«
Expand/Collapse
570 items tagged "attacker"
Related tags:
linux [+],
gentoo linux security [+],
gentoo [+],
cisco security advisory [+],
cisco security [+],
buffer [+],
security notice [+],
vasily [+],
righi [+],
andrea righi [+],
dalili [+],
based buffer overflow [+],
arbitrary commands [+],
notice [+],
user [+],
svg [+],
ruby [+],
puppet [+],
project security [+],
project [+],
mysql [+],
key [+],
free software updates [+],
code [+],
asterisk [+],
application crash [+],
denial of service [+],
zero day [+],
zero [+],
robert swiecki [+],
kulikov [+],
directory [+],
arbitrary locations [+],
applicationxtender [+],
zenworks [+],
novell zenworks asset management [+],
novell [+],
jake montgomery [+],
firefox [+],
asset [+],
www data [+],
wrf [+],
willem pinckaers [+],
wilfried weissmann [+],
wilfried [+],
webcalendar [+],
version 6 [+],
unicode characters [+],
tomas mraz [+],
tftp [+],
system director [+],
system [+],
ssh [+],
sql [+],
soroush [+],
site [+],
simatic [+],
siemens simatic [+],
siemens [+],
shugo [+],
setseed [+],
server [+],
security technologies [+],
scot doyle [+],
router [+],
retrieval requests [+],
resource exhaustion [+],
remote access [+],
red hat security [+],
red [+],
reader [+],
read more [+],
read [+],
proof of concept [+],
privilege escalation vulnerability [+],
privilege [+],
pre [+],
pppd [+],
phpmyadmin [+],
php [+],
permission access [+],
overflow [+],
oracle [+],
openoffice [+],
ole [+],
network requests [+],
netdecision [+],
mp server [+],
memory safety [+],
memory corruption [+],
memory [+],
markus vervier [+],
management software application [+],
mace [+],
mac os x [+],
mac os [+],
lts [+],
login service [+],
lockers [+],
linux kernel [+],
link [+],
lightweight directory access protocol [+],
license [+],
libtasn [+],
keyserver [+],
key systems [+],
key locker [+],
justin w. clarke [+],
joseph [+],
java script [+],
james kettle [+],
issue [+],
inclusion [+],
inappropriate permissions [+],
identityminder [+],
ibm [+],
hans spaans [+],
gta sa [+],
garrettcom [+],
foxit [+],
flaw [+],
file [+],
exploitation [+],
escalation [+],
electronic [+],
dwayne litzenberger [+],
drupal [+],
documentsummaryinformation [+],
django [+],
discovery protocol [+],
directory traversal vulnerability [+],
director [+],
der [+],
dan rosenberg [+],
dan luther [+],
crypt function [+],
credentials [+],
cpu [+],
corruption [+],
code execution [+],
cms [+],
cisco webex [+],
cisco telepresence [+],
cisco secure [+],
cisco sales [+],
cisco ios software [+],
cisco ios [+],
cisco discovery [+],
cfg [+],
certificate name [+],
ca directory [+],
brute force [+],
bob clary [+],
bind [+],
big ip [+],
authentication [+],
attack [+],
arcserve [+],
arbitrary files [+],
ara [+],
administrative commands [+],
admin user [+],
acs [+],
Software [+],
wvdial [+],
victim [+],
usb [+],
unprivileged users [+],
traffic load [+],
takeover [+],
request [+],
queue [+],
pass [+],
modeswitch [+],
metasploit framework [+],
metasploit [+],
matthew weeks [+],
liferay [+],
j. aedla [+],
information leaks [+],
hostile networks [+],
checking [+],
anatomy [+],
usn [+],
gain root privileges [+],
vulnerability [+],
usa [+],
story [+],
sophistication [+],
sophisticated attacker [+],
sophisticated attack [+],
sim [+],
security issues [+],
screensaver [+],
schoenefeld [+],
remote [+],
prevention system [+],
parsers [+],
paper [+],
netop [+],
maynor [+],
marc schoenefeld [+],
javascript links [+],
identify [+],
hard coded [+],
hackers [+],
gnome [+],
fonts [+],
execution [+],
david maynor [+],
counterattack [+],
control [+],
confidential data [+],
charity attacker [+],
charity [+],
borken [+],
black hat [+],
bigpond [+],
authors [+],
anonymous hackers [+],
anonymous [+],
arbitrary code [+],
security advisory [+],
nick bowler [+],
message digest algorithm [+],
denial [+],
arbitrary code execution [+],
service [+],
security [+],
ubuntu [+],
vasiliy kulikov [+],
svg animations [+],
zip file,
xauth,
wuethrich,
wpa wpa2,
wpa,
workloads,
wordtrainer,
wlan,
windows,
whitepaper,
webserver user,
webmail application,
webas,
webapps,
web attacker,
web application,
web,
watchdek,
vpn client,
vpn,
volker lendecke,
virtual cd rom,
video,
versions of microsoft windows,
version,
vendor daemon,
url,
uri,
update,
unidesk,
unauthorized files,
uart driver,
u file,
txt,
twitter,
traffic,
tool,
tomcat,
tomas hoger,
tls,
title,
titanftp,
timo warns,
timer events,
tim starling,
tim brown,
thunderbird,
thomas pollet,
theo snelleman,
terminal emulators,
ted mielczarek,
technical,
tcp implementations,
tavis ormandy,
target system,
target,
t. second,
system privileges,
sudo,
subsystem,
string arguments,
string,
storage mechanisms,
storage mechanism,
steve dispensa,
steve chen,
starvation,
stagers,
stack overflow,
stack buffer,
sslv3,
sslv,
sql injection,
spree,
source buffer,
social networking,
social engineering,
soap request,
smb service,
single quote,
signature system,
showmodaldialog,
shortcut,
shawn emery,
session cookie,
session,
server versions,
server version,
server request,
server code,
server authentication,
security vulnerability,
security descriptor,
security controls,
security accounts manager,
securetransport,
sebastian krahmer,
scsi subsystem,
scribe,
scheduler,
sap,
samba,
sam,
safer use,
runas,
root privileges,
root privilege,
ronald volgers,
ricky zhou,
request parameters,
request body,
renegotiation,
rafal wojtczuk,
race,
quagga,
public mode,
protocol handler,
protector,
prompt text,
privileged operations,
private keys,
port,
pls file,
pixelpost,
pierre,
pidgin,
php shell,
phil oester,
penetration test,
pellerano,
peazip,
pdf,
paul nickerson,
password,
part,
pam pam,
pam,
packard,
org,
option,
opie,
opcode,
omniinet,
occurrences,
null pointer,
notice 974,
nicolas joly,
network,
netcat,
nelson elhage,
natty,
nalin dahyabhai,
mtab,
msn protocol,
mr. oizo,
moinmoin,
module,
modo,
microsoft,
michael wu,
message types,
message strings,
message,
memory allocations,
memory access,
martin barbella,
martijn wargers,
marsh ray,
markus wuethrich,
marcus granado,
mandriva linux,
mandriva,
manager. for,
management,
man in the middle attack,
malicious website,
mail delivery program,
mail,
macro commands,
mac,
lxo,
luxology,
local privilege escalation,
linux security,
license server,
libvpx,
libmikmod,
legitimate users,
ld library,
l. minier,
kssl,
keys files,
kevin chen,
kevin brosnan,
kernel stack,
kernel module,
kernel memory,
kernel,
kerberos,
julius plenz,
json,
jordi chancel,
joel johnson,
jetty web,
jetty,
jesse ruderman,
javascript engine,
javascript,
jan lieskovsky,
jan,
itunes for windows,
irssi,
integer overflow vulnerability,
integer overflow,
input,
injection,
initial installation,
information version,
impulse tracker,
igor bukanov,
idefense security advisory,
idefense,
ian beer,
html element,
homepages,
heap memory,
habib chowdhury,
gustav rydstedt,
guest kernel,
gssapi,
group,
google,
giovanni pellerano,
georgi guninski,
gary kwong,
francesco ongaro,
fortiguard,
fcrontab,
fabian yamaguchi,
ez shopwner,
enomaly,
encrypted passwords,
encrypted communications,
emmanuel bouillon,
eepayload,
edubuntu,
eduardo vela,
ecp,
dsa,
dmitri gribenkodmitri,
directory traversal,
direct access,
digital,
dhcp,
despam,
design,
delivery,
default version,
default compiler,
deepburner,
debian linux,
dbr,
db system,
day,
david zych,
dave jones,
data protector,
data,
daniel veditz,
daniel atallah,
dan rosenburg,
dan boneh,
d2d,
d. a,
cyber security,
cyber,
cups,
cryptography,
cross,
could allow remote code execution,
core,
coolplayer,
controller area network,
content disposition,
consona,
confidential information,
communication methods,
communication,
command execution,
command,
collin jackson,
client,
clamav,
cisco secure access control,
cisco anyconnect,
ciphersuite,
chrome,
christoph diehl,
christian biesinger,
chris evans,
chaos communication congress,
ca xosoft,
ca arcserve,
byte,
bug workaround,
buffer overflow vulnerability,
buffer overflow,
browsing,
browsers support,
browser session,
browser engine,
browser,
brian almeida,
brad spengler,
boris zbarsky,
bogofilter,
bof,
blip tv,
bert hubert,
ben hawkes,
baptiste gourdin,
axway,
available memory,
authentication server,
authentication protocol,
audiotran,
arpspoof,
arp spoofing,
arp,
arcot,
archive,
arcane software,
arabic,
application protocol,
application,
aol,
andrew griffiths,
algorithm implementations,
alexander miller,
alexa,
alessandro tanasi,
alan cox,
ajp,
airodump,
advisory,
adrian pastor,
administrative resources,
admin,
adam zabrocki,
activex control,
activex,
acs database,
account,
access,
Support,
Skype,
Newbie,
Howto,
BackTrack,
Area,
versions
-
-
12:21
»
Packet Storm Security Advisories
CA Technologies Support is alerting customers to two potential risks in CA IdentityMinder (formerly known as CA Identity Manager). Two vulnerabilities exist that can allow a remote attacker to execute arbitrary commands, manipulate data, or gain elevated access. CA Technologies has issued patches to address the vulnerability. The first vulnerability allows a remote attacker to execute arbitrary commands or manipulate data. The second vulnerability allows a remote attacker to gain elevated access.
-
12:21
»
Packet Storm Security Recent Files
CA Technologies Support is alerting customers to two potential risks in CA IdentityMinder (formerly known as CA Identity Manager). Two vulnerabilities exist that can allow a remote attacker to execute arbitrary commands, manipulate data, or gain elevated access. CA Technologies has issued patches to address the vulnerability. The first vulnerability allows a remote attacker to execute arbitrary commands or manipulate data. The second vulnerability allows a remote attacker to gain elevated access.
-
12:21
»
Packet Storm Security Misc. Files
CA Technologies Support is alerting customers to two potential risks in CA IdentityMinder (formerly known as CA Identity Manager). Two vulnerabilities exist that can allow a remote attacker to execute arbitrary commands, manipulate data, or gain elevated access. CA Technologies has issued patches to address the vulnerability. The first vulnerability allows a remote attacker to execute arbitrary commands or manipulate data. The second vulnerability allows a remote attacker to gain elevated access.
-
-
22:05
»
Packet Storm Security Advisories
Ubuntu Security Notice 1662-1 - It was discovered that APT set inappropriate permissions on the term.log file. A local attacker could use this flaw to possibly obtain sensitive information.
-
22:05
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1662-1 - It was discovered that APT set inappropriate permissions on the term.log file. A local attacker could use this flaw to possibly obtain sensitive information.
-
22:05
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1662-1 - It was discovered that APT set inappropriate permissions on the term.log file. A local attacker could use this flaw to possibly obtain sensitive information.
-
-
18:36
»
Packet Storm Security Advisories
Ubuntu Security Notice 1659-1 - It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.
-
18:36
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1659-1 - It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.
-
18:36
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1659-1 - It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.
-
18:36
»
Packet Storm Security Advisories
Ubuntu Security Notice 1658-1 - It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code.
-
18:36
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1658-1 - It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code.
-
18:36
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1658-1 - It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code.
-
-
7:56
»
Packet Storm Security Advisories
Ubuntu Security Notice 1657-1 - It was discovered that Bind incorrectly handled certain crafted queries when DNS64 was enabled. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
7:56
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1657-1 - It was discovered that Bind incorrectly handled certain crafted queries when DNS64 was enabled. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
7:56
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1657-1 - It was discovered that Bind incorrectly handled certain crafted queries when DNS64 was enabled. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
-
7:45
»
Carnal0wnage
Having played both the attacker and defender role for many years something I have often seen and even done myself is make statements and assumptions about the "sophistication" of my adversary.
Often when some big hack occurs, blogs, media stories and quotes from experts will espouse opinions that "the attacker was not very sophisticated" or "it was an extremely sophisticated attack". I believe that often times, and I myself have been guilty of this, these assertions are the result of a wrong headed analysis and misunderstanding of what sophistication means in the context of computer attacks.
An example will help illustrate the point. I have heard stuxnet labeled both sophisticated and unsophisticated. One might be tempted to point to the inclusion of 4 0days as proving that highly skilled attackers launched this attack. Well 0days can be bought. Others might say; well the way it was caught and the fact that it could infect more than it's presumed target means the attackers weren't very good. Even the most well developed attacks get caught eventually. (See the device the Russians implanted in the Great Seal 60 years ago)
A truly sophisticated attacker will use only what is necessary and cost effective to achieve their goals and no more. An even better attacker will attempt to convince you they are not very good and waste as much of your time as possible while still achieving the goal.
I would put forth the idea that the determination of sophistication be based on the following:
Did the attacker achieve their goals?
Let us assume further that these goals consist of:
1.) Gaining unauthorized access to one or more of your systems
If they achieve #1 then they have already proven to be more sophisticated than your first line of defensive / prevention system as well as your user awareness and training program.To speak of the attacker as unsophisticated because they used an automated SQL injection tool or basic phishing email is silly because you have no idea how good they are based soley on the penetration mechanism and they are already more sophisticated than your ability to stop them.
2.) Evasion of detection, at least for the period of time required to complete some goals
If they have a shell on one of your systems, and nothing detects, alerts or responds, then the attacker is more sophisticated than your SIM implementation, IDS and first line analysts at least from the detection during initial attack standpoint. The fact that they used XOR vs full SSL to protect network communications from detection is irrelevant and gives you no clue as to how good they are.
3.) Access to and/or exfiltration of sensitive data
If the attacker has been able to take the data they are targeting then they have overcome your internal controls, ACLs and data protection. It matters not if they used a zip file or steganography to package the data.
4.) Persistence
If the attacker can persist with unauthorized access on your system for any period of time then they have outsmarted your defensive team, your secure configuration management and basically all your defenses. It doesn't matter if their method of persistence is a simple userland executable launched from the Run key in the registry or a highly stealthy kernel driver, they won that round.
5.) Effect
If they can cause a real world effect such as blowing up your centrifuges, gaining a competitive advantage, or spending your money then that is the final nail in your coffin. They are more sophisticated than you are, regardless of what type of exploit they used, if it was a 10 year old PERL CGI bug or one that uses memory tai chi to elegantly overcome windows 7 buffer overflow protection.
Lets think about this for a minute. Think of all the money, time, resources and personel you have expended on perimeter defense, detection and alerting, and analytical teams. Think of the work involved at the vendors who have developed all of the products and appliances you have purchased. The PHDs at AV vendors designing heuristics, the smart guys and girls developing exploits and signatures at your favorite IDS company. The awesome hax0rs at the pen test company you just hired. The often millions of dollars spent on defense.
All of this and the attacker has subverted it, maybe with a month of work, maybe less, and considerably less funding in most cases. So who is the sophisticated one?
The only place you might have won is in the forensics post-event department, usually the least funded and most resource starved component of your program. This is usually where the determination is made that the attacker was not very sophisticated because it was possible to reverse engineer the attack and understand the tools and techniques used. That's great but just because you an understand that an assasin used a rock to kill a VIP doesn't mean the assasin sucks if they got away from the highly skilled protection detail, the target is dead, and their identity remains unknown.
So pause for a moment before you label an attacker unsophisticated or a skript kiddie. Ask yourself, did they achieve the above mentioned goas? If so then they outsmarted you.
V.
-
18:33
»
Packet Storm Security Exploits
By sending a specially crafted request to a vulnerable IBM System Director sever, an attacker can force it to load a DLL remotely from a WebDAV share. Versions 5.20.3 and below are vulnerable.
-
18:33
»
Packet Storm Security Recent Files
By sending a specially crafted request to a vulnerable IBM System Director sever, an attacker can force it to load a DLL remotely from a WebDAV share. Versions 5.20.3 and below are vulnerable.
-
18:33
»
Packet Storm Security Misc. Files
By sending a specially crafted request to a vulnerable IBM System Director sever, an attacker can force it to load a DLL remotely from a WebDAV share. Versions 5.20.3 and below are vulnerable.
-
-
13:42
»
Packet Storm Security Advisories
Ubuntu Security Notice 1634-1 - Dwayne Litzenberger discovered that Python Keyring's CryptedFileKeyring file format used weak cryptography. A local attacker may use this issue to brute-force CryptedFileKeyring keyring files. This issue only affected Ubuntu 11.10 and Ubuntu 12.04 LTS. It was discovered that Python Keyring created keyring files with insecure permissions. A local attacker could use this issue to access keyring files belonging to other users. Various other issues were also addressed.
-
13:42
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1634-1 - Dwayne Litzenberger discovered that Python Keyring's CryptedFileKeyring file format used weak cryptography. A local attacker may use this issue to brute-force CryptedFileKeyring keyring files. This issue only affected Ubuntu 11.10 and Ubuntu 12.04 LTS. It was discovered that Python Keyring created keyring files with insecure permissions. A local attacker could use this issue to access keyring files belonging to other users. Various other issues were also addressed.
-
13:42
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1634-1 - Dwayne Litzenberger discovered that Python Keyring's CryptedFileKeyring file format used weak cryptography. A local attacker may use this issue to brute-force CryptedFileKeyring keyring files. This issue only affected Ubuntu 11.10 and Ubuntu 12.04 LTS. It was discovered that Python Keyring created keyring files with insecure permissions. A local attacker could use this issue to access keyring files belonging to other users. Various other issues were also addressed.
-
-
23:06
»
Packet Storm Security Advisories
Ubuntu Security Notice 1632-1 - James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users.
-
23:06
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1632-1 - James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users.
-
23:06
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1632-1 - James Kettle discovered Django did not properly filter the Host HTTP header when processing certain requests. An attacker could exploit this to generate and display arbitrary URLs to users.
-
-
16:35
»
Packet Storm Security Advisories
Ubuntu Security Notice 1629-1 - Tomas Mraz discovered that libproxy incorrectly handled certain PAC files. A remote attacker could use this issue to cause libproxy to crash, or to possibly execute arbitrary code.
-
16:35
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1629-1 - Tomas Mraz discovered that libproxy incorrectly handled certain PAC files. A remote attacker could use this issue to cause libproxy to crash, or to possibly execute arbitrary code.
-
16:35
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1629-1 - Tomas Mraz discovered that libproxy incorrectly handled certain PAC files. A remote attacker could use this issue to cause libproxy to crash, or to possibly execute arbitrary code.
-
-
16:30
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco Secure Access Control System (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication service offered by the affected product. The vulnerability is due to improper validation of the user-supplied password when TACACS+ is the authentication protocol and Cisco Secure ACS is configured with a Lightweight Directory Access Protocol (LDAP) external identity store. An attacker may exploit this vulnerability by sending a special sequence of characters when prompted for the user password. The attacker would need to know a valid username stored in the LDAP external identity store to exploit this vulnerability, and the exploitation is limited to impersonate only that user. An exploit could allow the attacker to successfully authenticate to any system using TACACS+ in combination with an affected Cisco Secure ACS. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability.
-
16:30
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco Secure Access Control System (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication service offered by the affected product. The vulnerability is due to improper validation of the user-supplied password when TACACS+ is the authentication protocol and Cisco Secure ACS is configured with a Lightweight Directory Access Protocol (LDAP) external identity store. An attacker may exploit this vulnerability by sending a special sequence of characters when prompted for the user password. The attacker would need to know a valid username stored in the LDAP external identity store to exploit this vulnerability, and the exploitation is limited to impersonate only that user. An exploit could allow the attacker to successfully authenticate to any system using TACACS+ in combination with an affected Cisco Secure ACS. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability.
-
16:30
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco Secure Access Control System (ACS) contains a vulnerability that could allow an unauthenticated, remote attacker to bypass TACACS+ based authentication service offered by the affected product. The vulnerability is due to improper validation of the user-supplied password when TACACS+ is the authentication protocol and Cisco Secure ACS is configured with a Lightweight Directory Access Protocol (LDAP) external identity store. An attacker may exploit this vulnerability by sending a special sequence of characters when prompted for the user password. The attacker would need to know a valid username stored in the LDAP external identity store to exploit this vulnerability, and the exploitation is limited to impersonate only that user. An exploit could allow the attacker to successfully authenticate to any system using TACACS+ in combination with an affected Cisco Secure ACS. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability.
-
-
19:30
»
Packet Storm Security Advisories
Ubuntu Security Notice 1624-1 - It was discovered that Remote Login Service incorrectly purged account information when switching users. A local attacker could use this issue to possibly obtain sensitive information.
-
19:30
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1624-1 - It was discovered that Remote Login Service incorrectly purged account information when switching users. A local attacker could use this issue to possibly obtain sensitive information.
-
19:30
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1624-1 - It was discovered that Remote Login Service incorrectly purged account information when switching users. A local attacker could use this issue to possibly obtain sensitive information.
-
-
8:15
»
Packet Storm Security Advisories
Ubuntu Security Notice 1618-1 - It was discovered that Exim incorrectly handled DKIM DNS decoding. This flaw could allow a remote attacker to execute arbitrary code.
-
8:15
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1618-1 - It was discovered that Exim incorrectly handled DKIM DNS decoding. This flaw could allow a remote attacker to execute arbitrary code.
-
8:15
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1618-1 - It was discovered that Exim incorrectly handled DKIM DNS decoding. This flaw could allow a remote attacker to execute arbitrary code.
-
-
20:21
»
Packet Storm Security Advisories
Ubuntu Security Notice 1603-2 - USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. Various other issues were also addressed.
-
20:21
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1603-2 - USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. Various other issues were also addressed.
-
20:21
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1603-2 - USN-1603-1 fixed vulnerabilities in Ruby. This update provides the corresponding updates for Ubuntu 12.10. Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. Various other issues were also addressed.
-
17:00
»
SecuriTeam
The firmware running on the affected routers is subject to multiple security issues that allow an unauthenticated attacker to gain administrative access to the device and execute arbitrary commands.
-
-
12:43
»
SecDocs
Authors:
Matthew Weeks Tags:
vulnerability Event:
Black Hat DC 2011 Abstract: In hostile networks, most people hope their con kung-fu is good enough to avoid getting owned. But for everyone who has ever wanted to reverse the attack, not getting owned is not enough. We will see how it is often possible for the intended victim to not only confuse and frustrate the attacker, but actually trade places and own the attacker. This talk will detail vulnerabilities in security tools, how these vulnerabilities were discovered, factors increasing the number of vulnerable systems, how the exploits work, creating cross-platform payloads, and how to defend yourself whether attacking or counterattacking. The audience will be invited to participate as complete exploit code will be released and demonstrated against the Metasploit Framework itself.
-
12:43
»
SecDocs
Authors:
Matthew Weeks Tags:
vulnerability Event:
Black Hat DC 2011 Abstract: In hostile networks, most people hope their con kung-fu is good enough to avoid getting owned. But for everyone who has ever wanted to reverse the attack, not getting owned is not enough. We will see how it is often possible for the intended victim to not only confuse and frustrate the attacker, but actually trade places and own the attacker. This talk will detail vulnerabilities in security tools, how these vulnerabilities were discovered, factors increasing the number of vulnerable systems, how the exploits work, creating cross-platform payloads, and how to defend yourself whether attacking or counterattacking. The audience will be invited to participate as complete exploit code will be released and demonstrated against the Metasploit Framework itself.
-
-
17:01
»
Packet Storm Security Advisories
Core Security Technologies Advisory - A vulnerability exists in atas32.dll affecting Cisco WebEx Player version 3.26 that allows an attacker to corrupt memory, which may lead to code execution in the context of the currently logged on user.
-
17:01
»
Packet Storm Security Recent Files
Core Security Technologies Advisory - A vulnerability exists in atas32.dll affecting Cisco WebEx Player version 3.26 that allows an attacker to corrupt memory, which may lead to code execution in the context of the currently logged on user.
-
17:01
»
Packet Storm Security Misc. Files
Core Security Technologies Advisory - A vulnerability exists in atas32.dll affecting Cisco WebEx Player version 3.26 that allows an attacker to corrupt memory, which may lead to code execution in the context of the currently logged on user.
-
-
23:07
»
Packet Storm Security Advisories
Ubuntu Security Notice 1605-1 - It was discovered that Quagga incorrectly handled certain malformed messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.
-
23:07
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1605-1 - It was discovered that Quagga incorrectly handled certain malformed messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.
-
23:07
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1605-1 - It was discovered that Quagga incorrectly handled certain malformed messages. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.
-
-
23:35
»
Packet Storm Security Advisories
Ubuntu Security Notice 1601-1 - Jake Montgomery discovered that Bind incorrectly handled certain specific combinations of RDATA. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
23:35
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1601-1 - Jake Montgomery discovered that Bind incorrectly handled certain specific combinations of RDATA. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
23:35
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1601-1 - Jake Montgomery discovered that Bind incorrectly handled certain specific combinations of RDATA. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
23:35
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1601-1 - Jake Montgomery discovered that Bind incorrectly handled certain specific combinations of RDATA. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
23:35
»
Packet Storm Security Advisories
Ubuntu Security Notice 1603-1 - Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions.
-
23:35
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1603-1 - Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions.
-
23:35
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1603-1 - Shugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions.
-
-
16:22
»
Packet Storm Security Exploits
Key Systems Electronic Key Lockers contain a command injection vulnerability which may allow a remote unauthenticated attacker to inject commands into the electronic key locker. Key Systems Electronic Key Lockers also contains weak authentication which could allow an attacker administrative access to the electronic key locker.
-
16:22
»
Packet Storm Security Recent Files
Key Systems Electronic Key Lockers contain a command injection vulnerability which may allow a remote unauthenticated attacker to inject commands into the electronic key locker. Key Systems Electronic Key Lockers also contains weak authentication which could allow an attacker administrative access to the electronic key locker.
-
16:22
»
Packet Storm Security Misc. Files
Key Systems Electronic Key Lockers contain a command injection vulnerability which may allow a remote unauthenticated attacker to inject commands into the electronic key locker. Key Systems Electronic Key Lockers also contains weak authentication which could allow an attacker administrative access to the electronic key locker.
-
-
21:00
»
Packet Storm Security Advisories
CA Technologies Support is alerting customers to two potential risks in CA License (also known as CA Licensing). Vulnerabilities exist that can allow a local attacker to execute arbitrary commands or gain elevated access. CA Technologies has issued patches to address the vulnerabilities.
-
21:00
»
Packet Storm Security Recent Files
CA Technologies Support is alerting customers to two potential risks in CA License (also known as CA Licensing). Vulnerabilities exist that can allow a local attacker to execute arbitrary commands or gain elevated access. CA Technologies has issued patches to address the vulnerabilities.
-
21:00
»
Packet Storm Security Misc. Files
CA Technologies Support is alerting customers to two potential risks in CA License (also known as CA Licensing). Vulnerabilities exist that can allow a local attacker to execute arbitrary commands or gain elevated access. CA Technologies has issued patches to address the vulnerabilities.
-
-
16:51
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201209-22 - A vulnerability in libgssglue may allow a local attacker to gain escalated privileges. Versions less than 0.4 are affected.
-
16:51
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201209-22 - A vulnerability in libgssglue may allow a local attacker to gain escalated privileges. Versions less than 0.4 are affected.
-
16:51
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201209-22 - A vulnerability in libgssglue may allow a local attacker to gain escalated privileges. Versions less than 0.4 are affected.
-
-
17:14
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201209-16 - An input sanitation flaw in SQLAlchemy allows remote attacker to conduct SQL injection. Versions less than 0.7.4 are affected.
-
17:14
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201209-16 - An input sanitation flaw in SQLAlchemy allows remote attacker to conduct SQL injection. Versions less than 0.7.4 are affected.
-
17:14
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201209-16 - An input sanitation flaw in SQLAlchemy allows remote attacker to conduct SQL injection. Versions less than 0.7.4 are affected.
-
-
10:30
»
Packet Storm Security Advisories
Ubuntu Security Notice 1570-1 - It was discovered that GnuPG used a short ID when downloading keys from a keyserver, even if a long ID was requested. An attacker could possibly use this to return a different key with a duplicate short key id.
-
10:30
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1570-1 - It was discovered that GnuPG used a short ID when downloading keys from a keyserver, even if a long ID was requested. An attacker could possibly use this to return a different key with a duplicate short key id.
-
10:30
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1570-1 - It was discovered that GnuPG used a short ID when downloading keys from a keyserver, even if a long ID was requested. An attacker could possibly use this to return a different key with a duplicate short key id.
-
-
19:13
»
Packet Storm Security Advisories
ICS-CERT Advisory 12-243-01 - Independent security researcher Justin W. Clarke of Cylance Inc. has identified a privilege-escalation vulnerability in the GarrettCom Magnum MNS-6K Management Software application via the use of a hard-coded password. This vulnerability could allow a remote attacker with any level of access to the system to escalate the attacker’s privilege to the administrative level. The attacker must have access to a logon account on the device to exploit this vulnerability. GarrettCom has produced a patch that mitigates this vulnerability.
-
19:13
»
Packet Storm Security Recent Files
ICS-CERT Advisory 12-243-01 - Independent security researcher Justin W. Clarke of Cylance Inc. has identified a privilege-escalation vulnerability in the GarrettCom Magnum MNS-6K Management Software application via the use of a hard-coded password. This vulnerability could allow a remote attacker with any level of access to the system to escalate the attacker’s privilege to the administrative level. The attacker must have access to a logon account on the device to exploit this vulnerability. GarrettCom has produced a patch that mitigates this vulnerability.
-
19:13
»
Packet Storm Security Misc. Files
ICS-CERT Advisory 12-243-01 - Independent security researcher Justin W. Clarke of Cylance Inc. has identified a privilege-escalation vulnerability in the GarrettCom Magnum MNS-6K Management Software application via the use of a hard-coded password. This vulnerability could allow a remote attacker with any level of access to the system to escalate the attacker’s privilege to the administrative level. The attacker must have access to a logon account on the device to exploit this vulnerability. GarrettCom has produced a patch that mitigates this vulnerability.
