CVE-2008-3534

The shmemdeleteinode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service system crash via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to...

Nokia series 40 phones multiple security vulnerabilities

Multiple J2ME implementation vulnerabilities allow complete device compromization...

Buffer overflow

Buffer overflow in format descriptor parsing in the uvcparseformat function in drivers/media/video/uvc/uvcdriver.c in uvcvideo in the video4linux V4L implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors...

Pligg Auto-Voter Using XSS to Bypass CSRF Protection

Explanation: Pligg Suffers from a Reflective Cross Site Scripting vulnerability in index.php. For the $GET'category' variable. Exploit code was written that uses this flaw to bypass the CSRF protection to then vote on any pligg article of the attackers choosing. I took inspiration from the Myspac...

DNS BailiWicked Host Attack

No description provided by source. /msf3/msfconsole require 'msf/core' require 'net/dns' require 'scruby' require 'resolv' module Msf class Auxiliary::Spoof::Dns::BailiWickedHost Msf::Auxiliary include Exploit::Remote::Ip def initializeinfo = superupdateinfoinfo, 'Name' = 'DNS BailiWicked Host...

CVE-2008-3247

The LDT implementation in the Linux kernel 2.6.25.x before 2.6.25.11 on x8664 platforms uses an incorrect size for ldtdesc, which allows local users to cause a denial of service system crash or possibly gain privileges via unspecified vectors...

CVE-2008-3264

The FWDOWNL firmware-download implementation in Asterisk Open Source 1.0.x, 1.2.x before 1.2.30, and 1.4.x before 1.4.21.2; Business Edition A.x.x, B.x.x before B.2.5.4, and C.x.x before C.1.10.3; AsteriskNOW; Appliance Developer Kit 0.x.x; and s800i 1.0.x before 1.2.0.1 allows remote attackers t...

Sun Java JDK/JRE 5 < Update 16 Multiple Vulnerabilities

The version of Sun Java Runtime Environment JRE 5.0 installed on the remote host is affected by multiple security issues : - A vulnerability in the XML processing module of the JRE could allow an untrusted applet/application unauthorized access to certain URL resources 238628. - A buffer overflow...

Fedora 8 : kernel-2.6.25.6-27.fc8 (2008-5454)

Update to kernel 2.6.25.6: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.5 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.6 CVE-2008-1673: The asn1 implementation in a the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ipnatsnmpbasic...

Net-SNMP远程绕过认证漏洞

BUGTRAQ ID: 29623 CVECAN ID: CVE-2008-0960 Net-SNMP是一个免费的、开放源码的SNMP实现，以前称为UCD-SNMP。 Net-SNMP处理认证的实现上存在漏洞，远程攻击者可能利用此漏洞绕过认证获取SNMP对象的访问。...

X.org MIT-SHM extension arbitrary memory read

Integer overflow in the fbShmPutImage function in the MIT-SHM extension in the X server 1.4 in X.Org X11R7.3 allows context-dependent attackers to read arbitrary process memory via crafted values for a Pixmap width and height...

CVE-2008-1673

The asn1 implementation in a the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ipnatsnmpbasic modules; and b the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of servi...

CVE-2008-1673

The CVE-2008-1673 vulnerability affects the Linux kernel ASN.1 BER decoding in CIFS and ip_nat_snmp_basic modules (and gxsnmp). Root cause: improper validation of ASN.1 BER lengths, enabling a remote attacker to crash the system or execute arbitrary code via: (1) a length greater than the working...

Sun Solaris TCP SYN Flood远程拒绝服务漏洞

BUGTRAQ ID: 29089 Solaris是一款由Sun开发和维护的商业性质UNIX操作系统。 Solaris的TCP实现中的安全漏洞可能允许远程非特权用户在TCP SYN洪水的情况下导致接受新的网络连接速度变慢，可能无法创建网络连接便已超时。此外，单处理器系统还可能由于高CPU使用率而总体变慢，导致整个系统拒绝服务。 这个漏洞影响ndd1M可调节值tcpconnreqmaxq0明显高于默认值1024的主机。该值越大，漏洞被利用后对主机的影响越大。如果这个漏洞被利用，控制台中可看到以下消息： WARNING: High TCP connect timeout rate! Syst...

Hackers social engineering attacks new technologies:opportunities and-attack-vulnerability warning-the black bar safety net

Opportunities type of attack refers to a specific time, place, event, environmental conditions, take special tools for the invasion and destruction of the means, it belongs to social engineering attacks, and in 2 0 0 8 years will frequently appear. Trendy attacks As social engineering attacks,...

Gentoo Linux multiple packages incalid SSL certificates generation

Certificate may be leaked to public file due to invalid ssl-cert eclass implementation...

[SECURITY] Fedora 8 Update: libtirpc-0.1.7-15.fc8

This package contains SunLib's implementation of transport-independent RPC TI-RPC documentation. This library forms a piece of the base of Open Network Computing ONC, and is derived directly from the Solaris 2.3 source. TI-RPC is an enhanced version of TS-RPC that requires the UNIX System V...

[SECURITY] Fedora 8 Update: odccm-0.11-1.fc8

Odccm is a dccm-implementation for Windows Mobile devices...

Cisco IP Phone 7921不安全PEAP实现漏洞

BUGTRAQ ID: 27935 Cisco 7921是一部无线的IP电话。 Cisco IP Phone 7921认证机制实现上存在漏洞，远程攻击者可能利用此漏洞获取口令相关的信息。 如果将Cisco 7921 IP电话配置为使用PEAP （MS-CHAPv2）的话，就不会验证服务器证书。如果恶意用户建立了恶意的接入点且RADIUS后端的签名数字证书声明与客户端使用相同证书的话，由于客户端不会检查签名，因此就会认为正在与可信任的服务器通讯，可能会向服务器发送哈希口令或PIN。 Cisco IP Phone 7921 厂商补丁： Cisco -----...

CVE-2008-1095

Unspecified vulnerability in the Internet Protocol IP implementation in Sun Solaris 8, 9, and 10 allows remote attackers to bypass intended firewall policies or cause a denial of service panic via unknown vectors, possibly related to ICMP packets and IP fragment reassembly...