[SECURITY] [DSA 1561-1] New ldm packages fix information disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1561-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst April 28, 2008 http://www.debian.org/security/faq -...

Debian DSA-1558-1 : xulrunner - programming error

It was discovered that crashes in the JavaScript engine of xulrunner, the Gecko engine library, could potentially lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securit...

Debian DSA-1555-1 : iceweasel - programming error

It was discovered that crashes in the JavaScript engine of Iceweasel, an unbranded version of the Firefox browser, could potentially lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

[SECURITY] [DSA 1558-1] New xulrunner packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1558-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 24, 2008 http://www.debian.org/security/faq -...

Debian DSA-1550-1 : suphp - programming error

It was discovered that suphp, an Apache module to run PHP scripts with owner permissions handles symlinks insecurely, which may lead to privilege escalation by local users. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Debian: Security Advisory (DSA-1551-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1541-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

XM Easy Personal FTP Server 5.4.0 - XCWD Denial of Service

XM Easy Personal FTP Server 5.4.0 - XCWD Denial of Service !/usr/bin/python XM Easy Personal FTP Server 5.4.0 XCWD DoS When admin looks at the server log, application crashes : Elhamdulillahi Rabbil-alemin! bt ./sploit.py + Saljemo zli bafer : + Now wait until the admin looks at server log : +...

Prediction Football 1.x - 'matchid' SQL Injection

/ Prediction Football v 1.x Remote SQL INJECTION Discovered by 0in from Dark-Coders Programming & Security Group. !!!!!! http://dark-coders.4rh.eu !!!!!! Contact: 0indotemailatgmaildotcom Greetz to all Dark-Coders Group Members: DieAngel, Sun8hclf, M4r1usz, Djlinux, Aristo89 Script homepage:...

Novel eDirectory HTTP - Denial of Service

!/usr/bin/python Novel eDirectory HTTP DOS Discovered and coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/novel-edir.py.txt import socket import os import sys from time import sleep biff=""2048 print " Payload sent "+ strlenbuff expl = socket.socket...

Mcafee EPO 4.0 - 'FrameworkService.exe' Remote Denial of Service

!/usr/bin/python Mcafee EPO 4.0 and others FrameworkService.exe DOS More than meets the eye Discovered and coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/mcafeeagain.py.txt EAX 00840C30 ECX 00837830 EDX 01EACF18 EBX 00004000 ESP 01EAFF04 EBP 01EAFF38...

PacketTrap Networks pt360 2.0.39 TFTPD Remote DoS Exploit

No description provided by source. !/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port = 69 try:...

TFTP Server 1.4 - ST Buffer Overflow

TFTP Server 1.4 - ST Buffer Overflow !/usr/bin/python TFTP Server for Windows V1.4 ST 0day http://sourceforge.net/projects/tftp-server/ Tested on Windows Vista SP0. Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/sourceforge-tftpd.py.txt bt...

PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service

!/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port = 69 try: s = socket.socketsocket.AFINET, socket.SOCKDGRAM except:...

PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service

PacketTrap Networks pt360 2.0.39 TFTPD - Remote Denial of Service !/usr/bin/python PacketTrap Networks pt360 2.0.39 TFTPD Remote DOS Coded by Mati Aharoni muts..at..offensive-security.com http://www.offensive-security.com/0day/pt360dos.py.txt import socket import sys host = '172.16.167.134' port ...

Debian DSA-1522-1 : unzip - programming error

Tavis Ormandy discovered that unzip, when processing specially crafted ZIP archives, could pass invalid pointers to the C library's free routine, potentially leading to arbitrary code execution CVE-2008-0888 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

Home FTP Server 1.4.5 Remote Denial of Service Exploit

No description provided by source. Discovered by 0in from DaRk-CodeRs Programming & Security Group Contact: 0indotemailatgmaildotcom Thats a very funny bug, and nobody understand how it works; When we send a python FTP retrlines function bad command and create a new connection server got DoS... o...

Debian DSA-1518-1 : backup-manager - programming error

Micha Lenk discovered that backup-manager, a command-line backup tool, sends the password as a command line argument when calling a FTP client, which may allow a local attacker to read this password which provides access to all backed-up files from the process listing. %NASLMINLEVEL 70300 C Tenab...

php5. 2. 3 remote CGI buffer overflow vulnerability-vulnerability warning-the black bar safety net

yuange Affected versions: php5. 2. 3 Does not affect the version: other version php5. 2. 3 in processing the CGI of the time, due to a programming error, missing parentheses, and wrong calculation of string length, resulting in a heap buffer overflow and possible remote execution of arbitrary cod...

[SECURITY] [DSA 1507-1] New turba2 packages fix permission testing

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1507-1 [email protected] http://www.debian.org/security/ Steve Kemp February 24, 2008 http://www.debian.org/security/faq -...