.:[ packet storm ]:.
                             
four continents, one idea
four continents, one idea

 Section:  .. / 0804-advisories  /

Page 5 of 25
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 >> Files 100 - 125 of 608
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: glsa-200804-26.txt
Description:
 Gentoo Linux Security Advisory GLSA 200804-26 - Openfire's connection manager in the file ConnectionManagerImpl.java cannot handle clients that fail to read messages, and has no limit on their session's send buffer. Versions less than 3.5.0 are affected.
Homepage:http://security.gentoo.org
File Size:2474
Related CVE(s):CVE-2008-1728
Last Modified:Apr 23 12:42:32 2008
MD5 Checksum:418e35338a4169d1724c64bfebdbc461

 ///  File Name: glsa-200804-27.txt
Description:
 Gentoo Linux Security Advisory GLSA 200804-27 - Nathan G. Grennan reported a boundary error in SILC Toolkit within the silc_fingerprint() function in the file lib/silcutil/silcutil.c when passing overly long data, resulting in a stack-based buffer overflow. Versions less than 1.1.7 are affected.
Homepage:http://security.gentoo.org/
File Size:4182
Related CVE(s):CVE-2008-1227, CVE-2008-1429, CVE-2008-1552
Last Modified:Apr 24 16:25:59 2008
MD5 Checksum:22e5a4d1c293c8e431da1d01bd9d9ee2

 ///  File Name: glsa-200804-28.txt
Description:
 Gentoo Linux Security Advisory GLSA 200804-28 - Because of sharing the same codebase, JRockit is affected by the vulnerabilities mentioned in GLSA 200804-20. Versions less than 1.5.0.14 are affected.
Homepage:http://security.gentoo.org
File Size:3029
Last Modified:Apr 24 16:26:06 2008
MD5 Checksum:8adfd9b3fcb5d2b592286e4eb4c68173

 ///  File Name: glsa-200804-29.txt
Description:
 Gentoo Linux Security Advisory GLSA 200804-29 - Comix does not properly sanitize filenames containing shell metacharacters when they are passed to the rar, unrar, or jpegtran programs (CVE-2008-1568). Comix also creates directories with predictable names (CVE-2008-1796). Versions less than 3.6.4-r1 are affected.
Homepage:http://security.gentoo.org
File Size:3382
Related CVE(s):CVE-2008-1568, CVE-2008-1796
Last Modified:Apr 25 20:03:20 2008
MD5 Checksum:8ce89de703f5399b083a9db761aa6539

 ///  File Name: glsa-200804-30.txt
Description:
 Gentoo Linux Security Advisory GLSA 200804-30 - Vulnerabilities have been reported in the processing of user-controlled data by start_kdeinit, which is setuid root by default. Versions less than 4.0 are affected.
Homepage:http://security.gentoo.org
File Size:2858
Related CVE(s):CVE-2008-1671
Last Modified:Apr 29 19:47:11 2008
MD5 Checksum:7cb96af75e50047c4cb88e232efaed5a

 ///  File Name: greenbow-memory.txt
Description:
 TheGreenBow IPSec VPN client version 4.10.010 suffers from a vulnerability where login credentials are stored in the clear in memory.
Author:Evilcry
Homepage:http://evilcry.altervista.org/
File Size:1694
Last Modified:Apr 8 01:14:08 2008
MD5 Checksum:4583049e2c02821e9106695dfd4bf778

 ///  File Name: groupwise70-overflow.txt
Description:
 The mailto: functionality in GroupWise 7.0 appears susceptible to a buffer overflow vulnerability.
Author:Juan Pablo Lopez Yacubian
File Size:825
Last Modified:Apr 28 18:31:09 2008
MD5 Checksum:78933519c25a9a493cb8771ae024207e

 ///  File Name: gwh-csrf.txt
Description:
 It appears that Google Web History is susceptible to an attack along the lines of cross site request forgery.
Author:Alexander Konovalenko
File Size:1565
Last Modified:Apr 21 16:13:03 2008
MD5 Checksum:e587fcdc388c939153ad9998c5f2f0e4

 ///  File Name: ibmdb2-exec.txt
Description:
 Team SHATTER Security Advisory - IBM DB2 UDB suffers from an arbitrary code execution vulnerability in the ADMIN_SP_C/ADMIN_SP_C2 procedures.
Author:Martin Rakhmanov
Homepage:http://www.appsecinc.com/
File Size:2125
Last Modified:Apr 18 14:41:46 2008
MD5 Checksum:de94e730f8daddae561a8998a10bbfd2

 ///  File Name: ibmdb2-overwrite.txt
Description:
 Team SHATTER Security Advisory - IBM DB2 UDB suffers from an arbitrary file overwrite vulnerability in the SYSPROC.NNSTAT procedure.
Author:Cesar Cerrudo
Homepage:http://www.appsecinc.com/
File Size:2158
Last Modified:Apr 18 14:39:56 2008
MD5 Checksum:c624ca8b2e7f283918eac4c013a73fbc

 ///  File Name: INFIGO-2008-04-08.txt
Description:
 INFIGO IS's security team has identified a critical remote buffer overflow vulnerability in the latest ICQ version (ICQ 6.0).
Author:Leon Juranic
Homepage:http://www.infigo.hr/
File Size:4045
Last Modified:Apr 16 17:52:46 2008
MD5 Checksum:c38cbe7ca06aa48e9bbb69dd2592ca5c

 ///  File Name: ioactive-python.txt
Description:
 PyString_FromStringAndSize() incorrectly validates input in Python version 2.5.2. Earlier versions may also be vulnerable.
Homepage:http://www.ioactive.com/
File Size:3268
Last Modified:Apr 11 18:03:41 2008
MD5 Checksum:ce5261f198566aad695698664c3d2744

 ///  File Name: ioactive-zlib.txt
Description:
 The zlib extension module in Python version 2.5.2 contains a method for flushing decompression streams that takes an input parameter of how much data to flush. This parameter is a signed integer that is not verified for sanity and is thus potentially negative. When passed a negative value memory is misallocated and then the signed integer is converted to an unsigned integer resulting in buffer overflow.
Homepage:http://www.ioactive.com/
File Size:6293
Last Modified:Apr 10 17:14:52 2008
MD5 Checksum:ae7beb198b329c5c2cd1e3698c43348b

 ///  File Name: jar-dos.txt
Description:
 Team SHATTER Security Advisory - DB2 has multiple vulnerabilities which can lead to Denial of Service (DoS) attacks against the instance. When RECOVERJAR and REMOVE_JAR procedures are called with a specially crafted parameter the DB2 instance crashes. Any DB2 database user can exploit these vulnerabilities since PUBLIC permissions are granted to both procedures by default. The RECOVERJAR and REMOVE_JAR procedures are installed by default.
Author:Ariel Sanchez
Homepage:http://www.appsecinc.com/
File Size:2322
Last Modified:Apr 18 14:38:11 2008
MD5 Checksum:08128a2265c7f303e00858a4bffc90af

 ///  File Name: ksesfilter.txt
Description:
 kses-based HTML filters for projects like WordPress, Moodle, Drupal, eGroupWare, Dokeos, PHP-Nuke, Geeklog, etc, have been found vulnerable to cross site scripting and code execution vulnerabilities.
Author:Lukas Pilorz
Homepage:http://allegro.pl/
File Size:4498
Last Modified:Apr 4 17:36:05 2008
MD5 Checksum:84dffd73915467fb43f6eb8e2af5244f

 ///  File Name: MDVSA-2008-081.txt
Description:
 Mandriva Linux Security Advisory - A heap-based buffer overflow in CUPS 1.2.x and later was discovered by regenrecht of VeriSign iDenfense that could allow a remote attacker to execute arbitrary code via a crafted CGI search expression. A validation error in the Hp-GL/2 filter was also discovered. Finally, a vulnerability in how CUPS handled GIF files was found by Tomas Hoger of Red Hat, similar to previous issues corrected in PHP, gd, tk, netpbm, and SDL_image.
Homepage:http://www.mandriva.com/security/
File Size:8797
Related CVE(s):CVE-2008-0053, CVE-2008-0047, CVE-2008-1373
Last Modified:Apr 3 01:41:48 2008
MD5 Checksum:528584dba9753b6b54087d3eff95e9bd

 ///  File Name: MDVSA-2008-082.txt
Description:
 Mandriva Linux Security Advisory - Daniel Papasian discovered a stack-based buffer overflow in the apc_search_paths() function in APC that can be triggered when processing long filenames. A remote attacker could exploit this vulnerability to execute arbitrary code in PHP applications that pass user-controlled input to the include() function.
Homepage:http://www.mandriva.com/security/
File Size:3292
Related CVE(s):CVE-2008-1488
Last Modified:Apr 10 16:54:53 2008
MD5 Checksum:017ee8b5bcc26ebc0b84a1bfa1f756bb

 ///  File Name: MDVSA-2008-083.txt
Description:
 Mandriva Linux Security Advisory - Joe Nall reported a stack-based buffer overflow in Audit's log handling that could allow remote attackers to execute arbitrary code via a long command argument.
Homepage:http://www.mandriva.com/security/
File Size:4780
Related CVE(s):CVE-2008-1628
Last Modified:Apr 10 17:15:22 2008
MD5 Checksum:b1861deefc509ff4b3368da7903d4b11

 ///  File Name: MDVSA-2008-084.txt
Description:
 Mandriva Linux Security Advisory - Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attacker could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash.
Homepage:http://www.mandriva.com/security/
File Size:4391
Related CVE(s):CVE-2008-1720
Last Modified:Apr 14 16:05:56 2008
MD5 Checksum:2256326410ab661f147afb96ec79eaa8

 ///  File Name: MDVSA-2008-085.txt
Description:
 Mandriva Linux Security Advisory - Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
Homepage:http://www.mandriva.com/security/
File Size:9671
Related CVE(s):CVE-2008-1721
Last Modified:Apr 15 13:25:53 2008
MD5 Checksum:af82c8023779ea8404523f5ab5337b2a

 ///  File Name: MDVSA-2008-086.txt
Description:
 Mandriva Linux Security Advisory - The isdn_ioctl function in isdn_common.c in the Linux kernel prior to 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which trigger a buffer overflow. The do_corefump function in fs/exec.c in the Linux kernel prior to 2.6.24-rc3 did not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which could possibly allow local users to obtain sensitive information. The shmem_getpage function in mm/shmem.c in the Linux kernel versions 2.6.11 through 2.6.23 did not properly clear allocated memory in certain rare circumstances related to tmps, which could possibly allow local users to read sensitive kernel data or cause a crash.
Homepage:http://www.mandriva.com/security/
File Size:5064
Related CVE(s):CVE-2007-6151, CVE-2007-6417, CVE-2007-6206
Last Modified:Apr 15 22:23:15 2008
MD5 Checksum:3b12b60b85bd9e3f44e1959c914adee2

 ///  File Name: MDVSA-2008-087.txt
Description:
 Mandriva Linux Security Advisory - A format string vulnerability in the grant helper, in PolicyKit 0.7 and earlier, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in a password.
Homepage:http://www.mandriva.com/security/
File Size:2904
Related CVE(s):CVE-2008-1658
Last Modified:Apr 17 12:55:58 2008
MD5 Checksum:018352abb4873073e6efe935b5d5ed7a

 ///  File Name: MDVSA-2008-088.txt
Description:
 Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release. These flaws include various overflows and arbitrary file overwrite vulnerabilities.
Homepage:http://www.mandriva.com/security/
File Size:14271
Related CVE(s):CVE-2007-6595, CVE-2008-0314, CVE-2008-0318, CVE-2008-0728, CVE-2008-1100, CVE-2008-1387, CVE-2008-1833, CVE-2008-1835, CVE-2008-1836, CVE-2008-1837
Last Modified:Apr 18 14:30:59 2008
MD5 Checksum:c37bb73fa57c0909526e0c5b2021053b

 ///  File Name: MDVSA-2008-089.txt
Description:
 Mandriva Linux Security Advisory - Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened.
Homepage:http://www.mandriva.com/security/
File Size:3122
Related CVE(s):CVE-2008-1693
Last Modified:Apr 18 14:31:41 2008
MD5 Checksum:e99a3c71b13af72c3e05bd7db5c591d8

 ///  File Name: MDVSA-2008-090.txt
Description:
 Mandriva Linux Security Advisory - A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened. A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code.
Homepage:http://www.mandriva.com/security/
File Size:12042
Related CVE(s):CVE-2007-5746, CVE-2008-0320
Last Modified:Apr 21 18:28:49 2008
MD5 Checksum:e7db4216804e0067e84bf3c32ba3e8ab
 

 ///  Last 10 Files
  1. :· powerdvd_bof.pl.txt
  2. :· MDVSA-2008-155.txt
  3. :· ZDI-08-047.txt
  4. :· ZDI-08-046.txt
  5. :· ZDI-08-045.txt
  6. :· realplayer-exec.txt
  7. :· SECOBJADV-2008-02.txt
  8. :· ezcontents-rfi.txt
  9. :· phptest-sql.txt
  10. :· fizzmedia-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2008-155.txt
  2. :· ZDI-08-047.txt
  3. :· ZDI-08-046.txt
  4. :· ZDI-08-045.txt
  5. :· realplayer-exec.txt
  6. :· SECOBJADV-2008-02.txt
  7. :· secunia-realnetworks.txt
  8. :· flashblock-bypass.txt
  9. :· dsa-1617-1.txt
  10. :· USN-629-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· powerdvd_bof.pl.txt
  2. :· ezcontents-rfi.txt
  3. :· phptest-sql.txt
  4. :· fizzmedia-sql.txt
  5. :· cameralife-sql.txt
  6. :· bind9x-poison.txt
  7. :· minix-panic.txt
  8. :· aflog-xss.txt
  9. :· xrms-rfixss.txt
  10. :· lmp-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· powerfuzzer_v1_beta.zip
  2. :· fwknop-1.9.6.tar.gz
  3. :· SDTCleaner-v1.0.zip
  4. :· sipwitch-0.2.2.tar.gz
  5. :· prelude-manager-0.9.14.tar.gz
  6. :· srm-1.2.9.tar.gz
  7. :· snoop-0.3.1.tar.gz
  8. :· silk-1.1.0.tar.gz
  9. :· wpacrack.py.txt
  10. :· clamav-0.93.3.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· pkd-1.1.tgz
  2. :· mysql_injection.pdf
  3. :· dns-writeup.txt
  4. :· html5whitepaper.pdf
  5. :· john-1.7.3.1.tar.gz
  6. :· Software.Distribution.Malware.Infection.Vector.pdf
  7. :· HomeSecurityMethodologyVacationGuide.1.2.pdf
  8. :· draft-ietf-tsvwg-port-randomization-01.txt
  9. :· AntiPhishing.pdf
  10. :· securing_a_webserver.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice