By ordering specially crafted 'div' tags in a web page, memory corruption can occur leading to remote code execution. Internet Explorer version 6 is affected.
Homepage:http://www.zerodayinitiative.com/
File Size:2547
Related CVE(s):CVE-2006-4687
Last Modified:Nov 16 10:54:28 2006
MD5 Checksum:12fbd5b70ece2d5a03788adc9df9460f

 ///  File Name: ZDI-06-042.txt
Description:
 A vulnerability allows remote attackers to proxy web attacks and scan internal hosts through vulnerable installations of Verity Ultraseek. Authentication is not required to exploit this vulnerability. The specific flaw exists within the highlight script used to highlight search terms on spidered pages. An attacker can directly access the highlight script at '/highlight/index.html' to pass parameters to and retrieve content from arbitrary URLs. The same script can also be abused to enumerate otherwise inaccessible internal addresses and open ports.
Author:sullo
Homepage:http://www.zerodayinitiative.com/
File Size:3735
Related CVE(s):CVE-2006-5819
Last Modified:Nov 16 12:26:07 2006
MD5 Checksum:99c032d405a177ee8e3a87b4df6ceef2
 

 ///  Last 10 Files
  1. :· browser_insecurity_iceberg_2008.pdf
  2. :· SSRT080039.txt
  3. :· 25C3-CFP.txt
  4. :· SCANIT-2008-003.txt
  5. :· SCANIT-2008-002.txt
  6. :· SCANIT-2008-001.txt
  7. :· usurdat.zip
  8. :· usurdat.txt
  9. :· glsa-200807-02.txt
  10. :· glsa-200807-01.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· SSRT080039.txt
  2. :· SCANIT-2008-003.txt
  3. :· SCANIT-2008-002.txt
  4. :· SCANIT-2008-001.txt
  5. :· usurdat.txt
  6. :· glsa-200807-02.txt
  7. :· glsa-200807-01.txt
  8. :· USN-617-2.txt
  9. :· haloloop2.txt
  10. :· stalker39x.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· usurdat.zip
  2. :· blogparticle-traverse.txt
  3. :· hbr-rfi.txt
  4. :· 0806-exploits.tgz
  5. :· mambongal-sql.txt
  6. :· psys070-sql.txt
  7. :· pivot-disclosure.txt
  8. :· rcm-sql.txt
  9. :· barenuked-admin.txt
  10. :· faname10-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· pktanon-1.2.0-dev.tar.gz
  2. :· unhide20080519.tgz
  3. :· prelude-manager-0.9.13.tar.gz
  4. :· nwldapbf.txt
  5. :· dnsenum1.2.tar.gz
  6. :· grubbrute.txt
  7. :· bsqlbf-v2.1.zip
  8. :· rfdump-1.6.tar.gz
  9. :· tmin-0.04.tar.gz
  10. :· iptables-1.4.1.1.tar.bz2
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· browser_insecurity_iceberg_2008.pdf
  2. :· 25C3-CFP.txt
  3. :· bacom2008-cfp.txt
  4. :· strongswan-4.2.4.tar.gz
  5. :· Reverse.Engineering.AntiCracking.Techniques.pdf
  6. :· An-approach-to-malware-collection-log-visualization.pdf
  7. :· the-extended-html-form-attack-revisited.pdf
  8. :· ISOI-CFP2008.txt
  9. :· DEFE-24-1925.pdf
  10. :· DEFE-24-1924.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice