.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / 0707-advisories  /

Page 5 of 23
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 >> Files 100 - 125 of 557
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: CAID-35525-35526.txt
Description:
 CA products that utilize the Arclib library contain two denial of service vulnerabilities. The first vulnerability is due to an application hang when processing a specially malformed CHM file. The second vulnerability is due to an application hang when processing a specially malformed RAR file.
Author:Ken Williams
Homepage:http://www3.ca.com/
File Size:7381
Related CVE(s):CVE-2007-3875, CVE-2007-5645
Last Modified:Jul 25 06:50:57 2007
MD5 Checksum:10a5665874d17a5c342ba0a0e56e4924

 ///  File Name: CAID-35524.txt
Description:
 eTrust Intrusion Detection contains a vulnerability associated with the caller.dll ActiveX control. The vulnerability is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.
Author:Ken Williams
Homepage:http://www3.ca.com/
File Size:4401
Related CVE(s):CVE-2007-3302
Last Modified:Jul 25 06:49:01 2007
MD5 Checksum:0f81f87e5fb0e8acadbc9da84286310e

 ///  File Name: glsa-200707-08.txt
Description:
 Gentoo Linux Security Advisory GLSA 200707-08 - Tavis Ormandy of the Gentoo Linux Security Team discovered that NVClock makes usage of an insecure temporary file in the /tmp directory. Versions less than 0.7-r2 are affected.
Homepage:http://security.gentoo.org
File Size:2501
Related CVE(s):CVE-2007-3531
Last Modified:Jul 25 06:46:50 2007
MD5 Checksum:72eb1e09e9af884741c4657afe5eaf6f

 ///  File Name: glsa-200707-07.txt
Description:
 Gentoo Linux Security Advisory GLSA 200707-07 - Secunia Research discovered several boundary errors in the functions cddb_query_parse(), cddb_parse_matches_list() and cddb_read_parse(), each allowing for a stack-based buffer overflow. Versions less than 1.0.20070622 are affected.
Homepage:http://security.gentoo.org/
File Size:2694
Related CVE(s):CVE-2007-2948
Last Modified:Jul 25 06:46:19 2007
MD5 Checksum:58f4ae93faca1230cdc806422c250b56

 ///  File Name: 07.24.07-2.txt
Description:
 iDefense Security Advisory 07.24.07 - Remote exploitation of a design error vulnerability in Computer Associates International Inc.'s (CA) eTrust Intrusion Detection allows attackers to execute arbitrary code. iDefense has confirmed that CA eTrust Intrusion Detection version 3.0.5 on Windows is vulnerable. The file version of caller.dll tested was 3.0.5.55.
Author:Sebastian Apelt
Homepage:http://www.idefense.com/
File Size:3291
Related CVE(s):CVE-2007-3302
Last Modified:Jul 25 06:43:52 2007
MD5 Checksum:9d2f71feb74c13277bfb86cb0ac81e17

 ///  File Name: 07.24.07-1.txt
Description:
 iDefense Security Advisory 07.24.07 - Remote exploitation of a denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust Antivirus products could allow attackers to create a DoS condition on the affected computer. When eTrust Antivirus engine scans a malformed CHM file that has an invalid 'previous listing chunk number' field, the scanner will enter an infinite loop and be unable to process any other files. iDefense has confirmed this vulnerability in eTrust AntiVirus version r8. Previous versions of eTrust Antivirus are suspected vulnerable. Other Computer Associates products, as well as derived products, may also be vulnerable.
Homepage:http://www.idefense.com/
File Size:3134
Related CVE(s):CVE-2007-3875
Last Modified:Jul 25 06:42:29 2007
MD5 Checksum:c9e430e97c86ccb8e479f4edf4a11819

 ///  File Name: TPTI-07-13.txt
Description:
 A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland Interbase. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service, ibserver.exe, which binds to TCP port 3050.
Author:Cody Pierce
Homepage:http://dvlabs.tippingpoint.com/
File Size:2818
Related CVE(s):CVE-2007-3566
Last Modified:Jul 25 06:34:21 2007
MD5 Checksum:8cf4fbcf329b25381c70d8c3caf254d6

 ///  File Name: ZDI-07-043.txt
Description:
 This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is required to exploit this vulnerability. The specific flaw exists due to a lack of bounds checking during the parsing of arguments to the SUBSCRIBE IMAP command sent to the IMAP daemon listening by default on TCP port 143. By providing an overly long string as the argument, an exploitable stack-based buffer overflow occurs.
Author:Sebastian Apelt
Homepage:http://www.zerodayinitiative.com/
File Size:3175
Related CVE(s):CVE-2007-2795
Last Modified:Jul 25 06:32:46 2007
MD5 Checksum:4d9363e8bfef764f9a43302e007ecf63

 ///  File Name: ZDI-07-042.txt
Description:
 A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Ipswitch IMail and ICS server. Authentication is not required to exploit this vulnerability. The specific flaw resides in IMailsec.dll while attempting to authenticate users. The affected component is used by multiple services that listen on a default installation. The authentication mechanism copies user-supplied data into fixed length heap buffers using the lstrcpyA() function. The unbounded copy operation can cause a memory corruption resulting in an exploitable condition.
Author:Sebastian Apelt
Homepage:http://www.zerodayinitiative.com/
File Size:3289
Related CVE(s):CVE-2007-2795
Last Modified:Jul 25 06:31:47 2007
MD5 Checksum:e595d01aebe1824018e5170a0c039dc9

