.:[ packet storm ]:.
                               
low profile, high success
low profile, high success

 Section:  .. / 0802-advisories  /

Page 4 of 25
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 >> Files 75 - 100 of 607
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: emerdal-null.txt
Description:
 The configuration web server integrated in Emerald versions 5.0.49 and below, RadiusNT and RadiusX versions 5.1.38 and below, Radius test client versions 4.0.20 and below, and Air Marshal versions 2.0.4 and below suffer from a NULL byte vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
File Size:2584
Last Modified:Feb 8 17:43:00 2008
MD5 Checksum:07867e64a299722998266ae14583e711

 ///  File Name: endian_02.txt
Description:
 The Endian firewall version 2.1.2 suffers from cross site scripting vulnerabilities.
Author:syniack
Homepage:http://bsecure.net.pk/
File Size:1484
Last Modified:Feb 12 17:17:29 2008
MD5 Checksum:19ed77001120ac16b78a647e7e13f28b

 ///  File Name: ezipirla.txt
Description:
 EztremeZ-IP File and Printer Server versions 5.1.2x15 and below suffer from crash and directory traversal vulnerabilities.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related Exploit:ezipirla.zip
File Size:3173
Last Modified:Feb 11 16:32:45 2008
MD5 Checksum:e8e2f8f64e5912135317b34018724271

 ///  File Name: facebookadv-overflow.txt
Description:
 Facebook Image Uploader versions 5.0.14.0 and below suffer from a stack buffer overflow vulnerability.
Author:Rafel Ivgi aka The-Insider
Homepage:http://www.mc-grp.com/
Related Exploit:facebookexp-overflow.txt
File Size:10992
Last Modified:Feb 12 14:22:56 2008
MD5 Checksum:22642c07136057ef45947cd8bb9c5a5a

 ///  File Name: firefox20011bmp-dos.txt
Description:
 Opera version 9.50 beta and FireFox versions 2.0.0.11 suffer from a vulnerability during BMP file handling.
Author:Gynvael Coldwind
File Size:3533
Last Modified:Feb 17 21:37:33 2008
MD5 Checksum:acddcd7b30c860fcbb579020d5cd6838

 ///  File Name: firefoxurl-spoof.txt
Description:
 Firefox appears to suffer from another URI spoofing vulnerability when fed a missing username.
Author:Carl Hardwick
File Size:1553
Last Modified:Feb 11 16:10:14 2008
MD5 Checksum:f285694114aeea1f576a89f64cc37851

 ///  File Name: FreeBSD-SA-08-03.sendfile.txt
Description:
 FreeBSD Security Advisory - The sendfile system call suffers from a write-only file permission bypass vulnerability.
Homepage:http://security.freebsd.org/
File Size:6101
Related CVE(s):CVE-2008-0777
Last Modified:Feb 14 18:14:42 2008
MD5 Checksum:6b7c612f35046df2c4a568656ce22f23

 ///  File Name: FreeBSD-SA-08-04.ipsec.txt
Description:
 FreeBSD Security Advisory - The IPsec suite of protocols suffer from a null pointer dereference panic vulnerability.
Homepage:http://security.freebsd.org/
File Size:3545
Related CVE(s):CVE-2008-1777
Last Modified:Feb 14 18:15:45 2008
MD5 Checksum:de22e4e3fcea142efb9f2600c6ddc5ff

 ///  File Name: freesshdnull.txt
Description:
 freeSSHd versions 1.2.0 and below suffer from a NULL pointer crash vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related Exploit:freesshdnull.zip
File Size:1401
Last Modified:Feb 20 01:21:50 2008
MD5 Checksum:eb1d7796ee5b9a78c5095a1411f9786d

 ///  File Name: ghostscript-overflow.txt
Description:
 Ghostscript versions 8.61 and below suffer from a stack-based buffer overflow in the zseticcspace() function in zicc.c.
Author:Chris Evans
Related Exploit:ghostscript-poc.txt
File Size:1231
Last Modified:Mar 3 14:15:37 2008
MD5 Checksum:e8908af1dfabf34c4b2eab9ea0ace408

 ///  File Name: glsa-200802-01.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-01 - The LWZReadByte() function in file IMG_gif.c and the IMG_LoadLBM_RW() function in file IMG_lbm.c each contain a boundary error that can be triggered to cause a static buffer overflow and a heap-based buffer overflow. The first boundary error comes from some old vulnerable GD PHP code (CVE-2006-4484). Versions less than 1.2.6-r1 are affected.
Homepage:http://security.gentoo.org
File Size:3124
Related CVE(s):CVE-2007-6697, CVE-2008-0544
Last Modified:Feb 6 17:48:12 2008
MD5 Checksum:482a29deac6a61b9ebe3fd9350656d94

