Section: .. / Last 20 Files /
| /// File Name: | MDVSA-2010-142.txt | Description:
| Mandriva Linux Security Advisory 2010-142 - The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 16505 | | Related CVE(s): | CVE-2010-0211, CVE-2010-0212 | | Last Modified: | Jul 28 18:42:06 2010 | | MD5 Checksum: | 7c99ef64bfc0338ec6f317c16f73ff04 |
|
| /// File Name: | uplusftp-overflow.txt | Description:
| UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit. | | Author: | Karn Ganeshen,corelanc0d3r | | File Size: | 2777 | | Last Modified: | Jul 28 18:34:54 2010 | | MD5 Checksum: | 60a3b2b94f3545e1846005844320d4f2 |
|
| /// File Name: | symantecams-flaw.txt | Description:
| Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit. | | Author: | Spider | | Related File: | foofus-20100726.txt | | File Size: | 5229 | | Last Modified: | Jul 28 14:20:54 2010 | | MD5 Checksum: | 99af1c5cdd484a0a3d2744bc9ee6a38d |
|
| /// File Name: | jira-xss.txt | Description:
| Jira version 4.0.1 suffers from a cross site scripting vulnerability. | | Author: | MaXe | | File Size: | 2336 | | Last Modified: | Jul 28 14:19:27 2010 | | MD5 Checksum: | bd54a2222350829abde01d653c24d6a4 |
|
| /// File Name: | secunia-autonomykvrp.txt | Description:
| Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4449 | | Related CVE(s): | CVE-2010-0133 | | Last Modified: | Jul 28 14:18:24 2010 | | MD5 Checksum: | 1e07e58e799d937de79f9a8685c827aa |
|
| /// File Name: | secunia-autonomykvindex.txt | Description:
| Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4524 | | Related CVE(s): | CVE-2010-1524 | | Last Modified: | Jul 28 14:17:09 2010 | | MD5 Checksum: | 3d559dc765a3666312900d97ec293124 |
|
| /// File Name: | zemana-escalate.txt | Description:
| Zemana AntiLogger with AntiLog32.sys versions 1.5.2.755 and below suffer from a local privilege escalation vulnerability. | | Author: | th_decoder | | File Size: | 2802 | | Last Modified: | Jul 28 14:10:54 2010 | | MD5 Checksum: | 3c52a66eb2c31dd73df27b7a44faf0b1 |
|
| /// File Name: | ceteraecommerce-sqlxss.txt | Description:
| Cetera eCommerce versions 14.0 and below suffer from cross site scripting and remote SQL injection vulnerabilities. | | Author: | MustLive | | File Size: | 2951 | | Last Modified: | Jul 28 14:08:24 2010 | | MD5 Checksum: | 2eaa26eb1f22884df3d3167bc069e4b0 |
|
| /// File Name: | secunia-wkssriu.txt | Description:
| Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4554 | | Related CVE(s): | CVE-2010-1525 | | Last Modified: | Jul 28 14:05:08 2010 | | MD5 Checksum: | 50abca786543ffdc74a394e0ff72c086 |
|
| /// File Name: | secunia-autonomywosr.txt | Description:
| Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected. | | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4465 | | Related CVE(s): | CVE-2010-0135 | | Last Modified: | Jul 28 14:03:59 2010 | | MD5 Checksum: | 54f75386e8a64e96a4a8814d3df82ed6 |
|
| /// File Name: | secunia-autonomyrtfsigned.txt | Description:
| Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected. | | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4490 | | Related CVE(s): | CVE-2010-0134 | | Last Modified: | Jul 28 14:02:22 2010 | | MD5 Checksum: | 051da84386777387a8d490662fbcab7b |
|
| /// File Name: | secunia-autonomywkssr.txt | Description:
| Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4562 | | Related CVE(s): | CVE-2010-0131 | | Last Modified: | Jul 28 13:59:30 2010 | | MD5 Checksum: | b86bf4c0e20e58cec482e0807c9fbb94 |
|
| /// File Name: | secunia-autonomycfp.txt | Description:
| Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected. | | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4672 | | Related CVE(s): | CVE-2010-0126 | | Last Modified: | Jul 28 13:55:45 2010 | | MD5 Checksum: | 51d0af3f78c93a798c10dd606371c9df |
|
| /// File Name: | apachetomcat-traversal.txt | Description:
| UTF-8 directory traversal /etc/passwd grabbing exploit for Apache Tomcat versions prior to 6.0.18. | | Author: | Simon Ryeo,mywisdom | | File Size: | 3544 | | Related OSVDB(s): | 47464 | | Related CVE(s): | CVE-2008-2938 | | Last Modified: | Jul 28 13:52:44 2010 | | MD5 Checksum: | be0f85711288d99a26465aac5493aec3 |
|
| /// File Name: | joomlaphotomapgallery-sql.txt | Description:
| Joomla PhotoMap Gallery version 1.6.0 suffers from multiple remote blind SQL injection vulnerabilities. | | Author: | Salvatore Fresta | | File Size: | 3585 | | Last Modified: | Jul 28 13:46:30 2010 | | MD5 Checksum: | 929ef26fbab0a2d1e5aa1b95348554d7 |
|
| /// File Name: | avarcade-insecure.txt | Description:
| AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities. | | Author: | saudi0hacker | | File Size: | 905 | | Last Modified: | Jul 28 13:44:53 2010 | | MD5 Checksum: | e24295757afa6e9f6b4a25d30a5fe4e7 |
|
| /// File Name: | nubuilder-rfi.txt | Description:
| nuBuilder version 10.04.x suffers from a remote file inclusion vulnerability. | | Author: | Ahlspiess | | File Size: | 1276 | | Last Modified: | Jul 28 13:43:14 2010 | | MD5 Checksum: | d451eae5886197e24dccb93485ece7ea |
|
| /// File Name: | dsa-2076-1.txt | Description:
| Debian Linux Security Advisory 2076-1 - It was discovered that GnuPG 2 uses a freed pointer when verify a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 9249 | | Related CVE(s): | CVE-2010-2547 | | Last Modified: | Jul 27 21:22:59 2010 | | MD5 Checksum: | 9e20355dee50b90ffcce599a243fd717 |
|
| /// File Name: | MDVSA-2010-141.txt | Description:
| Mandriva Linux Security Advisory 2010-141 - The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request. The updated packages provides samba 3.4.8 which is not vulnerable to these issues. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5981 | | Related CVE(s): | CVE-2010-1635, CVE-2010-1642 | | Last Modified: | Jul 27 21:20:06 2010 | | MD5 Checksum: | 61476c47e396c1762c6244eb9488a6f5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