 ///  File Name: ZDI-07-041.txt
Description:
 A vulnerability allows remote attackers to execute arbitrary code on affected installations of Panda AdminSecure. Authentication is not required to exploit this vulnerability.
Homepage:http://www.zerodayinitiative.com/
File Size:3246
Related CVE(s):CVE-2007-3026
Last Modified:Jul 25 06:30:18 2007
MD5 Checksum:684a05286a2436521a88c1ca8d97400c

 ///  File Name: cisco-sa-20070724-arp.txt
Description:
 Cisco Security Advisory - Cisco Wireless LAN Controllers (WLC) contain multiple vulnerabilities in the handling of Address Resolution Protocol (ARP) packets that could result in a denial of service (DoS) in certain environments.
Homepage:http://www.cisco.com/
File Size:18281
Last Modified:Jul 25 06:09:56 2007
MD5 Checksum:410864d31569a8f43549ea0e6021d88e

 ///  File Name: PR07-21.txt
Description:
 Webbler CMS version 3.1.3 forms are susceptible to spamming and phishing abuse.
Author:Adrian Pastor
File Size:3234
Last Modified:Jul 25 05:52:29 2007
MD5 Checksum:e735eba3e38ba4e18a22092b2233261b

 ///  File Name: PR07-20.txt
Description:
 A path disclosure issue exists in Webbler CMS version 3.1.3.
Author:Adrian Pastor
File Size:1955
Last Modified:Jul 25 05:51:25 2007
MD5 Checksum:26b734c5ceb88073b75a5c716a2295ba

 ///  File Name: dsa-1340-1.txt
Description:
 Debian Security Advisory 1340-1 - A NULL pointer dereference has been discovered in the RAR VM of Clam Antivirus (ClamAV) which allows user-assisted remote attackers to cause a denial of service via a specially crafted RAR archives.
Homepage:http://www.debian.org/security
File Size:13824
Related CVE(s):CVE-2007-3725
Last Modified:Jul 25 05:31:27 2007
MD5 Checksum:e0c3edcb3cea73262ca76bffee550402

 ///  File Name: oracle-multi.txt
Description:
 Multiple security vulnerabilities have been corrected in the Oracle Business Suite 11i and R12 as part of July 2007 Oracle Critical Patch Update (CPU). These include SQL injection and cross site scripting vulnerabilities.
Author:Stephen Kost, Jack Kanter
Homepage:http://www.integrigy.com/
File Size:1820
Related CVE(s):CVE-2007-3865, CVE-2007-3866, CVE-2007-3867
Last Modified:Jul 25 05:29:49 2007
MD5 Checksum:cfd22abaee53757319f1db989c571c46

 ///  File Name: sa26185.txt
Description:
 Secunia Security Advisory - A vulnerability with an unknown impact has been reported in Kerio MailServer.
Homepage:http://secunia.com/advisories/26185/
File Size:2141
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:55a448aaa66bfcfc56eba89526e136d5

 ///  File Name: sa26184.txt
Description:
 Secunia Security Advisory - Some vulnerabilities in have been reported fsplib, which potentially can be exploited by malicious people to compromise an application using the library.
Homepage:http://secunia.com/advisories/26184/
File Size:2742
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:6f67f55ff06183174637dec1b4fdff8b

 ///  File Name: sa26183.txt
Description:
 Secunia Security Advisory - A vulnerability with an unknown impact has been reported in IBM WebSphere Application Server.
Homepage:http://secunia.com/advisories/26183/
File Size:2156
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:a352e2c92b9c10ebaf5d7b3b4e5e56e5

 ///  File Name: sa26181.txt
Description:
 Secunia Security Advisory - Jared DeMott and Justin Seitz have discovered a vulnerability in LinkedIn Internet Explorer Toolbar, which can be exploited by malicious people to compromise a user's system.
Homepage:http://secunia.com/advisories/26181/
File Size:2531
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:f99828418aadfd632370624040da71c6

 ///  File Name: sa26178.txt
Description:
 Secunia Security Advisory - Sergio Alvarez has reported some vulnerabilities in Norman Antivirus products, which can be exploited by malware to bypass certain scanning functionality and by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26178/
File Size:3766
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:6a0f97b909b33582784fc2c52d181e8b

 ///  File Name: sa26172.txt
Description:
 Secunia Security Advisory - A vulnerability has been discovered in WebSpell, which can be exploited by malicious people to potentially compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26172/
File Size:2255
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:eddf5ca7707928ddaa99f2f98704be85

 ///  File Name: sa26169.txt
Description:
 Secunia Security Advisory - Aria-Security Team have reported a vulnerability in ImageRacer, which can be exploited by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/advisories/26169/
File Size:2264
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:2a7eafde92d1b90b0072b8a768fd8f5b

 ///  File Name: sa26167.txt
Description:
 Secunia Security Advisory - Oliver Karow has reported a vulnerability in SecurityReporter, which can be exploited by malicious people to disclose sensitive information.
Homepage:http://secunia.com/advisories/26167/
File Size:2394
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:663cddd3cb0d3b394ab11523b8a39067

 ///  File Name: sa26166.txt
Description:
 Secunia Security Advisory - HP has acknowledged some vulnerabilities in HP OfO (Oracle for Openview). Some of these have unknown impacts, while others can be exploited to bypass certain security restrictions and conduct SQL injection attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
Homepage:http://secunia.com/advisories/26166/
File Size:2480
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:7e4fcd2146198b11b46b8c94787f0325

 ///  File Name: sa26164.txt
Description:
 Secunia Security Advisory - Debian has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Homepage:http://secunia.com/advisories/26164/
File Size:12881
Last Modified:Jul 25 03:41:12 2007
MD5 Checksum:e1cabebe1a66b0812db6c03811645056
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice