trust is easily compromised

Register | Login

Home Files News About Contact Add New

Showing 1 - 1 of 1

Files

iDEFENSE Security Advisory 2007-09-27.1: Posted Sep 28, 2007; Authored by iDefense Labs, Sean Larsson | Site idefense.com; iDefense Security Advisory 09.27.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Computer Associates International Inc.'s (CA) BrightStor HSM allows attackers to execute arbitrary code with SYSTEM privileges. These problems specifically exist within various command handlers in the CsAgent service. There are eleven command handlers that contain one or more stack based buffer overflow vulnerabilities each. All of these vulnerabilities are simple sprintf() calls that overflow fixed size stack buffers with attacker supplied data. Additionally, there are five command handlers that are vulnerable to integer overflow vulnerabilities. In addition to this, the function responsible for reading in and dispatching a request to the appropriate handler also contains an integer overflow vulnerability. iDefense has confirmed the existence of these vulnerabilities in Computer Associates BrightStor HSM version r11.5. Previous versions may also be affected.; tags | advisory, remote, overflow, arbitrary, vulnerability; advisories | CVE-2007-5082, CVE-2007-5083; MD5 | ee2417c015c6a34fccef4c071b848987; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Heine Pedersen 29 files
Torben Jensen 29 files
Ubuntu 27 files
Farbod Mahini 26 files
Debian 26 files
Red Hat 25 files
HauntIT 22 files
Mandriva 17 files
sinn3r 11 files
the_cyber_nuxbie 10 files

Recent News

New SpyEye Plugin Takes Control Of Webcam And Microphone: Posted May 24, 2012; tags | headline, privacy, malware, trojan, botnet; Link | Favorite | Comments (0)

Attack Of The Clones: Researcher Pwns SecureID Token System: Posted May 24, 2012; tags | headline, hacker, flaw, science, rsa; Link | Favorite | Comments (0)

Yahoo! Leaks! Private! Key! In! Axis! Chrome! Debut!: Posted May 24, 2012; tags | headline, flaw, yahoo, cryptography; Link | Favorite | Comments (0)

Comcast Phishing Site Contains Valid TRUSTe Seal: Posted May 24, 2012; tags | headline, cybercrime, flaw, scam, phish; Link | Favorite | Comments (0)

Armenia Jails Bredolab Botmaster For 4 Years: Posted May 24, 2012; tags | headline, government, cybercrime, botnet, fraud; Link | Favorite | Comments (0)

Police Given 350 Mobile Fingerprint Scanners For Olympics: Posted May 24, 2012; tags | headline, government, privacy, britain; Link | Favorite | Comments (0)

Researcher Needles Oracle Over Java Security: Posted May 24, 2012; tags | headline, flaw, oracle, java; Link | Favorite | Comments (0)

35,000 Passwords Reset After BigPond GameArena Hacked: Posted May 24, 2012; tags | headline, hacker, data loss, password; Link | Favorite | Comments (0)

Indian SMBs Facing Advanced Attack Threats: Posted May 23, 2012; tags | headline, hacker, india, denial of service, symantec; Link | Favorite | Comments (0)

Jailed Facebook Hack Brit Targeted Justin Bieber's Girlfriend: Posted May 23, 2012; tags | headline, hacker, britain, facebook, social; Link | Favorite | Comments (0)

View More News →

packet storm

© 2012 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Advertising: Become an Advertiser
Hosting By: Rokabear; Global Mirror List