Gwyn's Imagemap Selector Security Vulnerabilities

Cisco Security Advisory: Vulnerability In Crypto Library

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability In Crypto Library Advisory ID: cisco-sa-20070522-crypto.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070522-crypto.shtml Revision 1.0 For Public Release 2007 May 22 1300 UTC (GMT) Summary A vulnerability.....

[Reversemode Advisory] VMware Products - GPF Denial of Service

VMWARE PRODUCTS VMWARE MEMORY MANAGER - GPF DENIAL OF SERVICE Rubйn Santamarta <[email protected]> 07.05.2007 Affected products: All VMware products with a hypervisor are...

Use google to carry out penetration testing-vulnerability warning-the black bar safety net

Today we are penetration testers in the implementation of the attack before, often the first information-gathering, which is the vulnerability is confirmed and the final exploits, expanding the war fruit. Here we are now going to talk about is: One, use google to find is people who installed a...

SUSE-SA:2006:043: apache,apache2

The remote host is missing the patch for the advisory SUSE-SA:2006:043 (apache,apache2). The following security problem was fixed in the Apache and Apache 2 web servers: mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer.....

Network Security Series knowledge of CGI exploits collection under-vulnerability warning-the black bar safety net

4 2. exprcalc. cfm ● Type: the attack type ● The level of risk: low ● Description: if in a Web directory containing: | /cfdocs/expeval/exprcalc. cfm /cfdocs/expeval/sendmail. cfm /cfdocs/expeval/eval. cfm /cfdocs/expeval/openfile. cfm /cfdocs/expeval/displayopenedfile. cfm...

Kaspersky Antivirus 6.0 Local Privilege Escalation Exploit-vulnerability warning-the black bar safety net

// kav 6.0 0day local priv escalation exploit // by m4d // http://unl0ck.net include <windows. h> include <stdlib. h> include <stdio. h> // r0-shellcode creates C:\Hello.txt with "Hello from ring-0! :)" unsigned char Shellcode[4 0 5] = { 0x55, 0x8B, 0xEC, 0x83, 0xC4, 0xBC, 0x60, 0...

Kaspersky Antivirus 6.0 Local Privilege Escalation Exploit

No description provided by...

kav60-escalate.txt

...

Kaspersky AntiVirus 6.0 - Local Privilege Escalation

...

Kaspersky AntiVirus 6.0 - Local Privilege Escalation

Kaspersky AntiVirus 6.0 - Local Privilege...

Kaspersky Antivirus 6.0 Local Privilege Escalation Exploit

Exploit for unknown platform in category local...

Google advanced techniques—GooGle Hack-vulnerability warning-the black bar safety net

google hacking is actually not anything new,at the time did not pay attention to this technology,think of webshell or something,and without too much practical use. google hacking is not so simple... Commonly used google keyword: foo1 foo2 (which is associated, such as search xx company xx...

Debian DSA-1038-1 : xzgv - programming error

Andrea Barisani discovered that xzgv, a picture viewer for X with a thumbnail-based selector, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary...

OpenSSL RSA Signature Forgery Vulnerability

OpenSSL versions 0.9.7j and prior and 0.9.8b and prior contain a vulnerability that could allow an unauthenticated, remote attacker to successfully pass a forged X.509 certificate. The vulnerability could allow an unauthenticated, remote attacker to pass a forged Public-Key Cryptography Standards.....

PHProjekt <= 5.1 Multiple Remote File Inclusions

The remote host is running PHProjekt, an open source groupware suite written in PHP. The version of PHProjekt installed on the remote host fails to sanitize user-supplied input to the 'path_pre' parameter of the 'lib/specialdays.php' script as well as the 'lib_path' parameter of the...

RealVNC 4.1.0 - 4.1.1 (Null Authentication) Auth Bypass Exploit (meta)

Exploit for multiple platform in category remote...

RealVNC 4.1.0 - 4.1.1 (Null Authentication) Auth Bypass Exploit (meta)

No description provided by...

RealVNC 4.1.0 &lt; 4.1.1 - VNC Null Authentication Bypass (Metasploit)

...

RealVNC 4.1.0 4.1.1 - VNC Null Authentication Bypass (Metasploit)

RealVNC 4.1.0 4.1.1 - VNC Null Authentication Bypass...

[SECURITY] [DSA 1038-1] New xzgv packages fix arbitrary code execution

Debian Security Advisory DSA 1038-1 [email protected] http://www.debian.org/security/ Martin Schulze April 22nd, 2006 http://www.debian.org/security/faq Package : xzgv Vulnerability : programming error Problem type ...

[SECURITY] [DSA 1038-1] New xzgv packages fix arbitrary code execution

Debian Security Advisory DSA 1038-1 [email protected] http://www.debian.org/security/ Martin Schulze April 22nd, 2006 http://www.debian.org/security/faq Package : xzgv Vulnerability : programming error Problem type ...

xzgv - programming error

Andrea Barisani discovered that xzgv, a picture viewer for X with a thumbnail-based selector, attempts to decode JPEG images within the CMYK/YCCK colour space incorrectly, which could lead to the execution of arbitrary code. For the old stable distribution (woody) this problem has been fixed in...

zgv, xzgv: Heap overflow

Background xzgv and zgv are picture viewing utilities with a thumbnail based file selector. Description Andrea Barisani of Gentoo Linux discovered xzgv and zgv allocate insufficient memory when rendering images with more than 3 output components, such as images using the YCCK or CMYK colour...

nCipher Advisory #14: Presence of flaws in firmware security

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 nCipher Security Advisory No. 14 Presence of flaws in firmware security -------------------------------------- Note nCipher is publishing three advisories numbered 12, 13 and 14 simultaneously. You are advised to...

Focus technology:Google you really good(Google Hack)-vulnerability warning-the black bar safety net

In fact, earlier should be issued to, domestic about google tips aspects of finishing, I probably was one of the first people right, then sniper write a google hack, they're more lazy. Now help wives find the papers, the keyword matching tired of death. These tips are my finishing after the...

Microsoft IIS 'showcode.asp' Default File Directory Traversal Vulnerability - Active Check

Internet Information Server (IIS) 4.0 ships with a set of sample files to help web developers learn about Active Server Pages (ASP). One of this sample file is prone to a directory traversal...

Directory Scanner

This plugin attempts to determine the presence of various common dirs on the remote web...

Linux Kernel 2.4.x2.6.x - Bluez BlueTooth Signed Buffer Index Privilege Escalation (2)

Linux Kernel 2.4.x2.6.x - Bluez BlueTooth Signed Buffer Index Privilege Escalation...

Linux Kernel 2.4.x/2.6.x - &#039;Bluez&#039; BlueTooth Signed Buffer Index Privilege Escalation (2)

...

Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)

No description provided by...

Linux Kernel 2.4/2.6 bluez Local Root Privilege Escalation Exploit (update)

Exploit for linux platform in category local...

Linux Kernel 2.4.x/2.6.x - Bluetooth Signed Buffer Index Vulnerability 4

Linux Kernel 2.4.x/2.6.x Bluetooth Signed Buffer Index Vulnerability (4). CVE-2005-0750. Local exploit for linux...

OpenSSL Version Rollback and Weak Cryptographic Algorithm Vulnerabilities

OpenSSL contains vulnerabilities that could allow an unauthenticated, remote attacker to bypass security restrictions. The first vulnerability (CVE-2005-2969) affects any application using a SL/TLS server implementation provided by OpenSSL versions 0.9.7g and prior. If these implementations have...

FreeBSD : gaim -- malicious smiley themes (635bf5f4-26b7-11d9-9289-000c41e2cdad)

The Gaim Security Issues page documents a problem with installing smiley themes from an untrusted source : To install a new smiley theme, a user can drag a tarball from a graphical file manager, or a hypertext link to one from a web browser. When a tarball is dragged, Gaim executes a shell command....

Multiple OS (Win32/Aix/Cisco) - Crafted ICMP Messages Denial of Service (MS05-019)

...

Multiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit

Exploit for multiple platform in category dos /...

Multiple OS (Win32AixCisco) - Crafted ICMP Messages Denial of Service (MS05-019)

Multiple OS (Win32AixCisco) - Crafted ICMP Messages Denial of Service...

Multiple OS (win32/aix/cisco) Crafted ICMP Messages DoS Exploit

No description provided by...

[Full-disclosure] Cisco Security Advisory: Crafted ICMP Messages Can Cause Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Crafted ICMP Messages Can Cause Denial of Service Revision 1.0 For Public Release 2005 April 12 1200 UTC (GMT) +---------------------------------------------------------------------- Contents Summary Affected Products Details...

xzgv: Multiple overflows

Background xzgv is a picture viewer for X, with a thumbnail-based file selector. Description Multiple overflows have been found in the image processing code of xzgv, including an integer overflow in the PRF parsing code (CAN-2004-0994). Impact An attacker could entice a user to open or browse a...

[SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code execution

Debian Security Advisory DSA 614-1 [email protected] http://www.debian.org/security/ Martin Schulze December 21st, 2004 http://www.debian.org/security/faq Package : xzgv Vulnerability : integer overflows Problem-Type ...

[SECURITY] [DSA 614-1] New xzgv packages fix arbitrary code execution

Debian Security Advisory DSA 614-1 [email protected] http://www.debian.org/security/ Martin Schulze December 21st, 2004 http://www.debian.org/security/faq Package : xzgv Vulnerability : integer overflows Problem-Type ...

xzgv - integer overflows

Luke "infamous41md" discovered multiple vulnerabilities in xzgv, a picture viewer for X11 with a thumbnail-based selector. Remote exploitation of an integer overflow vulnerability could allow the execution of arbitrary code. For the stable distribution (woody) these problems have been fixed in...

Debian DSA-614-1 : xzgv - integer overflows

Luke 'infamous41md' discovered multiple vulnerabilities in xzgv, a picture viewer for X11 with a thumbnail-based selector. Remote exploitation of an integer overflow vulnerability could allow the execution of arbitrary...

iDEFENSE Security Advisory 12.13.04 - Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability

Multiple Vendor xzgv PRF Parsing Integer Overflow Vulnerability iDEFENSE Security Advisory 12.13.04 http://www.idefense.com/application/poi/display?id=160&type=vulnerabilit ies December 13, 2004 I. BACKGROUND xzgv is a picture viewer for X, with a thumbnail-based file selector. It uses GTK+ and...

CVE-2004-0079

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null...

CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test...

CVE-2004-0112

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an...

zgv image viewing heap overflows

++++++++++++++++++++++++++++++++++++++++++++ Subject: zgv multiple heap overflows ++++++++++++++++++++++++++++++++++++++++++++ Product: zgv is a picture viewer with a thumbnail-based file selector, for the Linux and FreeBSD console (it uses svgalib). It's pretty featureful, and is probably the...

Mandrake Linux Security Advisory : gaim (MDKSA-2004:110)

More vulnerabilities have been discovered in the gaim instant messenger client. The vulnerabilities pertinent to version 0.75, which is the version shipped with Mandrakelinux 10.0, are: installing smiley themes could allow remote attackers to execute arbitrary commands via shell metacharacters in.....