BugTraq Mode:
(Page 655 of 1748)  < Prev  650 651 652 653 654 655 656 657 658 659 660  Next >
FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability 2009-04-09
noreply-secresearch (at) fortinet (dot) com [email concealed] (noreply-secresearch fortinet com)
FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability 

2009.April.08

Summary: 

========

Fortinet's FortiGuard Global Security Research Team has discovered a buffer overflow vulnerability in EMC RepliStor.

Impact:

=======

Remote code execution.

Risk: 

=====

[ more ]  [ reply ]
[SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities 2009-04-09
Nico Golde (nion debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
--
Debian Security Advisory DSA-1766-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Nico Golde
April 9th, 2009

[ more ]  [ reply ]
[ GLSA 200904-11 ] Tor: Multiple vulnerabilities 2009-04-08
Robert Buchholz (rbu gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-11
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
Exjune Guestbook v2 Remote Database Disclosure Exploit 2009-04-08
alphanix00 gmail com
#!/usr/bin/perl

# By AlpHaNiX [NullArea.Net]

# alpha[at]hacker.bz

# Made in Tunisia

###########

# script : Exjune Guestbook v2

# download : http://www.exjune.com/downloads/downloads/exJune_guestbook.asp

###########

# Vulnerable :

# database path : /admin/exdb.mdb

##########

# Real Life Ex

[ more ]  [ reply ]
net2ftp <= 0.97 Cross-Site Scripting/Request Forgery 2009-04-08
c1c4tr1z voodoo-labs org
#=cicatriz <c1c4tr1z (at) voodoo-labs (dot) org [email concealed]>=#=~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~(advisories)=#

/) /) /)

_ _ _______(/ ________ // _ (/_ _ _____ _

(/__(_)(_)(_(_(_)(_) (/_(_(_/_) /_)_ o (_)/ (_(_/_

[ more ]  [ reply ]
OTSTurntables 1.00.027 (.ofl file) Local universal SOF Exploit 2009-04-08
alphanix00 gmail com
#!/usr/bin/perl

# By AlpHaNiX [NullArea.Net]

# alpha[at]hacker.bz

# Made in Tunisia

my $junk = "\x41" x 96 ; # whatever bytes

my $nop = "\x90" x 20 ; # bla bla xD

# win32_exec - EXITFUNC=seh CMD=calc Size=160 Encoder=PexFnstenvSub , thanks metasploit

my $shellcode =

[ more ]  [ reply ]
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances 2009-04-08
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Adaptive
Security Appliance and Cisco PIX Security Appliances

Advisory ID: cisco-sa-20090408-asa

http://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtml

Revision 1.0

For Public

[ more ]  [ reply ]
SASPCMS Multiple Vulnerabilities 2009-04-08
admin bugreport ir
##########################www.BugReport.ir##############################
##########
#
# AmnPardaz Security Research Team
#
# Title: SASPCMS Multiple Vulnerabilities
# Vendor: http://www.lgasoft.com
# Vulnerable Version: 0.9 (prior versions also may be affected)
# Exploitation: Remote with b

[ more ]  [ reply ]
Re: [Aria-Security.com] vBulletin multiple XSS 2009-04-08
security intern0t net
This is not a bug as the administrator should be able to name f.ex. his smilies anything he wants to do!

Then the Administrator can also write XSS in his usertitle and report that as a vulnerability? I see it more like a function rather than a vulnerability, cause!

If an admin makes a new custom t

[ more ]  [ reply ]
[USN-755-1] Kerberos vulnerabilities 2009-04-07
Kees Cook (kees ubuntu com)
===========================================================
Ubuntu Security Notice USN-755-1 April 07, 2009
krb5 vulnerabilities
CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847
===========================================================

A security issue affects the following

[ more ]  [ reply ]
[Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability 2009-04-08
Bkis (svrt bkav com vn)
[Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability

1. General Information

GOM Player is a popular multimedia player supporting multiple media
formats (avi, mpeg,?). In March 2009, Bkis has detected a vulnerability
in this software. With this vulnerability, users might lose sensible

[ more ]  [ reply ]
[SECURITY] [DSA 1765-1] New horde3 packages fix several vulnerabilities 2009-04-08
Steffen Joeris (white debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

Debian Security Advisory DSA-1765-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Steffen Joeris
April 08, 2009

[ more ]  [ reply ]
Adgregate ShopAd widget validation is vulnerable to replay attack 2009-04-08
Matthew Dempsky (matthew dempsky org) (1 replies)
Adgregate is a "TechCrunch 50" startup that recently signed a
distribution deal with Google/DoubleClick [1]. As a service, they
offer a "viral widget" intended to be hosted on untrusted third-party
sites through which consumers can enter their credit card information.
According to their website, t

[ more ]  [ reply ]
Re: Adgregate ShopAd widget validation is vulnerable to replay attack 2009-04-08
Matthew Dempsky (matthew dempsky org) (1 replies)
Re: Adgregate ShopAd widget validation is vulnerable to replay attack 2009-04-08
Matthew Dempsky (matthew dempsky org)
[SECURITY] [DSA 1764-1] New tunapie packages fix several vulnerabilities 2009-04-07
Moritz Muehlenhoff (jmm debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------

Debian Security Advisory DSA-1764-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Moritz Muehlenhoff
April 07, 2009

