« Brief: Fake codecs continue to plague searches
Brief: Reported data leaks reach high in 2007 »

Bugtraq: [SECURITY] [DSA 1440-1] New inotify-tools packages fix arbitrary codeexecution

[SECURITY] [DSA 1440-1] New inotify-tools packages fix arbitrary codeexecution


Related Files:

  • http://packetstormsecurity.com/0709-advisories/sa26825.txt

    Secunia Security Advisory - A vulnerability has been reported in inotify-tools, which can potentially be exploited by malicious users to compromise an application using the library.  Homepage: http://secunia.com/advisories/26825/

  • http://packetstormsecurity.com/0711-advisories/sa27616.txt

    Secunia Security Advisory - Fedora has issued an update for inotify-tools. This fixes a vulnerability, which potentially can be exploited by malicious users to compromise an application using the library.  Homepage: http://secunia.com/advisories/27616/

  • http://packetstormsecurity.com/0311-exploits/_BSSADV-0000.txt

    Bugtraq Security Systems Security Advisory - Multiple vulnerabilities have been discovered in the Applied Watch Command Center IDS. Two exploits have been released to demonstrate these flaws. The first, appliedsnatch.c, allows a remote attacker to add a user to the console without having to authenticate to the system. The second, addrule.c, allows a remote attacker to add custom IDS alerts to all sensor nodes in a network, enabling a human denial-of-service attack by making good packets look bad. Related CVE Numbers: CAN-2003-0970, CAN-2003-0971.  Homepage: http://www.bugtraq.org. Authored By The Bugtraq Team

  • http://packetstormsecurity.com/docs/infosec/bugtraq.ids.thread.txt

    Complete archive of the excellent threads recently posted on the BugTraq mailing list regarding Intrusion Detection Systems. IDS theories, implementations, problems, and reviews of commercial products are among the topics covered.

  • http://packetstormsecurity.com/0704-advisories/pico-traverse.txt

    Acubix PicoZip version 4.02 suffers from a directory traversal vulnerability.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

  • http://packetstormsecurity.com/0707-advisories/t1lib.txt

    T1Lib suffers from a buffer overflow vulnerability.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

  • http://packetstormsecurity.com/0704-exploits/exponent-multi.txt

    Exponent CMS versions 0.96.6-Alpha and below are susceptible to directory traversal and cross site scripting vulnerabilities.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

  • http://packetstormsecurity.com/0704-exploits/rspa-rfi.txt

    Really Simple PHP and Ajax, or RSPA, is susceptible to a remote file inclusion vulnerability. Version RSPA-2007-03-23 is susceptible.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

  • http://packetstormsecurity.com/0102-exploits/bugtraq.c

    Bugtraq.c is an exploit for the Bind tsig bug which has been crippled somewhat. Tested against Slackware 7.0. Authored By Count Neithardt von Gneisenau

  • http://packetstormsecurity.com/0702-exploits/phptraffic-lfi.txt

    phpTrafficA version 1.4.1 is susceptible to a local file inclusion vulnerability.  Homepage: http://www.bugtraq.ir/. Authored By Hamid Ebadi

    • This entry was posted on Friday, December 28th, 2007 at 8:00 am and is filed under Cross Site Scripting (XSS), Host Intrusion Detection Systems, Host Intrusion Prevention Systems, Linux, Network Intrusion Detection Systems, Network Intrusion Prevention Systems, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    Leave a Reply

    You must be logged in to post a comment.