 ///  File Name: glsa-200802-02.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-02 - Luigi Auriemma discovered multiple buffer overflows in the D_NetPlayerEvent() function, the Msg_Write() function and the NetSv_ReadCommands() function. He also discovered errors when handling chat messages that are not NULL-terminated (CVE-2007-4642) or contain a short data length, triggering an integer underflow (CVE-2007-4643). Furthermore a format string vulnerability was discovered in the Cl_GetPackets() function when processing PSV_CONSOLE_TEXT messages (CVE-2007-4644). Versions less than or equal to 1.9.0-beta5.2 are affected.
Homepage:http://security.gentoo.org
File Size:4054
Related CVE(s):CVE-2007-4642, CVE-2007-4643, CVE-2007-4644
Last Modified:Feb 6 17:48:35 2008
MD5 Checksum:65fd343ccba638b72b11d03f55c43216

 ///  File Name: glsa-200802-03.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-03 - Ulf Harnhammar, Secunia Research discovered that the frame and frameset HTML tags are not properly filtered out. He also reported that certain HTTP requests are executed without being checked. Versions less than 4.1.6 are affected.
Homepage:http://security.gentoo.org
File Size:3051
Related CVE(s):CVE-2007-6018
Last Modified:Feb 11 17:58:38 2008
MD5 Checksum:47a0f2adf894a8201011c42accd08a38

 ///  File Name: glsa-200802-04.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-04 - The Gallery developement team reported and fixed critical vulnerabilities during an internal audit (CVE-2007-6685, CVE-2007-6686, CVE-2007-6687, CVE-2007-6688, CVE-2007-6689, CVE-2007-6690, CVE-2007-6691, CVE-2007-6692, CVE-2007-6693). Versions less than 2.2.4 are affected.
Homepage:http://security.gentoo.org
File Size:3895
Related CVE(s):CVE-2007-6685, CVE-2007-6686, CVE-2007-6687, CVE-2007-6688, CVE-2007-6689, CVE-2007-6690, CVE-2007-6691, CVE-2007-6692, CVE-2007-6693
Last Modified:Feb 11 17:59:00 2008
MD5 Checksum:c889f2aa3562a4c984c769735c47ae32

 ///  File Name: glsa-200802-05.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-05 - Multiple integer overflow and signedness errors have been reported in the excel_read_HLINK() function in file plugins/excel/ms-excel-read.c when processing XLS HLINK opcodes. Versions less than 1.8.1 are affected.
Homepage:http://security.gentoo.org
File Size:2983
Related CVE(s):CVE-2008-0668
Last Modified:Feb 12 17:56:35 2008
MD5 Checksum:2d1bb2508dcb611982e1166e88b8d02d

 ///  File Name: glsa-200802-06.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-06 - Florian Weimer from Debian discovered that scponly does not filter the - -o and -F options to the scp executable (CVE-2007-6415). Joachim Breitner reported that Subversion and rsync support invokes subcommands in an insecure manner (CVE-2007-6350). Versions less than 4.8 are affected.
Homepage:http://security.gentoo.org
File Size:3181
Related CVE(s):CVE-2007-6350, CVE-2007-6415
Last Modified:Feb 12 17:57:07 2008
MD5 Checksum:9352c9e62a9f94f0576abfbbc80ef8af

 ///  File Name: glsa-200802-07.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-07 - Marcus Meissner from SUSE reported that the pa_drop_root() function does not properly check the return value of the system calls setuid(), seteuid(), setresuid() and setreuid() when dropping its privileges. Versions less than 0.9.9 are affected.
Homepage:http://security.gentoo.org
File Size:3129
Related CVE(s):CVE-2008-0008
Last Modified:Feb 13 17:30:57 2008
MD5 Checksum:92f7f0c7cd30e14574f1bfebd887e26b

 ///  File Name: glsa-200802-08.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-08 - Tavis Ormandy and Will Drewry from the Google Security Team reported a failed assertion in file regex/v4/perl_matcher_non_recursive.hpp (CVE-2008-0171) and a NULL pointer dereference in function get_repeat_type() file basic_regex_creator.hpp (CVE-2008-0172) when processing regular expressions. Versions less than 1.34.1-r2 are affected.
Homepage:http://security.gentoo.org
File Size:2747
Related CVE(s):CVE-2008-0171, CVE-2008-0172
Last Modified:Feb 14 19:38:09 2008
MD5 Checksum:332c4a8aebc7121b2ba2958d41cd5e88

 ///  File Name: glsa-200802-09.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-09 - An integer overflow has been reported in the cli_scanpe() function in file libclamav/pe.c (CVE-2008-0318). Another unspecified vulnerability has been reported in file libclamav/mew.c (CVE-2008-0728). Versions less than 0.92.1 are affected.
Homepage:http://security.gentoo.org
File Size:3311
Related CVE(s):CVE-2008-0318, CVE-2008-0728
Last Modified:Feb 22 02:51:15 2008
MD5 Checksum:72d9da41738b7ff29dac19646e48e95f

 ///  File Name: glsa-200802-10.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-10 - Python 2.3 includes a copy of PCRE which is vulnerable to an integer overflow vulnerability, leading to a buffer overflow. Versions less than 2.3.6-r4 are affected.
Homepage:http://security.gentoo.org
File Size:2678
Related CVE(s):CVE-2006-7228
Last Modified:Feb 25 11:14:47 2008
MD5 Checksum:ba26bac01970e11b6688fa1541f28ef2