[ more ]  [ reply ]
rPSA-2009-0058-1 krb5 krb5-server krb5-services krb5-test krb5-workstation 2009-04-07
rPath Update Announcements (announce-noreply rpath com)
rPath Security Advisory: 2009-0058-1
Published: 2009-04-07
Products:
rPath Appliance Platform Linux Service 1
rPath Appliance Platform Linux Service 2
rPath Linux 1
rPath Linux 2

Rating: Severe
Exposure Level Classification:
Remote Deterministic Denial of Service
Updated Version

[ more ]  [ reply ]
[SECURITY] CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability 2009-04-07
Mark Thomas (markt apache org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Vulnerability announcement:
CVE-2008-5519: Apache Tomcat mod_jk information disclosure vulnerability

Severity: important

Vendor: The Apache Software Foundation

Versions Affected:
mod_jk 1.2.0 to 1.2.26

Description:
Situations where faulty clients se

[ more ]  [ reply ]
[USN-754-1] ClamAV vulnerabilities 2009-04-07
Jamie Strandboge (jamie canonical com)
===========================================================
Ubuntu Security Notice USN-754-1 April 07, 2009
clamav vulnerabilities
https://launchpad.net/bugs/354190
===========================================================

A security issue affects the following Ubuntu releases:

Ubunt

[ more ]  [ reply ]
MITKRB5-SA-2009-002: ASN.1 decoder frees uninitialized pointer [CVE-2009-0846] 2009-04-07
Tom Yu (tlyu MIT EDU)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MITKRB5-SA-2009-002

MIT krb5 Security Advisory 2009-002
Original release: 2009-04-07
Last update: 2009-04-07

Topic: ASN.1 decoder frees uninitialized pointer

[CVE-2009-0846]
ASN.1 GeneralizedTime decoder can free uninitialized pointer

CVSSv2 Vector:

[ more ]  [ reply ]
MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847] 2009-04-07
Tom Yu (tlyu MIT EDU)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MITKRB5-SA-2009-001

MIT krb5 Security Advisory 2009-001
Original release: 2009-04-07
Last update: 2009-04-07

Topic: multiple vulnerabilities in SPNEGO, ASN.1 decoder

[CVE-2009-0844]
SPNEGO implementation can read beyond buffer end

CVSSv2 Vector: AV:

[ more ]  [ reply ]
[USN-752-1] Linux kernel vulnerabilities 2009-04-07
Kees Cook (kees ubuntu com)
===========================================================
Ubuntu Security Notice USN-752-1 April 07, 2009
linux-source-2.6.15 vulnerabilities
CVE-2008-4307, CVE-2008-6107, CVE-2009-0028, CVE-2009-0029,
CVE-2009-0065, CVE-2009-0322, CVE-2009-0675, CVE-2009-0676,
CVE-2009-0834, CVE-2009-

[ more ]  [ reply ]
LayerOne 2009 - Registration Open, Initial Speakers Announced 2009-04-07
LayerOne Call For Papers (layeronecfp gmail com)
LayerOne
May 23-24 2009
Anaheim, CA
http://www.layerone.info

Anaheim, CA ? The LayerOne computer security conference is pleased to
announce that we have released our first round of speakers in addition
to opening pre-registration for the general public. LayerOne is
currently in its 6th year of oper

[ more ]  [ reply ]
[ GLSA 200904-06 ] Eye of GNOME: Untrusted search path 2009-04-06
Pierre-Yves Rofes (py gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
[USN-753-1] PostgreSQL vulnerability 2009-04-07
Marc Deslauriers (marc deslauriers canonical com)
===========================================================
Ubuntu Security Notice USN-753-1 April 07, 2009
postgresql-8.1, postgresql-8.3 vulnerability
CVE-2009-0922
===========================================================

A security issue affects the following Ubuntu releases:

Ubu

[ more ]  [ reply ]
[security bulletin] HPSBUX02415 SSRT090023 rev.1 - HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access 2009-04-07
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c01690019
Version: 1

HPSBUX02415 SSRT090023 rev.1 - HP-UX Running PAM Kerberos, Local Privilege Escalation, Unauthorized Access

NOTICE: The information in this Security Bulletin should be acted u

[ more ]  [ reply ]
POC - Sun Java System Acccess Manager & Identity Manager Users Enumeration 2009-04-07
Marco Mella (marco mella aboutsecurity net)
============================================================
Sun Java System Acccess Manager & Identity Manager Users Enumeration
============================================================

Affected Software: Sun Java System Access Server, OpenSSo
Sun Java System I

[ more ]  [ reply ]
[ GLSA 200904-08 ] OpenSSL: Denial of Service 2009-04-07
Robert Buchholz (rbu gentoo org)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-08
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -

[ more ]  [ reply ]
OSSTMM 3 Sample Released 2009-04-06
Pete Herzog (lists isecom org)
Hi,

To show the progress of the OSSTMM 3 we have released a 20 page sample
with the ToC included. You'll see the graphics have not been put in
nor the new cover attached and there's still some chapters missing and
2 needing editing but this sample should give you a good idea of the
extensive

[ more ]  [ reply ]
Secunia Research: IrfanView Formats Plug-in XPM Parsing Integer Overflow 2009-04-07
Secunia Research (remove-vuln secunia com)
======================================================================

Secunia Research 07/04/2009

- IrfanView Formats Plug-in XPM Parsing Integer Overflow -

======================================================================
Table of Contents

Affected Software...

[ more ]  [ reply ]
(Page 655 of 1748)  < Prev  650 651 652 653 654 655 656 657 658 659 660  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus