RHEL 5 : kernel (RHSA-2011:1813)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1813 advisory. - kernel: sctp dos CVE-2011-2482 - kernel: rpc task leak after flocking NFS share CVE-2011-2491 - kernel: /proc/PID/io infoleak CVE-2011-249...

wireshark: Infinite loop in the ANSI A Interface (IS-634/IOS) dissector

Off-by-one error in the elemcellidaux function in epan/dissectors/packet-ansia.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service infinite loop via an invalid packet...

Cisco VoIP phone vulnerability allow eavesdropping remotely

Cui, a fifth year grad student from the Columbia University Intrusion Detection Systems Lab and co-founder of Red Balloon Security, has demonstrated an attack on common Cisco-branded Voice over IP VoIP phones that could easily eavesdrop on private conversations remotely. The vulnerability Cui...

CVE-2012-5144

Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via vectors related to "an off-by-one overwrit...

Newscoop 4.0.2 Path Disclosure / SQL Injection

================================================================================ Vulnerable Software: Newscoop 4.0.2 Official site: sourcefabric.org Vulnerabilities: Blind SQLi & Path Disclosure Condition to exploit this vulnerability: GPC must be set OFF. Discovered by: AkaStep && KASIBOGLAN...

Nero MediaHome Multiple Remote DoS Vulnerabilities

High-Tech Bridge Security Research Lab has discovered multiple DoS vulnerabilities in Nero Media Home server, which could be exploited by a malicious person to crash the server remotely. 1 Off-by-one errors in Nero MediaHome server: CVE-2012-5876 1.1 The vulnerability exists due to an off-by-one...

CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

AZL-7378 CVE-2011-5244 affecting package t1lib 5.1.2-28

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

CVE-2011-5244

CVE-2011-5244 describes multiple off-by-one errors in t1lib's AFM parser (backend/dvi/mdvi-lib/afmparse.c), specifically in the token and linetoken functions, which are used by teTeX 3.0.x and GNOME Evince among others. The vulnerability allows remote attackers to crash a DVI reader and potential...

Omni-Secure 5 / 6 / 7 Remote File Disclosure

Remote File Discloure "Omni-secure" version 5 / 6 / 7 Viva Egypt & Grief and sorrow for the disaster Assiut, fUCK U QANDIL Greetz to : EL MOGHAZY & EL Mery Author:Mohamed Gaber "HackerEgy in the paste : " email :[email protected] Script : omni-secure version 5/6/7 Price :$197 Url:...

DEBIAN-CVE-2012-4540

Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service crash, or possibly execute arbitrary cod...

Alliance Issues Guidance for Cloud-Based SIEM Services

The non-profit Cloud Security Alliance today released guidelines for the nascent Security as a Service SecaaS specialization within the broader realm of cloud computing. The goal, the group says, is to help companies and consumers gain a better handle on how best to evaluate, build and deploy...

Debian DSA-2559-1 : libexif - several vulnerabilities

Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files. - CVE-2012-2812 : A heap-based out-of-bounds array read in the exifentrygetvalue function allows remote attackers to cause a denial of service or possibly obtain potentially sensitive informatio...

PLIB 1.8.5 - 'ssg/ssgParser.cxx' Local Buffer Overflow

/ Exploit Title: Plib + flightgear 3dconvert exploit Date: 08/10/2012 Author: Andres Gomez Software Links: Plib: http://plib.sourceforge.net/ flightgear: http://www.flightgear.org/ 3dconvert: ftp://ftp.ihg.uni-duisburg.de/FlightGear/Win32/old/3dconvert-win32.zip Version: Plib 1.8.5 Tested on:...

MaxForum 2.0.0 Local File Inclusion

Exploit Title: MaxForum v2.0.0 Local File Inclusion Vulnerability Date: 25/09/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://www.max4dev.com/demo/ar/ Software Link:...

CVE-2012-3735

The Passcode Lock implementation in Apple iOS before 6 does not properly interact with the "Slide to Power Off" feature, which allows physically proximate attackers to see the most recently used third-party app by watching the device's screen...