-
-
14:49
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - When an IAX2 call is made using the credentials of a peer defined in a dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are not applied to the call attempt. This allows for a remote attacker who is aware of a peer's credentials to bypass the ACL rules set for that peer.
-
14:49
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - When an IAX2 call is made using the credentials of a peer defined in a dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are not applied to the call attempt. This allows for a remote attacker who is aware of a peer's credentials to bypass the ACL rules set for that peer.
-
14:49
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - When an IAX2 call is made using the credentials of a peer defined in a dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are not applied to the call attempt. This allows for a remote attacker who is aware of a peer's credentials to bypass the ACL rules set for that peer.
-
-
7:22
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WxSuperCtrl650.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files inside arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.
-
7:22
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-182 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WxSuperCtrl650.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files inside arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.
-
7:21
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-179 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AEXView.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files in arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.
-
7:21
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-179 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AEXView.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files in arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.
-
7:21
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-179 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AEXView.ocx ActiveX control. By manipulating a combination of the DisplayImageFile, AnnoLoad and AnnoSave methods, the vulnerable AnnoSave() method can enable an attacker to save arbitrary files in arbitrary locations. The attacker is able to control the file extension and the creation path via a directory traversal issue. An attacker can leverage this vulnerability to execute code under the context of the process.
-
-
21:31
»
Packet Storm Security Exploits
This Metasploit module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.
-
21:31
»
Packet Storm Security Exploits
This Metasploit module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.
-
21:31
»
Packet Storm Security Recent Files
This Metasploit module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.
-
21:31
»
Packet Storm Security Misc. Files
This Metasploit module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.
-
17:00
»
SecuriTeam
The 'gnome-screensaver' screensaver is prone to a vulnerability that allows an attacker who has physical console access to bypass the user's locked screen.
-
-
20:10
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in NetDecision 4.2 TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of user executing the TFTP Server.
-
20:10
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability found in NetDecision 4.2 TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of user executing the TFTP Server.
-
20:10
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in NetDecision 4.2 TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of user executing the TFTP Server.
-
-
7:54
»
Packet Storm Security Advisories
Ubuntu Security Notice 1512-1 - It was discovered that KDE PIM html renderer incorrectly enabled JavaScript, Java and Plugins. A remote attacker could use this flaw to send an email with embedded JavaScript that possibly executes when opened.
-
7:54
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1512-1 - It was discovered that KDE PIM html renderer incorrectly enabled JavaScript, Java and Plugins. A remote attacker could use this flaw to send an email with embedded JavaScript that possibly executes when opened.
-
7:54
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1512-1 - It was discovered that KDE PIM html renderer incorrectly enabled JavaScript, Java and Plugins. A remote attacker could use this flaw to send an email with embedded JavaScript that possibly executes when opened.
-
-
21:10
»
Packet Storm Security Exploits
The Siemens Simatic S7-1200 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.
-
21:10
»
Packet Storm Security Recent Files
The Siemens Simatic S7-1200 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.
-
21:10
»
Packet Storm Security Misc. Files
The Siemens Simatic S7-1200 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.
-
-
18:57
»
Packet Storm Security Advisories
Cisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server.
-
18:57
»
Packet Storm Security Recent Files
Cisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server.
-
18:57
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Exploitation of the Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability may allow a remote, unauthenticated attacker to create a denial of service condition, preventing the product from responding to new connection requests and potentially causing some services and processes to crash. Exploitation of the Cisco TelePresence Web Interface Command Injection may allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges. Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability may allow allow an unauthenticated, adjacent attacker to execute arbitrary code with elevated privileges. Cisco has released updated software that resolves the command and code execution vulnerabilities. There are currently no plans to resolve the malformed IP packets denial of service vulnerability, as this product is no longer being actively supported. There are no workarounds that mitigate these vulnerabilities. Customers should contact their Cisco Sales Representative to determine the Business Unit responsible for their Cisco TelePresence Recording Server.
-
18:29
»
Packet Storm Security Advisories
Ubuntu Security Notice 1503-1 - Hans Spaans discovered that the Context plugin in Rhythmbox created a temporary directory in an insecure manner. A local attacker could exploit this to execute arbitrary code as the user invoking the program. The Context plugin is disabled by default in Ubuntu.
-
18:29
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1503-1 - Hans Spaans discovered that the Context plugin in Rhythmbox created a temporary directory in an insecure manner. A local attacker could exploit this to execute arbitrary code as the user invoking the program. The Context plugin is disabled by default in Ubuntu.
-
18:29
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1503-1 - Hans Spaans discovered that the Context plugin in Rhythmbox created a temporary directory in an insecure manner. A local attacker could exploit this to execute arbitrary code as the user invoking the program. The Context plugin is disabled by default in Ubuntu.
-
-
19:58
»
Packet Storm Security Advisories
Ubuntu Security Notice 1481-1 - It was discovered that PHP incorrectly handled certain Tidy::diagnose operations on invalid objects. A remote attacker could use this flaw to cause PHP to crash, leading to a denial of service. It was discovered that PHP incorrectly handled certain multi-file upload filenames. A remote attacker could use this flaw to cause a denial of service, or to perform a directory traversal attack. Rubin Xu and Joseph Bonneau discovered that PHP incorrectly handled certain Unicode characters in passwords passed to the crypt() function. A remote attacker could possibly use this flaw to bypass authentication. Various other issues were also addressed.
-
19:58
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1481-1 - It was discovered that PHP incorrectly handled certain Tidy::diagnose operations on invalid objects. A remote attacker could use this flaw to cause PHP to crash, leading to a denial of service. It was discovered that PHP incorrectly handled certain multi-file upload filenames. A remote attacker could use this flaw to cause a denial of service, or to perform a directory traversal attack. Rubin Xu and Joseph Bonneau discovered that PHP incorrectly handled certain Unicode characters in passwords passed to the crypt() function. A remote attacker could possibly use this flaw to bypass authentication. Various other issues were also addressed.
-
19:58
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1481-1 - It was discovered that PHP incorrectly handled certain Tidy::diagnose operations on invalid objects. A remote attacker could use this flaw to cause PHP to crash, leading to a denial of service. It was discovered that PHP incorrectly handled certain multi-file upload filenames. A remote attacker could use this flaw to cause a denial of service, or to perform a directory traversal attack. Rubin Xu and Joseph Bonneau discovered that PHP incorrectly handled certain Unicode characters in passwords passed to the crypt() function. A remote attacker could possibly use this flaw to bypass authentication. Various other issues were also addressed.
-
-
15:42
»
Packet Storm Security Exploits
F5 ships a public/private key pair on BIG-IP appliances that allows passwordless authentication to any other BIG-IP box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.
-
15:42
»
Packet Storm Security Recent Files
F5 ships a public/private key pair on BIG-IP appliances that allows passwordless authentication to any other BIG-IP box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.
-
15:42
»
Packet Storm Security Misc. Files
F5 ships a public/private key pair on BIG-IP appliances that allows passwordless authentication to any other BIG-IP box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.
-
-
17:20
»
Packet Storm Security Advisories
Ubuntu Security Notice 1467-1 - It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10 have been updated to MySQL 5.1.63. A patch to fix the issue was backported to the version of MySQL in Ubuntu 8.04 LTS. Various other issues were also addressed.
-
17:20
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1467-1 - It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10 have been updated to MySQL 5.1.63. A patch to fix the issue was backported to the version of MySQL in Ubuntu 8.04 LTS. Various other issues were also addressed.
-
17:20
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1467-1 - It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10 have been updated to MySQL 5.1.63. A patch to fix the issue was backported to the version of MySQL in Ubuntu 8.04 LTS. Various other issues were also addressed.
-
-
16:56
»
Packet Storm Security Advisories
Ubuntu Security Notice 1462-1 - Dan Luther discovered that Bind incorrectly handled zero length rdata fields. A remote attacker could use this flaw to cause Bind to crash or behave erratically, resulting in a denial of service. It was discovered that Bind incorrectly handled revoked domain names. A remote attacker could use this flaw to cause malicious domain names to be continuously resolvable even after they have been revoked.
-
16:56
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1462-1 - Dan Luther discovered that Bind incorrectly handled zero length rdata fields. A remote attacker could use this flaw to cause Bind to crash or behave erratically, resulting in a denial of service. It was discovered that Bind incorrectly handled revoked domain names. A remote attacker could use this flaw to cause malicious domain names to be continuously resolvable even after they have been revoked.
-
16:56
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1462-1 - Dan Luther discovered that Bind incorrectly handled zero length rdata fields. A remote attacker could use this flaw to cause Bind to crash or behave erratically, resulting in a denial of service. It was discovered that Bind incorrectly handled revoked domain names. A remote attacker could use this flaw to cause malicious domain names to be continuously resolvable even after they have been revoked.
-
-
19:44
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
-
19:44
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
-
19:44
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in OpenOffice 2.3.1 and 2.3.0 on Microsoft Windows XP SP3. By supplying a OLE file with a malformed DocumentSummaryInformation stream, an attacker can gain control of the execution flow, which results arbitrary code execution under the context of the user.
-
-
18:39
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.
-
18:39
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.
-
18:39
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.
-
-
6:59
»
Packet Storm Security Exploits
This Metasploit modules exploits a vulnerability found in WebCalendar versions 1.2.4 and below. If not removed, the settings.php script meant for installation can be updated by an attacker with injected code. This allows arbitrary code execution as www-data.
-
6:59
»
Packet Storm Security Recent Files
This Metasploit modules exploits a vulnerability found in WebCalendar versions 1.2.4 and below. If not removed, the settings.php script meant for installation can be updated by an attacker with injected code. This allows arbitrary code execution as www-data.
-
6:59
»
Packet Storm Security Misc. Files
This Metasploit modules exploits a vulnerability found in WebCalendar versions 1.2.4 and below. If not removed, the settings.php script meant for installation can be updated by an attacker with injected code. This allows arbitrary code execution as www-data.
-
-
16:06
»
Packet Storm Security Advisories
Asterisk Project Security Advisory - In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.
-
16:06
»
Packet Storm Security Recent Files
Asterisk Project Security Advisory - In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.
-
16:06
»
Packet Storm Security Misc. Files
Asterisk Project Security Advisory - In the Skinny channel driver, KEYPAD_BUTTON_MESSAGE events are queued for processing in a buffer allocated on the heap, where each DTMF value that is received is placed on the end of the buffer. Since the length of the buffer is never checked, an attacker could send sufficient KEYPAD_BUTTON_MESSAGE events such that the buffer is overrun.
-
-
12:59
»
Packet Storm Security Exploits
Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable.
-
12:59
»
Packet Storm Security Recent Files
Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable.
-
12:59
»
Packet Storm Security Misc. Files
Liferay Portal suffers from a takeover vulnerability due to a single HTTP request allowing an attacker to reconfigure which memcached to use. Proof of concept code included. Version 6.1 ce is confirmed vulnerable.
-
-
7:22
»
Packet Storm Security Advisories
Ubuntu Security Notice 1419-1 - It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. It was discovered that Puppet incorrectly handled filebucket store requests. A local attacker could exploit this to perform a denial of service via resource exhaustion. Various other issues were also addressed.
-
7:22
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1419-1 - It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. It was discovered that Puppet incorrectly handled filebucket store requests. A local attacker could exploit this to perform a denial of service via resource exhaustion. Various other issues were also addressed.
-
7:22
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1419-1 - It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. It was discovered that Puppet incorrectly handled filebucket store requests. A local attacker could exploit this to perform a denial of service via resource exhaustion. Various other issues were also addressed.
-
-
17:25
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in NetOp Remote Control 9.5. When opening a .dws file containing a specially crafted string longer then 520 characters will allow an attacker to execute arbitrary code.
-
-
18:26
»
Packet Storm Security Advisories
Ubuntu Security Notice 1414-1 - It was discovered that Aptdaemon incorrectly handled installing packages without performing a transaction simulation. An attacker could possibly use this flaw to install altered packages.
-
18:26
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1414-1 - It was discovered that Aptdaemon incorrectly handled installing packages without performing a transaction simulation. An attacker could possibly use this flaw to install altered packages.
-
18:26
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1414-1 - It was discovered that Aptdaemon incorrectly handled installing packages without performing a transaction simulation. An attacker could possibly use this flaw to install altered packages.
-
-
21:46
»
Packet Storm Security Advisories
Cisco Security Advisory - Cisco IOS Software contains a denial of service (DoS) vulnerability in the Wide Area Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Cisco IOS Software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to reload. An attacker could exploit these vulnerabilities by sending transit traffic through a router configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated exploits could allow a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities.
-
21:46
»
Packet Storm Security Recent Files
Cisco Security Advisory - Cisco IOS Software contains a denial of service (DoS) vulnerability in the Wide Area Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Cisco IOS Software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to reload. An attacker could exploit these vulnerabilities by sending transit traffic through a router configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated exploits could allow a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities.
-
21:46
»
Packet Storm Security Misc. Files
Cisco Security Advisory - Cisco IOS Software contains a denial of service (DoS) vulnerability in the Wide Area Application Services (WAAS) Express feature that could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Cisco IOS Software also contains a DoS vulnerability in the Measurement, Aggregation, and Correlation Engine (MACE) feature that could allow an unauthenticated, remote attacker to cause the router to reload. An attacker could exploit these vulnerabilities by sending transit traffic through a router configured with WAAS Express or MACE. Successful exploitation of these vulnerabilities could allow an unauthenticated, remote attacker to cause the router to leak memory or to reload. Repeated exploits could allow a sustained DoS condition. Cisco has released free software updates that address these vulnerabilities.
-
-
19:06
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0427-01 - libtasn1 is a library developed for ASN.1 structures management that includes DER encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.
-
19:06
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0427-01 - libtasn1 is a library developed for ASN.1 structures management that includes DER encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.
-
19:06
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0427-01 - libtasn1 is a library developed for ASN.1 structures management that includes DER encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.
-
-
16:38
»
Packet Storm Security Advisories
Ubuntu Security Notice 1401-2 - USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the corresponding fixes for Thunderbird. It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash. Atte Kettunen discovered a use-after-free vulnerability in the Gecko Rendering Engine's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the Xulrunner based application. Atte Kettunen discovered an out of bounds read vulnerability in the Gecko Rendering Engine's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Soroush Dalili discovered that the Gecko Rendering Engine did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents of the frame or steal confidential data. Mariusz Mlynski discovered that the Home button accepted JavaScript links to set the browser Home page. An attacker could use this vulnerability to get the script URL loaded in the privileged about:sessionrestore context. Bob Clary, Vincenzo Iozzo, and Willem Pinckaers discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
16:38
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1401-2 - USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the corresponding fixes for Thunderbird. It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash. Atte Kettunen discovered a use-after-free vulnerability in the Gecko Rendering Engine's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the Xulrunner based application. Atte Kettunen discovered an out of bounds read vulnerability in the Gecko Rendering Engine's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Soroush Dalili discovered that the Gecko Rendering Engine did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents of the frame or steal confidential data. Mariusz Mlynski discovered that the Home button accepted JavaScript links to set the browser Home page. An attacker could use this vulnerability to get the script URL loaded in the privileged about:sessionrestore context. Bob Clary, Vincenzo Iozzo, and Willem Pinckaers discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
16:38
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1401-2 - USN-1401-1 fixed vulnerabilities in Xulrunner. This update provides the corresponding fixes for Thunderbird. It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash. Atte Kettunen discovered a use-after-free vulnerability in the Gecko Rendering Engine's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the Xulrunner based application. Atte Kettunen discovered an out of bounds read vulnerability in the Gecko Rendering Engine's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Soroush Dalili discovered that the Gecko Rendering Engine did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents of the frame or steal confidential data. Mariusz Mlynski discovered that the Home button accepted JavaScript links to set the browser Home page. An attacker could use this vulnerability to get the script URL loaded in the privileged about:sessionrestore context. Bob Clary, Vincenzo Iozzo, and Willem Pinckaers discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
-
-
20:18
»
Packet Storm Security Advisories
Ubuntu Security Notice 1400-3 - USN-1400-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents or steal confidential data. Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered an out of bounds read vulnerability in Firefox's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues have also been addressed.
-
20:18
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1400-3 - USN-1400-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents or steal confidential data. Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered an out of bounds read vulnerability in Firefox's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues have also been addressed.
-
20:18
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1400-3 - USN-1400-1 fixed vulnerabilities in Firefox. This update provides the corresponding fixes for Thunderbird. Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents or steal confidential data. Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered an out of bounds read vulnerability in Firefox's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues have also been addressed.
-
-
18:23
»
Packet Storm Security Advisories
CA Technologies Support is alerting customers to a potential risk with CA ARCserve Backup for Windows. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. CA Technologies has issued fixes to address the vulnerability. The vulnerability occurs due to insufficient validation of certain network requests. An attacker can potentially use the vulnerability to disable network services.
-
18:23
»
Packet Storm Security Recent Files
CA Technologies Support is alerting customers to a potential risk with CA ARCserve Backup for Windows. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. CA Technologies has issued fixes to address the vulnerability. The vulnerability occurs due to insufficient validation of certain network requests. An attacker can potentially use the vulnerability to disable network services.
-
18:23
»
Packet Storm Security Misc. Files
CA Technologies Support is alerting customers to a potential risk with CA ARCserve Backup for Windows. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. CA Technologies has issued fixes to address the vulnerability. The vulnerability occurs due to insufficient validation of certain network requests. An attacker can potentially use the vulnerability to disable network services.
-
-
15:21
»
Packet Storm Security Advisories
Ubuntu Security Notice 1401-1 - It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash. Atte Kettunen discovered a use-after-free vulnerability in the Gecko Rendering Engine's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the Xulrunner based application. Atte Kettunen discovered an out of bounds read vulnerability in the Gecko Rendering Engine's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues were also addressed.
-
15:21
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1401-1 - It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash. Atte Kettunen discovered a use-after-free vulnerability in the Gecko Rendering Engine's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the Xulrunner based application. Atte Kettunen discovered an out of bounds read vulnerability in the Gecko Rendering Engine's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues were also addressed.
-
15:21
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1401-1 - It was discovered that a flaw in the Mozilla SVG implementation could result in an out-of-bounds memory access if SVG elements were removed during a DOMAttrModified event handler. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash. Atte Kettunen discovered a use-after-free vulnerability in the Gecko Rendering Engine's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking the Xulrunner based application. Atte Kettunen discovered an out of bounds read vulnerability in the Gecko Rendering Engine's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues were also addressed.
-
-
14:38
»
Packet Storm Security Advisories
Ubuntu Security Notice 1400-2 - USN-1400-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links onto a frame. A remote attacker could, through cross-site scripting (XSS), exploit this to modify the contents or steal confidential data. Atte Kettunen discovered a use-after-free vulnerability in Firefox's handling of SVG animations. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered an out of bounds read vulnerability in Firefox's handling of SVG Filters. An attacker could potentially exploit this to make data from the user's memory accessible to the page content. Various other issues were also addressed.
-
-
19:45
»
Packet Storm Security Advisories
Ubuntu Security Notice 1395-1 - Markus Vervier discovered that PyPAM incorrectly handled passwords containing NULL bytes. An attacker could exploit this to cause applications using PyPAM to crash, or possibly execute arbitrary code.
-
19:45
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1395-1 - Markus Vervier discovered that PyPAM incorrectly handled passwords containing NULL bytes. An attacker could exploit this to cause applications using PyPAM to crash, or possibly execute arbitrary code.
-
19:45
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1395-1 - Markus Vervier discovered that PyPAM incorrectly handled passwords containing NULL bytes. An attacker could exploit this to cause applications using PyPAM to crash, or possibly execute arbitrary code.
-
-
17:39
»
Packet Storm Security Advisories
The Read More Link module version 6.x in Drupal allows you to move the "Read more" link from the node's links area to the end of the teaser text. A user could inject java script into pages affecting other site users. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access administration pages."
-
17:39
»
Packet Storm Security Recent Files
The Read More Link module version 6.x in Drupal allows you to move the "Read more" link from the node's links area to the end of the teaser text. A user could inject java script into pages affecting other site users. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access administration pages."
-
17:39
»
Packet Storm Security Misc. Files
The Read More Link module version 6.x in Drupal allows you to move the "Read more" link from the node's links area to the end of the teaser text. A user could inject java script into pages affecting other site users. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "access administration pages."
-
-
8:05
»
Packet Storm Security Advisories
Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.
-
8:05
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.
-
8:05
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.
-
-
15:59
»
Packet Storm Security Advisories
Ubuntu Security Notice 1365-1 - It was discovered that Puppet would allow remote ralsh under certain circumstances. An attacker on an authenticated puppet node could exploit this to view or manipulate resources on other Puppet nodes.
-
15:59
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1365-1 - It was discovered that Puppet would allow remote ralsh under certain circumstances. An attacker on an authenticated puppet node could exploit this to view or manipulate resources on other Puppet nodes.
-
15:59
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1365-1 - It was discovered that Puppet would allow remote ralsh under certain circumstances. An attacker on an authenticated puppet node could exploit this to view or manipulate resources on other Puppet nodes.
-
-
13:17
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1349-1 - It was discovered that the X wrapper incorrectly checked certain console permissions when launched by unprivileged users. An attacker connected remotely could use this flaw to start X, bypassing the console permissions check.
-
13:17
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1349-1 - It was discovered that the X wrapper incorrectly checked certain console permissions when launched by unprivileged users. An attacker connected remotely could use this flaw to start X, bypassing the console permissions check.
-
-
22:28
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1342-1 - J. Aedla discovered that the kernel incorrectly handled /proc//mem permissions. A local attacker could exploit this and gain root privileges.
-
22:28
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1342-1 - J. Aedla discovered that the kernel incorrectly handled /proc//mem permissions. A local attacker could exploit this and gain root privileges.
-
-
15:46
»
Packet Storm Security Exploits
When using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
-
15:46
»
Packet Storm Security Recent Files
When using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
-
15:46
»
Packet Storm Security Misc. Files
When using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
-
-
15:35
»
Packet Storm Security Recent Files
The paper demonstrates how traffic load of a shared packet queue can be exploited as a side channel through which protected information leaks to an off-path attacker. The attacker sends to a victim a sequence of identical spoofed segments. The victim responds to each segment in the sequence (the sequence is reflected by the victim) if the segments satisfy a certain condition tested by the attacker. The responses do not reach the attacker directly, but induce extra load on a routing queue shared between the victim and the attacker. Increased processing time of packets traversing the queue reveal that the tested condition was true. The paper concentrates on the TCP, but the approach is generic and can be effective against other protocols that allow to construct requests which are conditionally answered by the victim.
-
15:35
»
Packet Storm Security Misc. Files
The paper demonstrates how traffic load of a shared packet queue can be exploited as a side channel through which protected information leaks to an off-path attacker. The attacker sends to a victim a sequence of identical spoofed segments. The victim responds to each segment in the sequence (the sequence is reflected by the victim) if the segments satisfy a certain condition tested by the attacker. The responses do not reach the attacker directly, but induce extra load on a routing queue shared between the victim and the attacker. Increased processing time of packets traversing the queue reveal that the tested condition was true. The paper concentrates on the TCP, but the approach is generic and can be effective against other protocols that allow to construct requests which are conditionally answered by the victim.
-
-
17:35
»
Packet Storm Security Exploits
phpMyAdmin versions 3.3.x and 3.4.x suffer from a local file inclusion vulnerability via XXE injection. The attacker must be logged in to MySQL via phpMyAdmin.
-
17:35
»
Packet Storm Security Recent Files
phpMyAdmin versions 3.3.x and 3.4.x suffer from a local file inclusion vulnerability via XXE injection. The attacker must be logged in to MySQL via phpMyAdmin.
-
17:35
»
Packet Storm Security Misc. Files
phpMyAdmin versions 3.3.x and 3.4.x suffer from a local file inclusion vulnerability via XXE injection. The attacker must be logged in to MySQL via phpMyAdmin.
-
-
14:57
»
Packet Storm Security Advisories
Ubuntu Security Notice 1312-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
14:57
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1312-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
14:57
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1312-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
-
8:18
»
Packet Storm Security Advisories
Ubuntu Security Notice 1304-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Scot Doyle discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:18
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1304-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Scot Doyle discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:18
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1304-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. Scot Doyle discovered that the bridge networking interface incorrectly handled certain network packets. A remote attacker could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
7:55
»
Packet Storm Security Advisories
Ubuntu Security Notice 1302-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
7:55
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1302-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
7:55
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1302-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
7:46
»
Packet Storm Security Advisories
Ubuntu Security Notice 1301-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
7:46
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1301-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
7:46
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1301-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
-
18:23
»
Packet Storm Security Advisories
Ubuntu Security Notice 1298-1 - Wilfried Weissmann discovered that Apache Commons Daemon incorrectly dropped capabilities after starting. A remote attacker could possibly use this flaw to read certain files, bypassing the intended permissions.
-
18:23
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1298-1 - Wilfried Weissmann discovered that Apache Commons Daemon incorrectly dropped capabilities after starting. A remote attacker could possibly use this flaw to read certain files, bypassing the intended permissions.
-
18:23
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1298-1 - Wilfried Weissmann discovered that Apache Commons Daemon incorrectly dropped capabilities after starting. A remote attacker could possibly use this flaw to read certain files, bypassing the intended permissions.
-
-
8:38
»
Packet Storm Security Advisories
Ubuntu Security Notice 1293-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:38
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1293-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:38
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1293-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:37
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1292-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
8:37
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1292-1 - A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions. A local attacker could exploit this to cause a kernel oops. A flaw was found in the Journaling Block Device (JBD). A local attacker able to mount ext3 or ext4 file systems could exploit this to crash the system, leading to a denial of service. Various other issues were also addressed.
-
-
19:58
»
Packet Storm Security Advisories
Ubuntu Security Notice 1289-1 - It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered.
-
19:58
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1289-1 - It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered.
-
19:58
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1289-1 - It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered.
-
-
10:56
»
Packet Storm Security Advisories
Ubuntu Security Notice 1286-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.
-
10:56
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1286-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.
-
10:56
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1286-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.
-
-
17:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 1285-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
-
17:00
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1285-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
-
-
4:12
»
Packet Storm Security Advisories
Ubuntu Security Notice 1281-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that an mmap() call with the MAP_PRIVATE flag on "/dev/zero" was incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
-
4:12
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1281-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that an mmap() call with the MAP_PRIVATE flag on "/dev/zero" was incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
-
4:12
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1281-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that an mmap() call with the MAP_PRIVATE flag on "/dev/zero" was incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
-
-
17:13
»
Packet Storm Security Advisories
Ubuntu Security Notice 1275-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
-
17:13
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1275-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
-
17:13
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1275-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
-
17:12
»
Packet Storm Security Advisories
Ubuntu Security Notice 1274-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.
-
17:12
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1274-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.
-
-
15:30
»
Packet Storm Security Advisories
Ubuntu Security Notice 1266-1 - It was discovered that slapd contained an off-by-one error. An authenticated attacker could potentially exploit this by sending a crafted LDIF entry containing an empty postalAddress.
-
15:30
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1266-1 - It was discovered that slapd contained an off-by-one error. An authenticated attacker could potentially exploit this by sending a crafted LDIF entry containing an empty postalAddress.
-
15:30
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1266-1 - It was discovered that slapd contained an off-by-one error. An authenticated attacker could potentially exploit this by sending a crafted LDIF entry containing an empty postalAddress.
-
-
18:44
»
Packet Storm Security Advisories
Ubuntu Security Notice 1264-1 - It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
18:44
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1264-1 - It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
18:44
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1264-1 - It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.
-
18:35
»
Packet Storm Security Advisories
CA Technologies Support is alerting customers to a potential risk with CA Directory. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. Remediation is available to address the vulnerability. The vulnerability occurs due to insufficient bounds checking. A remote attacker can send a SNMP packet that can cause a crash.
-
18:35
»
Packet Storm Security Recent Files
CA Technologies Support is alerting customers to a potential risk with CA Directory. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. Remediation is available to address the vulnerability. The vulnerability occurs due to insufficient bounds checking. A remote attacker can send a SNMP packet that can cause a crash.
-
18:35
»
Packet Storm Security Misc. Files
CA Technologies Support is alerting customers to a potential risk with CA Directory. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. Remediation is available to address the vulnerability. The vulnerability occurs due to insufficient bounds checking. A remote attacker can send a SNMP packet that can cause a crash.
-
-
21:38
»
Packet Storm Security Advisories
Ubuntu Security Notice 1260-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
-
21:38
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1260-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
-
21:38
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1260-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
-
-
15:49
»
Packet Storm Security Exploits
SetSeed CMS version 5.8.20 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.
-
15:49
»
Packet Storm Security Recent Files
SetSeed CMS version 5.8.20 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.
-
15:49
»
Packet Storm Security Misc. Files
SetSeed CMS version 5.8.20 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.
-
-
7:45
»
Packet Storm Security Exploits
This Metasploit module exploits a stack-based buffer overflow in GTA SA-MP Server. This buffer overflow occurs when the application attempts to open a malformed server.cfg file. To exploit this vulnerability, an attacker must send the victim a server.cfg file and have them run samp-server.exe.
-
7:45
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack-based buffer overflow in GTA SA-MP Server. This buffer overflow occurs when the application attempts to open a malformed server.cfg file. To exploit this vulnerability, an attacker must send the victim a server.cfg file and have them run samp-server.exe.
-
7:45
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack-based buffer overflow in GTA SA-MP Server. This buffer overflow occurs when the application attempts to open a malformed server.cfg file. To exploit this vulnerability, an attacker must send the victim a server.cfg file and have them run samp-server.exe.
-
-
12:56
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201110-23 - An input sanitation flaw in mod_authnz_external allows remote attacker to conduct SQL injection. Versions prior to 3.2.6 are affected.
-
12:56
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201110-23 - An input sanitation flaw in mod_authnz_external allows remote attacker to conduct SQL injection. Versions prior to 3.2.6 are affected.
-
12:56
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201110-23 - An input sanitation flaw in mod_authnz_external allows remote attacker to conduct SQL injection. Versions prior to 3.2.6 are affected.
-
12:55
»
Packet Storm Security Advisories
Ubuntu Security Notice 1244-1 - Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
-
12:55
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1244-1 - Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
-
12:55
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1244-1 - Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
-
12:54
»
Packet Storm Security Advisories
Ubuntu Security Notice 1243-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
-
12:54
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1243-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
-
12:54
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1243-1 - It was discovered that the security fix for CVE-2010-4250 introduced a regression. A remote attacker could exploit this to crash the system, leading to a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Vasiliy Kulikov discovered that /proc/PID/io did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Darknet
The Exploitant
Hack a Day
Wirevolution