Mandriva Update for libalsa2 MDVA-2010:227 (libalsa2)

Check for the Version of libalsa2 OpenVAS Vulnerability Test Mandriva Update for libalsa2 MDVA-2010:227 libalsa2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

MDVA-2010:227 : libalsa2

This is a bugfix and maintenance update bundle that addresses various issues in a number of packages. Some thread-related problems were found in the libalsa2 library that could cause segmentation faults in some audio applications one example being phonon when used with gstreamer output and...

Mandriva Update for commoncpp MDVA-2010:225 (commoncpp)

Check for the Version of commoncpp OpenVAS Vulnerability Test Mandriva Update for commoncpp MDVA-2010:225 commoncpp Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

MDVA-2010:225 : commoncpp

This updates fixes two major bugs: - applog subcription/unsubscription needed to get a thread safe usage of applog were buggy and not thread safe themselves. - disabling slog usage form printout level error was not respected. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the...

Fedora 14 : apr-util-1.3.10-1.fc14 (2010-16178)

This update includes the latest stable release of the APR-util library. A memory leak in the aprbrigadesplitline function allowed a denial of service attack network services using this function, such as the Apache HTTP Server. CVE-2010-1623 Bug fixes to the 'thread pool' interfaces and ODBC suppo...

Apache Tomcat 4.x < 4.1.3 Denial of Service

According to its self-reported version number, the instance of Apache Tomcat 4.x listening on the remote host is prior to 4.1.3. It is, therefore, affected by a denial of service vulnerability. A malicious HTTP request can cause a request processing thread to become unresponsive. Further requests...

[SECURITY] Fedora 12 Update: quagga-0.99.17-1.fc12

Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi-thread approach to resolve the current complexity of the Internet. Quagga supports BGP4, BGP4+, OSPFv2, OSPFv3, RIPv1, RIPv2, and RIPng. Quagga is intended to be used as a Route Server and a Rout...

Fedora Update for dbus-glib FEDORA-2010-12863

Check for the Version of dbus-glib OpenVAS Vulnerability Test Fedora Update for dbus-glib FEDORA-2010-12863 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Microsoft Windows XP SP3内核创建线程本地权限提升漏洞（MS10-047）

BUGTRAQ ID: 42211 CVE ID: CVE-2010-1888 Microsoft Windows是微软发布的非常流行的操作系统。 Windows内核在创建特定类型的线程时存在竞争条件错误，本地用户可以通过运行恶意应用程序获得内核级权限提升。成功利用这个漏洞的攻击者可以执行任意内核态代码。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows XP SP3 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS10-047）以及相应补丁:...

Race condition

Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability."...

CVE-2010-1888

Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via vectors involving thread creation, aka "Windows Kernel Data Initialization Vulnerability."...

Motorola SB5101 Hax0rware Rajko HTTPd - Remote Denial of Service (PoC)

!/usr/bin/perl Motorola SB5101 Hax0rware Rajko HttpD Remote Exploit PoC Author: Dillon Beresford Date: 6/6/2010 Vendor: SBHacker & Motorola Software Link: http://www.sbhacker.net/forum/index.php Tested on Hax0rware 1.1 R30, R32 and R39 Description: Motorola SB5101 Hax0rware Rajko HttpD Remote...

Kaspersky Antivirus Code Injection

Hello Bugtraq. I write to notify a vulnerability in Kaspersky Antivirus that allows the code injection in the process that is executed in user's context, allowing: 1. The modification, creation and elimination of the values and keys in the Registration with respect to the configuration of the...

CVE-2009-4782

Multiple cross-site scripting XSS vulnerabilities in Theeta CMS, possibly 0.01, allow remote attackers to inject arbitrary web script or HTML via the 1 start, 2 forum, and 3 cat parameters to community/thread.php; 4 start and 5 cat parameters to community/forum.php; and 6 start parameter to...

Shellcode - Win32 MessageBox Metasploit module

Shellcode - Win32 MessageBox Metasploit module. Shellcode exploit for win32 platform $Id: messagebox.rb 4 2010-02-26 00:28:00:00Z corelanc0d3r & rick2600 $ Installation instructions : Drop file in framework3/modules/payloads/singles/windows folder Usage : ./msfpayload windows/messagebox...

PHPWind version 6.0 Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ====================================================== PHPWind version 6.0 Cross Site Scripting Vulnerability ====================================================== I found the PHPWind v6.0 just filter the xss code when the visitors login...

kernel security and bug fix update

2.6.9-89.0.23.0.1 - XEN fix cpu hotplug crash Joe Jin orabug 7521308 - XEN Bring up vcpus before khelper init Joe Jin orabug 7521308 - XEN flush the tlb cache immediately Dave McCracken, Scott Shi orabug 9138767 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug...

Symantec Norton AntiVirus Stack Exhaustion

Norton AntiVirus is a virus protection solution produced by Symantec corporation. When installed on a system, it installs a number of dynamic libraries and registers several ActiveX controls. A vulnerability has been reported in several Symantec products. One of the dynamic link libraries install...

Savant 3.1 Web Server Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Savant/3.1/ include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'Savant 3.1 Web Server...

Icecast 2.0.1 Header Overwrite

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Icecast %q...