.:[ packet storm ]:.
                             
your right to security is a global cause
your right to security is a global cause

 Section:  .. / 0607-advisories  /

Page 1 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 1 - 25 of 526
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 0012.txt
Description:
 WebScarab is subject to a client side script code injection vulnerability which may allow for cross site scripting attacks against web clients connecting through it.
Author:Moritz Naumann
Homepage:http://moritz-naumann.com/
File Size:3455
Last Modified:Jul 20 06:06:33 2006
MD5 Checksum:d03ee7efab38fa0def35baebda2056b8

 ///  File Name: 04072006_rarlabs.pdf
Description:
 WinRAR versions less than 3.60 beta 7 and greater than 3.0 suffer from multiple buffer overflows due to a lack of constraints while copying data.
Author:Ryan Smith
Homepage:http://www.hustlelabs.com/
File Size:68543
Last Modified:Jul 23 23:19:21 2006
MD5 Checksum:4b400cbd6dccb549b9da94522c248f9d

 ///  File Name: 04072006_tweed.pdf
Description:
 Tumbleweed's Email Firewall has three separate vulnerabilities within its LHA processing routines inside of its EMF Decomposer.
Author:Ryan Smith
Homepage:http://www.hustlelabs.com
File Size:117148
Last Modified:Jul 26 04:11:23 2006
MD5 Checksum:b9120c970b1bbb456be2e586166b59a0

 ///  File Name: 07.20.06.txt
Description:
 iDefense Security Advisory 07.20.06 - Local exploitation of an integer overflow vulnerability in Sun Microsystems Inc. Solaris allows attackers to read kernel memory from a non-privileged userspace process.
Homepage:http://www.idefense.com/
File Size:3281
Last Modified:Jul 24 01:44:01 2006
MD5 Checksum:463dbec26cb7e78c893a9acb057e4243

 ///  File Name: AD20060711.txt
Description:
 An array boundary condition in Microsoft Office may be violated by a malicious .xls file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .xls file. Affected products include Microsoft Office 2000 SP3, XP SP3, 2003 SP1/SP2, and possibly others.
Author:Sowhat
Homepage:http://secway.org/
File Size:3700
Related CVE(s):CVE-2006-1306
Last Modified:Jul 12 05:36:54 2006
MD5 Checksum:a9df03e1831592422714c1cee8a743b6

 ///  File Name: adplugbof.txt
Description:
 AdPlug versions 2.0 and below and suffer from multiple heap and buffer overflows. Also affected are CVS versions 04 and below.
Author:Luigi Auriemma
Homepage:http://aluigi.org/
Related Exploit:adplugbof.c
File Size:7836
Last Modified:Jul 9 08:06:09 2006
MD5 Checksum:0f1925d6ce66efbef40d573bac333157

 ///  File Name: adv38-matdhule-2006.txt.txt
Description:
 20:05:36 2006 [ECHO_ADV_38$2006] - Multiple Mambo/Joomla Component Remote File Include Vulnerabilities.
Author:Echo Advisories
Homepage:http://advisories.echo.or.id/
File Size:4384
Last Modified:Jul 13
MD5 Checksum:265bd6c91355fe7c6b9e6b46576283f3

 ///  File Name: agephone1381-en.txt
Description:
 A vulnerability has been found in AGEphone versions 1.24 and 1.38.1 that allows for arbitrary code execution.
Author:Tan Chew Keong
File Size:445
Last Modified:Jul 26 04:26:57 2006
MD5 Checksum:ca11e9865f277afe515c728a5dd621ff

 ///  File Name: aspdll.txt
Description:
 A buffer overflow exists in ASP.DLL that can be exploited by creating a .asp file containing a parameter for the include SSI command. Software affected include IIS 5.0, 5.1, and 6.0.
Author:Brett Moore
Homepage:http://www.security-assessment.com/
File Size:2920
Last Modified:Jul 20 06:08:08 2006
MD5 Checksum:846ec988c392a5cdf3062a8e3e152b96

 ///  File Name: atutor153rc2.txt
Description:
 ATutor version 1.5.3RC2 is susceptible to cross site scripting flaws.
Homepage:http://securitynews.ir/
File Size:984
Last Modified:Jul 9 08:33:47 2006
MD5 Checksum:361bf70f20ee01165137486aba58517e

 ///  File Name: blackboardXSS.txt
Description:
 Blackboard Academic Suite version 6.2.3.23 is susceptible to a cross site scripting flaw.
File Size:3277
Last Modified:Jul 24 00:32:22 2006
MD5 Checksum:4f7fc82eefb9b17300f707fa4da3ccd8

 ///  File Name: checkpointTraverse.txt
Description:
 Check Point Firewall-1 R55W suffers from a directory traversal flaw via hex encoded strings.
Author:Pete Foster
Homepage:http://www.sec-tec.co.uk/
File Size:1390
Last Modified:Jul 26 03:57:25 2006
MD5 Checksum:ee09738e3fba7d09f943b948857e31e5

 ///  File Name: cheesebof.txt
Description:
 Cheese Tracker versions 0.9.9 and below suffers from a buffer overflow vulnerability in Loader_XM::load_instrument_internal.
Author:Luigi Auriemma
Homepage:http://aluigi.org
Related Exploit:cheesebof.zip
File Size:2171
Last Modified:Jul 26 03:09:09 2006
MD5 Checksum:e3bfd46e98aef45c6fe0c833b7f08b77

 ///  File Name: cisco-sa-20060712-crws.txt
Description:
 Cisco Security Advisory - The default Cisco IOS configuration shipped with the Cisco Router Web Setup (CRWS) application allows the execution of commands at privilege level 15 through the Cisco IOS HTTP (Hypertext Transfer Protocol) server web interface without requiring authentication credentials. Privilege level 15 is the highest privilege level on Cisco IOS devices. Cisco routers whose configurations have been based on the default IOS configuration shipped with any version of CRWS prior to version 3.3.0 build 31 may be affected by this vulnerability.
Homepage:http://www.cisco.com/
File Size:21531
Last Modified:Jul 13 18:35:11 2006
MD5 Checksum:79e018a8b2ee3146a31cb0f6de190017

 ///  File Name: cisco-sa-20060712-cucm.txt
Description:
 Cisco Security Advisory - Cisco Unified CallManager (CUCM) 5.0 has Command Line Interface (CLI) and Session Initiation Protocol (SIP) related vulnerabilities. There are potential privilege escalation vulnerabilities in the CLI which may allow an authenticated administrator to access the base operating system with root privileges. There is also a buffer overflow vulnerability in the processing of hostnames contained in a SIP request which may result in arbitrary code execution or cause a denial of service. These vulnerabilities only affect Cisco Unified CallManager 5.0.
Homepage:http://www.cisco.com/
File Size:11345
Last Modified:Jul 13 18:35:54 2006
MD5 Checksum:8754493d856ce98802d07cfa9b3fadb4

 ///  File Name: cisco-sa-20060712-ips.txt
Description:
 Cisco Security Advisory - Cisco Intrusion Prevention System (IPS) software version 5.1 is vulnerable to a denial of service condition caused by a malformed packet, which may result in an IPS device becoming inaccessible remotely or via the console and fail to process packets. A power reset is required to recover the IPS device. There are no workarounds for this vulnerability. Cisco Intrusion Prevention System 42xx appliances running IPS software versions 5.1(1), 5.1(1a), 5.1(1b), 5.1(1c), 5.1(1d), 5.1(1e) or 5.1(p1) are affected.
Homepage:http://www.cisco.com/
File Size:11242
Last Modified:Jul 13 18:39:58 2006
MD5 Checksum:a9474c89afcb88f698fff55bcc8fc6b0

 ///  File Name: cisco-sa-20060719-mars.txt
Description:
 Cisco Security Advisory - Cisco Security Monitoring, Analysis and Response System (CS-MARS) software contains vulnerabilities related to third-party software and the command line interface (CLI). CS-MARS ships with an Oracle database. The database contains several default Oracle accounts which have well-known passwords. If access to the database is obtained, the default accounts may be used to access sensitive information contained in the database. CS-MARS ships with the JBoss web application server. A component of the JBoss installation may allow a remote, unauthenticated user to execute arbitrary shell commands with the privileges of the CS-MARS administrator. The CS-MARS CLI contains several vulnerabilities which may allow authenticated administrators to execute arbitrary shell commands with root privileges. All vulnerabilities addressed in this advisory have been corrected in CS-MARS software version 4.2.1.
Homepage:http://www.cisco.com
File Size:12800
Last Modified:Jul 23 23:29:23 2006
MD5 Checksum:4a4019359c7c105d244a5a0eb58e07eb

 ///  File Name: ciscoVPN.txt
Description:
 NTA Monitor discovered a denial of service vulnerability in the Cisco VPN 3000 series concentrator products while performing a VPN security test for a customer in July 2005. The vulnerability affects Phase-1 of the IKE protocol. Both Main Mode and Aggressive Mode over both UDP and TCP transports are affected. The vulnerability allows an attacker to exhaust the IKE resources on a VPN concentrator by sending a high rate of IKE requests, which will prevent valid clients from connected or re-keying. The attack does not require a high bandwidth, so one attacker could potentially target many concentrators. This mechanism behind this vulnerability is similar to the well-known TCP SYN flood vulnerability.
Author:Roy Hills
Homepage:http://www.nta-monitor.com/
File Size:4892
Last Modified:Jul 27 22:24:46 2006
MD5 Checksum:10be1a5fa890c9694fb8a199a8cab198

