Proof of concept exploit for Perforce Servers versions 2007.3/143793 and below which suffer from NULL pointer, invalid memory access, and endless loop vulnerabilities.
1dd163d775ebc9b1c4abf52d79d9f0cd78dd073b5c8fd08e2b09ec2daa6335d1Perforce Servers versions 2007.3/143793 and below suffer from NULL pointer, invalid memory access, and endless loop vulnerabilities.
40b7c8196cc7d7c26a3289c793200a705f3c2b1cf9d1e9f9faff7eb34b7d0012Physical Security Attacks On Windows Vista - A short whitepaper discussing the firewire unlock attack.
5f035da0bc475ea3fd4753cf55841d7118ed5b5a109b008da86072262ddd24dcWebCT Campus Edition version 4.1.5.8 suffers from multiple javascript related session stealing vulnerabilities.
9f02a83db30f2b4f111a50f535c11c17913b5a61d6f146d92532ddc17b11e90bIt appears that the Linux Kiss Server version 1.2 suffers from a format string vulnerability.
cd1bc5ebd7a34b22360783ccff5fb8ddcf0dbbb025e55f10527277783e35dc7dPacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses. This paper is a study regarding wireless technology in implantable cardioverter defibrillators (ICDs) being susceptible to hack attacks.
0ed778576445793fa55a12ccf8d3fca0b36fba685620b7f8b9ad002005ac1a7cMandriva Linux Security Advisory - Several severe security issues were discovered in the Joomla! PHP-based content management system. These issues have been fixed in version 1.0.15 which is provided with this update.
58b45982d290a51264f847919958903b79ddff72163bf4857863b3a461c6e3faGentoo Linux Security Advisory GLSA 200803-11 - Joey Hess reported that vobcopy appends data to the file /tmp/vobcopy.bla in an insecure manner. Versions less than 1.1.0 are affected.
25c681b9fa3e94c0fbd2ec1c18833c998326084332b3ec319444583e217b38d4Ubuntu Security Notice 584-1 - Jonathan Clarke discovered that the OpenLDAP slapd server did not properly handle modify requests when using the Berkeley DB backend and the NOOP control was used. An authenticated user with modify permissions could send a crafted modify request and cause a denial of service via application crash. Ubuntu 7.10 is not affected by this issue. Ralf Haferkamp discovered that the OpenLDAP slapd server did not properly handle modrdn requests when using the Berkeley DB backend and the NOOP control was used. An authenticated user with modrdn permissions could send a crafted modrdn request and possibly cause a denial of service via application crash.
56b08681c41e3d1474d2d57c53bc9140ac991a5cde6cef4939f8c62c627861d7Mandriva Linux Security Advisory - A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server's Tcl regular expression engine. This flaw can result in an infinite loop when processing certain regular expressions.
69bd180d13a45c0d100ed726b8f091f5ba4f9841bbaae42b85ac5daebcb4ab8dGentoo Linux Security Advisory GLSA 200803-10 - lighttpd contains a calculation error when allocating the global file descriptor array (CVE-2008-0983). Furthermore, it sends the source of a CGI script instead of returning a 500 error (Internal Server Error) when the fork() system call fails (CVE-2008-1111). Versions less than 1.4.18-r2 are affected.
360b597a94cb9975c44c892646eff653429144ecb590d27194b2bb0ecb765dc3Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200801-09:03 - The previous version of the X.Org X server (1.3.0.0-r4) did not properly address the integer overflow vulnerability in the MIT-SHM extension (CVE-2007-6429). It failed to check on Pixmaps of certain bit depths. Versions less than 1.3.0.0-r5 are affected.
ec9718e4bc7cbfde57e6fbae71ba194bdc3199ce1bdd7c9822705ba14c88559bUbuntu Security Notice 583-1 - Ulf Harnhammar discovered that Evolution did not correctly handle format strings when processing encrypted emails. A remote attacker could exploit this by sending a specially crafted email, resulting in arbitrary code execution.
de63b123c9a1cee483e103bd14102f1e7f065f80460804cae7ed3f45460c2dabMandriva Linux Security Advisory - A vulnerability was found in slapo-pcache in slapd of OpenLDAP prior to 2.3.39 when running as a proxy-caching server. It would allocate memory using a malloc variant rather than calloc, which prevented an array from being properly initialized and could possibly allow attackers to cause a denial of service. Two vulnerabilities were found in how slapd handled modify (prior to 2.3.26) and modrdn (prior to 2.3.29) requests with NOOP control on objects stored in the BDB backend. An authenticated user with permission to perform modify or modrdn operations could cause slapd to crash.
e1dd55f35e35b48f7bfc6c5d283befa889c1a4ab1ae5d0dfa300f4c283fd33eeDebian Security Advisory 1512-1 - Ulf Harnhammar discovered that Evolution, the e-mail and groupware suite, had a format string vulnerability in the parsing of encrypted mail messages. If the user opened a specially crafted email message, code execution was possible.
9402a08a62d7316259919341c76df564fda29993750e3ba47d980ceef4d71148OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.
92cf6287ca8648c58a1bf3ef82deb976f6a65163d8b7e3c4dd272d23e120518eRadialNet is a network visualization tool. It consists in a graphical visualization of the networks mapped with Nmap, with some efforts to make it easy to find security problems.
20e1eae6181531547742d5a8550e56bb3110decb92e91e2ccd16b6cc4f4f2fbdICQ Toolbar versions 2.3 ActiveX remote denial of service exploit.
74da912743972bf3b6843c60fbd3962165a38f4108595d36b215ead70a4aec48The XOOPS wfdownloads module suffers from a remote SQL injection vulnerability.
a27e450136288a1d7739cef79f2d864955cb92db8b691a099a1ce484370e097fThe XOOPS Glossario module version 2.2 suffers from a remote SQL injection vulnerability.
375839145f2f138740f92a0a527c12eac7975027b00a62a8f4dd438c26c42bc7Secunia Security Advisory - Some vulnerabilities have been discovered in Numara FootPrints, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to compromise a vulnerable system.
02d0f6cd86adc17f9d864aa4c223da5b82edc4eff4625ab3ac161ea316ca4b40Secunia Security Advisory - Nir Goldshlager (Avnet) has reported a vulnerability in IBM Lotus QuickPlace, which can be exploited by malicious people to conduct cross-site scripting attacks.
ebccc615089970f9c512c92ba454f2142bf36f14a52d6b2d1f9be66581e6d84fSecunia Security Advisory - Secunia Research has discovered a vulnerability in Evolution, which can be exploited by malicious people to compromise a vulnerable system.
160f72382ca176f72ca3f1e1551d96a1c2b0ca2575723a8afac62757ceb4830eSecunia Security Advisory - Gentoo has issued an update for opera. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions.
ee3c5ca0f387783ede04102aae4fd89a27b8651562b4f391257110131bf5cde4Secunia Security Advisory - Red Hat has issued an update for evolution. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
d215c58aeca1f4ebfde19cd4adf9327391a88a4283219b5948313c5836e3238c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed