User login

Defcon News

    more

    New Files / Applications

      more
      Home » news aggregator » categories

      Security Vulnerabilities

      August 25, 2007

      13:15
      n.runs-SA-2007.026.txt
      A remotely exploitable vulnerability has been discovered in the file parsing engine of Sophos AntiVirus versions prior to 2.48.0. The bug exists during the file parsing of GZIP packed files.
      Source: Packetstorm Advisories
      Categories: Security Vulnerabilities
      13:15
      n.runs-SA-2007.025.txt
      A remote exploitable vulnerability exists in clamav-milter when used with sendmail due to an insecure call to popen(). ClamAV versions prior to 0.91.2 are affected.
      Source: Packetstorm Advisories
      Categories: Security Vulnerabilities
      13:15
      tikiwiki-xss.txt
      Tikiwiki version 1.9.7 is susceptible to cross site scripting attacks.
      Source: Packetstorm Advisories
      Categories: Security Vulnerabilities
      09:15
      Bugtraq: rPSA-2007-0172-1 tar
      rPSA-2007-0172-1 tar
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      09:15
      Bugtraq: AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage
      AST-2007-021: Crash from invalid/corrupted MIME bodies when using voicemail with IMAP storage
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      08:30
      Bugtraq: More on VMWare poor guest isolation design
      More on VMWare poor guest isolation design >> Advertisement ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      08:30
      Bugtraq: security vulnerability in VMware
      security vulnerability in VMware
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      08:30
      Bugtraq: Security vulnerability in BufferZone 2.5
      Security vulnerability in BufferZone 2.5
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      08:30
      Bugtraq: Re: VMWare poor guest isolation design
      Re: VMWare poor guest isolation design
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      00:00
      Vuln: VMware Workstation VMStor-60 Driver Buffer Overflow Vulnerability
      VMware Workstation VMStor-60 Driver Buffer Overflow Vulnerability >> Advertisement ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      00:00
      Vuln: GNU Tar Hostile Destination Path Variant Vulnerability
      GNU Tar Hostile Destination Path Variant Vulnerability
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      00:00
      Vuln: GNU Tar Dot_Dot Function Remote Directory Traversal Vulnerability
      GNU Tar Dot_Dot Function Remote Directory Traversal Vulnerability
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      00:00
      Vuln: GNU Tar Hostile Destination Path Vulnerability
      GNU Tar Hostile Destination Path Vulnerability
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      00:00
      Vuln: Sophos Antivirus UPX and BZIP Multiple Remote Vulnerabilities
      Sophos Antivirus UPX and BZIP Multiple Remote Vulnerabilities
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      00:00
      Vuln: RETIRED: SPIP Inc-Calcul.PHP3 Remote File Include Vulnerability
      RETIRED: SPIP Inc-Calcul.PHP3 Remote File Include Vulnerability >> Advertisement ALERT: "How A Hacker Launches A Blind SQL Injection Attack Step-by-Step"!" - White Paper Blind SQL Injection can deliver total control of your server to a hacker giving them the ability to read, write and manipulate all data stored in your backend systems! Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! https://download.spidynamics.com/1/ad/bsq.asp?Campaign_ID=701600000004c29
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities
      00:00
      Vuln: Asterisk Malformed MIME Body Remote Denial of Service Vulnerability
      Asterisk Malformed MIME Body Remote Denial of Service Vulnerability
      Source: Security Focus Vulnerabilities
      Categories: Security Vulnerabilities

      August 24, 2007

      17:00
      proftpd-overflow.txt
      ProFTPD version 1.x mod_tls remote buffer overflow exploit.
      Source: Packetstorm Exploits
      Categories: Security Vulnerabilities
      15:00
      USN-502-1.txt
      Ubuntu Security Notice 502-1 - It was discovered that Konqueror could be tricked into displaying incorrect URLs. Remote attackers could exploit this to increase their chances of tricking a user into visiting a phishing URL, which could lead to credential theft.
      Source: Packetstorm Advisories
      Categories: Security Vulnerabilities
      15:00
      alpass27-en.txt
      ESTsoft ALPass version 2.7 suffers from an arbitrary code execution vulnerability when importing a specially crafted DB file.
      Source: Packetstorm Advisories
      Categories: Security Vulnerabilities
      15:00
      bugzilla-xss.txt
      Bugzilla versions below 2.20.5 and versions below 3.0.1 are susceptible to input validation and cross site scripting vulnerabilities.
      Source: Packetstorm Advisories
      Categories: Security Vulnerabilities