your right to security

Register | Login

Home Files News About Contact Add New

Showing 1 - 1 of 1

Files

iDEFENSE Security Advisory 2007-09-27.1: Posted Sep 28, 2007; Authored by iDefense Labs, Sean Larsson | Site idefense.com; iDefense Security Advisory 09.27.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Computer Associates International Inc.'s (CA) BrightStor HSM allows attackers to execute arbitrary code with SYSTEM privileges. These problems specifically exist within various command handlers in the CsAgent service. There are eleven command handlers that contain one or more stack based buffer overflow vulnerabilities each. All of these vulnerabilities are simple sprintf() calls that overflow fixed size stack buffers with attacker supplied data. Additionally, there are five command handlers that are vulnerable to integer overflow vulnerabilities. In addition to this, the function responsible for reading in and dispatching a request to the appropriate handler also contains an integer overflow vulnerability. iDefense has confirmed the existence of these vulnerabilities in Computer Associates BrightStor HSM version r11.5. Previous versions may also be affected.; tags | advisory, remote, overflow, arbitrary, vulnerability; advisories | CVE-2007-5082, CVE-2007-5083; MD5 | ee2417c015c6a34fccef4c071b848987; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Heine Pedersen 29 files
Torben Jensen 29 files
Red Hat 25 files
Debian 24 files
Ubuntu 24 files
Mandriva 15 files
sinn3r 12 files
the_cyber_nuxbie 11 files
L3b-r1'z 10 files
Am!r 9 files

Recent News

Top 10 Android Mobile Security Apps: Posted May 25, 2012; tags | headline, phone, google; Link | Favorite | Comments (0)

US Mayor And Son Charged With Hacking Into Opposition Site: Posted May 25, 2012; tags | headline, hacker, government; Link | Favorite | Comments (0)

New SpyEye Plugin Takes Control Of Webcam And Microphone: Posted May 24, 2012; tags | headline, privacy, malware, trojan, botnet; Link | Favorite | Comments (0)

Attack Of The Clones: Researcher Pwns SecureID Token System: Posted May 24, 2012; tags | headline, hacker, flaw, science, rsa; Link | Favorite | Comments (0)

Yahoo! Leaks! Private! Key! In! Axis! Chrome! Debut!: Posted May 24, 2012; tags | headline, flaw, yahoo, cryptography; Link | Favorite | Comments (0)

Comcast Phishing Site Contains Valid TRUSTe Seal: Posted May 24, 2012; tags | headline, cybercrime, flaw, scam, phish; Link | Favorite | Comments (0)

Armenia Jails Bredolab Botmaster For 4 Years: Posted May 24, 2012; tags | headline, government, cybercrime, botnet, fraud; Link | Favorite | Comments (0)

Police Given 350 Mobile Fingerprint Scanners For Olympics: Posted May 24, 2012; tags | headline, government, privacy, britain; Link | Favorite | Comments (0)

Researcher Needles Oracle Over Java Security: Posted May 24, 2012; tags | headline, flaw, oracle, java; Link | Favorite | Comments (0)

35,000 Passwords Reset After BigPond GameArena Hacked: Posted May 24, 2012; tags | headline, hacker, data loss, password; Link | Favorite | Comments (0)

View More News →

packet storm

© 2012 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Advertising: Become an Advertiser
Hosting By: Rokabear; Global Mirror List