 ///  File Name: CYBSEC-mswinDHCP.txt
Description:
 A remote buffer overflow vulnerability has been identified in Microsoft Windows DHCP-Client service. Affected include Microsoft Windows 2000 SP4 and below, Microsoft Windows XP SP2 and below, and Microsoft Windows 2003 SP1 and below.
Author:Mariano Nunez Di Croce
Homepage:http://www.cybsec.com/
File Size:2619
Last Modified:Jul 12 05:17:55 2006
MD5 Checksum:e5006150d8e56274970c6cccc19613a7

 ///  File Name: demostore.txt
Description:
 The Demo Store version of AFCommerce Shopping Cart is susceptible to SQL injection and cross site scripting flaws.
Author:sledge
File Size:965
Last Modified:Jul 23 23:22:24 2006
MD5 Checksum:1fe6e813ec026dc5136b1b2f6349c89c

 ///  File Name: dsa-1104-2.txt
Description:
 Debian Security Advisory 1104-2 - Loading malformed XML documents can cause buffer overflows in OpenOffice.org, a free office suite, and cause a denial of service or execute arbitrary code. It turned out that the correction in DSA 1104-1 was not sufficient, hence, another update.
Homepage:http://www.debian.org/security
File Size:14405
Related CVE(s):CVE-2006-3117
Last Modified:Jul 9 07:43:47 2006
MD5 Checksum:75ba8c067f5bea8c274442d86089828d

 ///  File Name: dsa-1105-1.txt
Description:
 Debian Security Advisory 1105-1 - Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, that could allow a remote attacker to cause a denial of service.
Homepage:http://www.debian.org/security
File Size:11439
Related CVE(s):CVE-2006-2802
Last Modified:Jul 9 08:30:36 2006
MD5 Checksum:62b2ab8347abf79b44050e61e860a55d

 ///  File Name: dsa-1106-1.txt
Description:
 Debian Security Advisory 1106-1 - Marcus Meissner discovered that the winbind plugin in pppd does not check whether a setuid() call has been successful when trying to drop privileges, which may fail with some PAM configurations.
Homepage:http://www.debian.org/security
File Size:5182
Related CVE(s):CVE-2006-2194
Last Modified:Jul 12 04:25:51 2006
MD5 Checksum:46ef060ac2e80a4229250e36a49bd56b

 ///  File Name: dsa-1107-1.txt
Description:
 Debian Security Advisory 1107-1 - Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free PGP replacement contains an integer overflow that can cause a segmentation fault and possibly overwrite memory via a large user ID strings.
Homepage:http://www.debian.org/security
File Size:7518
Related CVE(s):CVE-2006-3082
Last Modified:Jul 12 04:49:45 2006
MD5 Checksum:34fee931bf41d912c5985a559e6d489c

 ///  File Name: dsa-1108-1.txt
Description:
 Debian Security Advisory 1108-1 - It was discovered that the mutt mail reader performs insufficient validation of values returned from an IMAP server, which might overflow a buffer and potentially lead to the injection of arbitrary code.
Homepage:http://www.debian.org/security
File Size:5027
Related CVE(s):CVE-2006-3242
Last Modified:Jul 12 05:04:10 2006
MD5 Checksum:432b6aeb548ac361aff1f6329c176081
 

 ///  Last 10 Files
  1. :· ttyrpld-2.52.tar.bz2
  2. :· ephpb2b-sql.txt
  3. :· scip-dlink.txt
  4. :· ephpscripts-sql.txt
  5. :· seamonkey-dos.txt
  6. :· wordpress261-sql.txt
  7. :· informer.txt
  8. :· alstrasoftforum-sql.txt
  9. :· arpreply.tgz
  10. :· masir-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· scip-dlink.txt
  2. :· glsa-200809-06.txt
  3. :· PLSA-2008-41.txt
  4. :· PLSA-2008-40.txt
  5. :· PLSA-2008-39.txt
  6. :· PLSA-2008-38.txt
  7. :· PLSA-2008-37.txt
  8. :· MDVSA-2008-188.txt
  9. :· glsa-200809-05.txt
  10. :· PLSA-2008-36.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· ephpb2b-sql.txt
  2. :· ephpscripts-sql.txt
  3. :· seamonkey-dos.txt
  4. :· wordpress261-sql.txt
  5. :· alstrasoftforum-sql.txt
  6. :· masir-sql.txt
  7. :· memht-shell.txt
  8. :· phpadult-sqlxss.txt
  9. :· smf-reset.txt
  10. :· integramod-database.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· ttyrpld-2.52.tar.bz2
  2. :· informer.txt
  3. :· arpreply.tgz
  4. :· clamav-0.94.tar.gz
  5. :· distack-1.1.0-dev.tar.gz
  6. :· samhain-2.4.6.tar.gz
  7. :· sqlmap-0.6.tar.gz
  8. :· psbot.py.txt
  9. :· mimedefang-2.65.tar.gz
  10. :· advchk-2.11.tar.bz2
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice