.:[ packet storm ]:.
                             
low profile, high success
low profile, high success

 Section:  .. / 0707-advisories  /

Page 15 of 23
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 >> Files 350 - 375 of 557
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: sa26019.txt
Description:
 Secunia Security Advisory - A vulnerability and a security issue have been reported in Webmatic, which can be exploited by malicious users to bypass certain security restrictions or by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/advisories/26019/
File Size:2649
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:dc339fe190aa3a556e417011b838fd81

 ///  File Name: sa26009.txt
Description:
 Secunia Security Advisory - H4 has discovered a vulnerability in Mail Machine, which can be exploited by malicious people to disclose sensitive information.
Homepage:http://secunia.com/advisories/26009/
File Size:2266
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:c7b15b8b933b3aa4bc25f4400b6c7fb8

 ///  File Name: sa26007.txt
Description:
 Secunia Security Advisory - kw3rln has reported a vulnerability in FlashBB, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26007/
File Size:2325
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:d9dd74227c6b8d8fb61b89f2da44a7a4

 ///  File Name: sa26006.txt
Description:
 Secunia Security Advisory - Gentoo has acknowledged a vulnerability in XnView, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/26006/
File Size:2096
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:6106a2c1811c5d1a9f1eddac2ed93002

 ///  File Name: sa26000.txt
Description:
 Secunia Security Advisory - Tim Brown has discovered a vulnerability in ImgSvr, which can be exploited by malicious people to disclose sensitive information.
Homepage:http://secunia.com/advisories/26000/
File Size:2259
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:1d8b8243ba905ff4e13c01ac21dbf406

 ///  File Name: sa25998.txt
Description:
 Secunia Security Advisory - Jonathan Lindsay has reported a vulnerability in AVG Antivirus, which potentially can be exploited by malicious, local users to gain escalated privileges.
Homepage:http://secunia.com/advisories/25998/
File Size:2545
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:7b757955a17dcc272c89ea88f0b36e3d

 ///  File Name: sa25957.txt
Description:
 Secunia Security Advisory - Some security issues have been reported in Clavister CorePlus, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions.
Homepage:http://secunia.com/advisories/25957/
File Size:2612
Last Modified:Jul 13 02:55:11 2007
MD5 Checksum:dd020f34ec697bac94d79de979c640db

 ///  File Name: 07.11.07-7.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of an integer overflow vulnerability in Apple Computer Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in QuickTime players handling of the title and author fields in an SMIL file. When parsing an SMIL file, arithmetic calculations can cause insufficient memory to be allocated. When copying in user-supplied data from the SMIL file, a heap-based buffer overflow occurs. This results in a potentially exploitable condition. iDefense Labs confirmed this vulnerability exists in version 7.1.3 and 7.1.5 of QuickTime on Windows and Mac OS X. Previous versions are suspected to be vulnerable.
Author:David Vaartjes
Homepage:http://www.idefense.com/
File Size:3749
Related CVE(s):CVE-2007-2394
Last Modified:Jul 12 04:20:40 2007
MD5 Checksum:2a3cc0fd5e612bd18139afef28cdcb48

 ///  File Name: 07.11.07-6.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of a local file inclusion vulnerability in gpg_help.php in version 2.0 of the SquirrelMail G/PGP Plugin could allow an authenticated webmail user to execute arbitrary PHP code under the security context of the running web server. iDefense has confirmed the existence of this vulnerability in version 2.0 of the G/PGP Encryption Plugin for SquirrelMail. It is suspected that earlier versions of the plug-in are also affected.
Homepage:http://www.idefense.com/
File Size:3641
Related CVE(s):CVE-2006-4169
Last Modified:Jul 12 04:19:41 2007
MD5 Checksum:40a6dd2a758ab52216078a1dadd0edc1

 ///  File Name: 07.11.07-5.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of a command injection vulnerability in the G/PGP Encryption Plugin for The SquirrelMail Project Team's SquirrelMail webmail package allows attackers to execute arbitrary commands with the privileges of the underlying web server. The gpg_recv_key() function is affected. iDefense has confirmed the existence of this vulnerability in the latest version of the G/PGP Encryption Plugin for SquirrelMail, version 2.1. Furthermore, this vulnerability has been confirmed to exist as early as version 2.0. Other versions may be affected.
Homepage:http://www.idefense.com/
File Size:4123
Related CVE(s):CVE-2005-1924
Last Modified:Jul 12 04:18:10 2007
MD5 Checksum:85ec03ca46e9372ff23ffb76b3929be5

 ///  File Name: 07.11.07-4.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of a command injection vulnerability in the G/PGP Encryption Plugin for The SquirrelMail Project Team's SquirrelMail webmail package allows attackers to execute arbitrary commands with the privileges of the underlying web server. The gpg_check_sign_pgp_mime() function is affected. iDefense has confirmed the existence of this vulnerability in version 2.0 of the G/PGP Encryption Plugin for SquirrelMail. It is suspected that earlier versions of the plug-in are also affected.
Homepage:http://www.idefense.com/
File Size:3997
Last Modified:Jul 12 04:16:48 2007
MD5 Checksum:8e44a3d654e323aa396d2fdf8751771e

 ///  File Name: 07.11.07-3.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of a command injection vulnerability in the G/PGP Encryption Plugin for The SquirrelMail Project Team's SquirrelMail webmail package allows attackers to execute arbitrary commands with the privileges of the underlying web server. The deleteKey() functionality is affected. iDefense has confirmed the existence of this vulnerability in the latest version of the G/PGP Encryption Plugin for SquirrelMail, version 2.1. Furthermore, this vulnerability has been confirmed to exist as early as version 2.0. Other versions may be affected.
Homepage:http://www.idefense.com/
File Size:4131
Related CVE(s):CVE-2005-1924
Last Modified:Jul 12 04:16:02 2007
MD5 Checksum:a3ae17003817196eef6b310ecb3a4e2c

 ///  File Name: 07.11.07-2.txt
Description:
 iDefense Security Advisory 07.11.07 - Local exploitation of an input validation vulnerability in version 5.5.1.6 of symtdi.sys allows attackers to elevate privileges to SYSTEM. The vulnerability specifically exists due to improper address space validation when the \\symTDI\ device driver processes IOCTL 0x83022323. An attacker can overwrite an arbitrary address, including code segments, with a constant double word value by supplying a specially crafted Irp to the IOCTL handler function. iDefense confirmed this vulnerability in version 5.5.1.6 of Symantec's symtdi.sys device driver as included with version 10 of Symantec AntiVirus Corporate Edition. Previous versions and related products that contain the affected driver are suspected vulnerable.
Author:Zohiartze Herce
Homepage:http://www.idefense.com/
File Size:3537
Related CVE(s):CVE-2007-3673
Last Modified:Jul 12 04:12:12 2007
MD5 Checksum:bfa8d5d856fa94a003e3308a03769383

 ///  File Name: 07.11.07-1.txt
Description:
 iDefense Security Advisory 07.11.07 - Remote exploitation of a heap overflow vulnerability in Symantec Backup Exec could allow an unauthenticated attacker to create a denial of service condition or potentially execute arbitrary code. The flaw specifically exists within the RPC server that listens on TCP port 6106. When handling requests using the "ncacn_ip_tcp" protocol, the service will copy a user supplied amount of data into a fixed-size heap buffer. iDefense confirmed the existence of this vulnerability in Symantec Backup Exec 10d with all current hot-fixes and service packs applied. Other versions are suspected to be vulnerable.
Homepage:http://www.idefense.com/
File Size:3291
Related CVE(s):CVE-2007-3509
Last Modified:Jul 12 04:11:03 2007
MD5 Checksum:4cc94feac32d16129426e23162440125

 ///  File Name: TA07-192A.txt
Description:
 Technical Cyber Security Alert TA07-192A - There are critical vulnerabilities in Adobe Flash player and related software. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Homepage:http://www.us-cert.gov/
File Size:4175
Last Modified:Jul 12 04:09:46 2007
MD5 Checksum:2849962a8d6cbd7e802dea568dc4d748

 ///  File Name: glsa-200707-06.txt
Description:
 Gentoo Linux Security Advisory GLSA 200707-06 - XnView is vulnerable to a stack-based buffer overflow while processing an XPM file with an overly long section string (greater than 1024 bytes). Versions less than 1.70 are affected.
Homepage:http://security.gentoo.org
File Size:3170
Related CVE(s):CVE-2007-2194
Last Modified:Jul 12 04:09:00 2007
MD5 Checksum:5f162b42e05cbaae3228336635705b67

 ///  File Name: CX-2007-05.txt
Description:
 Calyptix Security Advisory - Multiple versions of eSoft's InstaGate EX2 UTM device are vulnerable to cross-site request forgery. The vulnerable firmwares include 3.1.20031001, 3.1.20060921, and 3.1.20070605. Other eSoft products were not tested. This vulnerability allows an attacker to run commands on the web interface if the attacker can get the eSoft user to view a hostile web page while logged into his eSoft. These actions could include opening up remote access.
Author:Daniel Weber
File Size:8547
Last Modified:Jul 12 04:08:35 2007
MD5 Checksum:62b1f9e4a7b2de970c0fee20d541e429

 ///  File Name: cisco-sa-20070711-voip.txt
Description:
 Cisco Security Advisory - Cisco Unified Communications Manager (CUCM), formerly CallManager, and Cisco Unified Presence Server (CUPS) contain two vulnerabilities that could allow an unauthorized administrator to activate and terminate CUCM / CUPS system services and access SNMP configuration information. This may respectively result in a denial of service (DoS) condition affecting CUCM/CUPS cluster systems and the disclosure of sensitive SNMP details, including community strings.
Homepage:http://www.cisco.com/
File Size:16279
Last Modified:Jul 12 04:03:48 2007
MD5 Checksum:ff511a349e03d39603d84611dd04fb3b

 ///  File Name: cisco-sa-20070711-cucm.txt
Description:
 Cisco Security Advisory - Cisco Unified Communications Manager (CUCM), formerly CallManager, contains two overflow vulnerabilities that could allow a remote, unauthenticated user to cause a denial of service (DoS) condition or execute arbitrary code.
Homepage:http://www.cisco.com/
File Size:17475
Last Modified:Jul 12 04:03:08 2007
MD5 Checksum:412f91f1831d634ce385a7976970fba2

 ///  File Name: meta-clamav.txt
Description:
 ClamAV versions below 0.91 crash while processing corrupted RAR files causing a null pointer dereference.
Homepage:http://www.metaeye.org/
File Size:1032
Last Modified:Jul 12 03:52:54 2007
MD5 Checksum:babbeec796bbc4352f24f68c1ddd8bf6

 ///  File Name: avg-kernel.txt
Description:
 The AVG Antivirus core kernel mode service driver (avg7core.sys) provides functionality that under a default install allows an unprivileged user to write arbitrary data to arbitrary addresses. This issue has been verified as affecting AVG Free 7.5.446 and AVG Antivirus 7.5.448. The version of avg7core.sys in question is 7.5.0.444.
Author:Jonathan Lindsay
Homepage:http://www.ngssoftware.com/
File Size:3946
Last Modified:Jul 12 03:32:19 2007
MD5 Checksum:0c71d2c4e264c9ccdca1526d60432760

 ///  File Name: CYBSEC-tipping.txt
Description:
 CYBSEC Security Advisory - The TippingPoint IPS suffers from a bypass vulnerability. TippingPoint IPS systems running TOS versions 2.1.x, 2.2.x prior to 2.2.5, and 2.5.x prior to 2.5.2 are affected.
Author:Andres Riancho
Homepage:http://www.cybsec.com/
File Size:2950
Last Modified:Jul 12 03:30:18 2007
MD5 Checksum:57b238da59f1d719d56fd6d96d8b000a

 ///  File Name: NGS-ad.txt
Description:
 NGSSoftware has discovered a low risk vulnerability in Active Directory which can allow an unauthenticated user to cause a denial of service condition on any affected system.
Author:Peter Winter-Smith
Homepage:http://www.ngssoftware.com/
File Size:1891
Last Modified:Jul 12 03:13:07 2007
MD5 Checksum:eca80fa6cf0664aee3fd00b9720dc2cb

 ///  File Name: USN-482-1.txt
Description:
 Ubuntu Security Notice 482-1 - John Heasman discovered that OpenOffice did not correctly validate the sizes of tags in RTF documents. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges.
Homepage:http://security.ubuntu.com/
File Size:40780
Related CVE(s):CVE-2007-0245
Last Modified:Jul 12 03:12:07 2007
MD5 Checksum:75edb6d8b7d27085e8b4f1cb97ca11fd

 ///  File Name: sa26032.txt
Description:
 Secunia Security Advisory - A vulnerability has been reported in Symantec Backup Exec, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26032/
File Size:2892
Last Modified:Jul 12 01:06:45 2007
MD5 Checksum:1daf7bcf7f18bff61169b11bf4df876f
 

 ///  Last 10 Files
  1. :· MDVSA-2008-210-1.txt
  2. :· MDVSA-2008-211.txt
  3. :· dsa-1646-2.txt
  4. :· cabrightstor-exec.txt
  5. :· joomlajeux-sql.txt
  6. :· joomlavideos-sql.txt
  7. :· joomlaphotos-sql.txt
  8. :· joomlaflash-sql.txt
  9. :· joomlaownbiblio-sql.txt
  10. :· eebcms-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2008-210-1.txt
  2. :· MDVSA-2008-211.txt
  3. :· dsa-1646-2.txt
  4. :· ZDI-08-067.txt
  5. :· CVE-2008-3271.txt
  6. :· USN-651-1.txt
  7. :· nokiaminimap-crash.txt
  8. :· FSC20081009-11.txt
  9. :· FSC20081009-12.txt
  10. :· caarcserve-dos.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· cabrightstor-exec.txt
  2. :· joomlajeux-sql.txt
  3. :· joomlavideos-sql.txt
  4. :· joomlaphotos-sql.txt
  5. :· joomlaflash-sql.txt
  6. :· joomlaownbiblio-sql.txt
  7. :· eebcms-xss.txt
  8. :· slimcms-escalate.txt
  9. :· joomlamad4-sql.txt
  10. :· joomlaignite-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· scapy-2.0.0.10.tar.gz
  2. :· bf10BETA.tar.gz
  3. :· RFIDIOt-Windows-0.1t.zip
  4. :· RFIDIOt-0.1t.tgz
  5. :· opennhrp-0.8.tar.bz2
  6. :· zfz20BETA.tar.gz
  7. :· fwknop-1.9.8.tar.gz
  8. :· msnshadow-0.3_beta.tar.bz2
  9. :· geoipgen0.2b.tgz
  10. :· thc-rfidiot.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· metasploitSMB.pdf
  2. :· webapps-attack.txt
  3. :· dirTraversal.txt
  4. :· targeting-voip.pdf
  5. :· oracle-assault.pdf
  6. :· ShellCodeForBeginners.pdf
  7. :· linux-setresuid.txt
  8. :· nufw-2.2.17.tar.gz
  9. :· slackfire-0.65.d-noarch-1.tgz
  10. :· strongswan-4.2.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice