CastRipper 2.50.70 - .m3u Universal Stack Overflow

CastRipper 2.50.70 - .m3u Universal Stack Overflow !/usr/bin/perl CastRipper 2.50.70 .m3u Universal Stack Overflow Exploit Exploited By Stack first exploiter :d http://www.milw0rm.com/exploits/8660 bien jouer :d frero my $shellcode =...

CVE-2009-1603

src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted...

DEBIAN-CVE-2009-1603

src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted...

Fedora 10 : dia-0.96.1-9.fc10 (2009-0943)

Filter out untrusted python modules search path to remove the possibility to run arbitrary code on the user's system if there is a python file in dia's working directory named the same as one that dia's python scripts try to import. Note that Tenable Network Security has extracted the preceding...

Ubuntu USN-752-1 (linux-source-2.6.15)

The remote host is missing an update to linux-source-2.6.15 announced via advisory USN-752-1. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed...

[SECURITY] Fedora 9 Update: pam-1.0.4-4.fc9

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

[SECURITY] Fedora 10 Update: pam-1.0.4-4.fc10

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

Loggix Project 9.4.5 Blind SQL Injection

Salvatore "drosophila" Fresta + Application: Loggix Project + Version: 9.4.5 + Website: http://loggix.gotdns.org + Bugs: A Blind SQL Injection + Exploitation: Remote + Date: 10 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mail:...

[Backports-security-announce] Security Update for openafs

Russ Allbery uploaded new packages for openafs a distributed file system which fixed the following security problems: CVE-2009-1251 An attacker with control of a file server or the ability to forge RX packets may be able to execute arbitrary code in kernel mode on an OpenAFS client, due to a...

Loggix Project 9.4.5 SQL Injection

Salvatore "drosophila" Fresta + Application: Loggix Project + Version: 9.4.5 + Website: http://loggix.gotdns.org + Bugs: A Blind SQL Injection + Exploitation: Remote + Date: 10 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mail:...

Mandriva Update for dkms MDVA-2008:070 (dkms)

Check for the Version of dkms OpenVAS Vulnerability Test Mandriva Update for dkms MDVA-2008:070 dkms Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

DEBIAN-CVE-2009-0796

Cross-site scripting XSS vulnerability in Status.pm in Apache::Status and Apache2::Status in modperl1 and modperl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web script or HTML via the URI...

XOOPS Cube Legacy cross-site scripting vulnerability

Overview XOOPS Cube Legacy from XOOPS Cube Project contains a cross-site scripting vulnerability. XOOPS Cube Legacy from XOOPS Cube Project is an open source contents management system. XOOPS Cube Legacy contains a cross-site scripting vulnerability. According to the developers, a XOOPS Cube Lega...

GLSA-200903-41 : gedit: Untrusted search path

The remote host is affected by the vulnerability described in GLSA-200903-41 gedit: Untrusted search path James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983. Impact : A local attacker could entice a user to...

gedit: Untrusted search path

Background gedit is a text editor for the GNOME desktop. Description James Vega reported that gedit uses the current working directory when searching for python modules, a vulnerability related to CVE-2008-5983. Impact A local attacker could entice a user to open gedit from a specially crafted...

systemtap: race condition leads to privilege escalation

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors...

CVE-2009-0784

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors...

DEBIAN-CVE-2009-0784

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors...

CVE-2009-0784

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors...

CVE-2009-0784

CVE-2009-0784 : A race condition in the SystemTap stap tool (versions 0.0.20080705 and 0.0.20090314) can allow local stapusr users to insert arbitrary kernel modules and gain privileges. The issue is documented across multiple distributions ( MiracleLinux 3, Red Hat Enterprise Linux, Oracle Linux...