 ///  File Name: glsa-200802-11.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-11 - Multiple vulnerabilities have been found in Asterisk. Versions less than 1.2.21.1-r1 are affected.
Homepage:http://security.gentoo.org
File Size:3937
Related CVE(s):CVE-2007-3762, CVE-2007-3763, CVE-2007-3764, CVE-2007-4103
Last Modified:Feb 26 19:35:25 2008
MD5 Checksum:7c51a2ffb28e6611479cc754e70c9347

 ///  File Name: glsa-200802-12.txt
Description:
 Gentoo Linux Security Advisory GLSA 200802-12 - Damian Frizza and Alfredo Ortega (Core Security Technologies) discovered a stack-based buffer overflow within the open_flac_file() function in the file demux_flac.c when parsing tags within a FLAC file (CVE-2008-0486). A buffer overflow when parsing ASF headers, which is similar to CVE-2006-1664, has also been discovered. Versions less than 1.1.10.1 are affected.
Homepage:http://security.gentoo.org
File Size:2879
Related CVE(s):CVE-2006-1664, CVE-2008-0486
Last Modified:Feb 26 19:35:06 2008
MD5 Checksum:2f5040c756ce9cf9fe09574a5577bc2e

 ///  File Name: htpasswd-weak.txt
Description:
 htpasswd as included with Apache version 2.2 suffers from a predictable salt weakness.
Author:Peter Watkins
File Size:6052
Last Modified:Feb 14 15:02:29 2008
MD5 Checksum:c4732473372f3c4f3716285c242ae97a

 ///  File Name: ioactive-modjk2.txt
Description:
 IOActive Security Advisory - mod_jk2 versions prior to 2.0.4 are vulnerable to multiple stack overflow vulnerabilities. Specifically, IOActive has discovered multiple locations where these vulnerabilities are exploitable via the Host request header in any given request. These overflows all result in remote code execution under the user of the running Apache process.
Homepage:http://www.ioactive.com/
File Size:2415
Last Modified:Feb 12 14:12:39 2008
MD5 Checksum:261b8a0fb6b31e62e63d8e5ed058b5b2

 ///  File Name: ioactive-sitescope.txt
Description:
 IOActive Security Advisory - IOActive has discovered multiple critical vulnerabilities within the Mercury SiteScope server monitoring software, some of which allow for complete remote compromise of the entire monitored network, as well as arbitrary code execution on all servers managed by the SiteScope software. All versions are affected.
Homepage:http://www.ioactive.com/
File Size:1172
Last Modified:Feb 12 14:13:24 2008
MD5 Checksum:95e0e0d468d0a2b636152b0a84d0763c
 

 ///  Last 10 Files
  1. :· ZDI-08-025.txt
  2. :· ZDI-08-024.txt
  3. :· sunshop-blindsql.txt
  4. :· aid-051408.asc
  5. :· altiris.pdf
  6. :· 68classifieds-sql.txt
  7. :· newsmanager-rfisql.txt
  8. :· kostenloses-sql.txt
  9. :· symantec-escalate.txt
  10. :· cisco-sa-20080514-cup.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· ZDI-08-025.txt
  2. :· ZDI-08-024.txt
  3. :· aid-051408.asc
  4. :· cisco-sa-20080514-cup.txt
  5. :· cisco-sa-20080514-cucmdos.txt
  6. :· cisco-sa-20080514-csm.txt
  7. :· AD20080514.txt
  8. :· dsa-1577-1.txt
  9. :· dsa-1576-1.txt
  10. :· glsa-200805-16.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· sunshop-blindsql.txt
  2. :· 68classifieds-sql.txt
  3. :· newsmanager-rfisql.txt
  4. :· kostenloses-sql.txt
  5. :· symantec-escalate.txt
  6. :· debian-sploit.txt
  7. :· msie-crosszone.txt
  8. :· idautomation-activex.txt
  9. :· rgboard-rfixss.txt
  10. :· hordeturba-xss.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· sqlfuzzer.py.txt
  2. :· xsschecker.py.txt
  3. :· nipper-0.11.7.tgz
  4. :· nipper-0.11.7.zip
  5. :· browserrecon-1.0-php.tar.gz
  6. :· dradis-v1.2.tar.gz
  7. :· samhain-2.4.4.tar.gz
  8. :· plash_1.19.orig.tar.gz
  9. :· opennhrp-0.7.tar.bz2
  10. :· ZoneMinder-1.23.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· altiris.pdf
  2. :· EC2ND-2008-CFP.txt
  3. :· win32-generator.txt
  4. :· xsrf-paper.txt
  5. :· Bellua2008-CFP.txt
  6. :· Access-Through-Access.pdf
  7. :· kiwicon2008-cfp.txt
  8. :· tempest.pdf
  9. :· capture-server-2.1.0-300-src.zip
  10. :· capture-client-2.1.0-300-src.zip
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice