Archive Search Results for: Netragard
Search Results: 1 - 25
| /// File Name: |
NETRAGARD-20060624.txt |
Description:
| Roxio 7 Toast contains locally exploitable vulnerabilities due to insecure system() by calls by suid binaries which use the user's $PATH environment variable. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com |
| MD5 Checksum: | e35515e18e4473ecd25a7cb3194ed533 |
|
| /// File Name: |
ROXIO_RACE_NETRAGARD-20060624.txt |
Description:
| Deja Vu, which is bundled with Roxio Toast 7, creates ruby scripts in the /tmp directory. These scripts contain commands which are executed with escalated privileges. A race condition exists which makes it possible to execute arbitrary commands against the system or gain root level access. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| MD5 Checksum: | b664c1e14707b5901996489b95fbd02e |
|
| /// File Name: |
apple-kext-tools-20060822.txt |
Description:
| Roxio Toast 7 Titanium on Mac OSX executes the kextload command with root privileges. The kextload command contains two vulnerabilities which can be exploited by a local user to gain local root access to the system. This advisory outlines both issues. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| MD5 Checksum: | c18c77a56f92aa78a1dde77414ee9aeb |
|
| /// File Name: |
sa21867.txt |
Description:
| Secunia Security Advisory - Netragard has reported a vulnerability in Roxio Toast Titanium, which can be exploited by malicious, local users to gain escalated privileges. |
| Homepage: | http://secunia.com/advisories/21867/ |
| MD5 Checksum: | 3902de7a87b80b5074a2227e93075f27 |
|
| /// File Name: |
NETRAGARD-20060810.txt |
Description:
| Netragard, L.L.C Advisory: dtmail suffers from a buffer overflow vulnerability which could result in the execution of arbitrary code. More specifically this vulnerability is triggered when using -a flag: |
| Homepage: | http://www.netragard.com |
| MD5 Checksum: | e2a5786e80ceb93d705cf3c5b21d4bde |
|
| /// File Name: |
sa22528.txt |
Description:
| Secunia Security Advisory - Netragard has reported a vulnerability in HP Tru64 Unix, which can be exploited by malicious, local users to gain escalated privileges. |
| Homepage: | http://secunia.com/advisories/22528/ |
| MD5 Checksum: | 893f833b2eaf8d7d120a7f9120070c4d |
|
| /// File Name: |
sa22451.txt |
Description:
| Secunia Security Advisory - Netragard has reported a vulnerability in HP-UX, which can be exploited by malicious, local users to gain escalated privileges. |
| Homepage: | http://secunia.com/advisories/22451/ |
| MD5 Checksum: | 11dc8faed52cd6804977e11b89194d44 |
|
| /// File Name: |
NETRAGARD-20060810-2.txt |
Description:
| Netragard, L.L.C Advisory Netragard-20060810 (UPDATE): dtmail suffers from a buffer overflow vulnerability which could result in the execution of arbitrary code. More specifically this vulnerability is triggered when using -a flag: |
| Homepage: | http://www.netragard.com |
| Related File: | NETRAGARD-20060810.txt |
| MD5 Checksum: | 8c5842d5b184f143c8ed16676cb744fd |
|
| /// File Name: |
NETRAGARD-20060810-1.txt |
Description:
| Netragard, L.L.C Advisory Netragard-20060810 - libpthread suffers from a buffer overflow vulnerability which may enable an attacker to execute arbitrary commands on the system. This vulnerability may potentially be exploited by a creating a specially crafted buffer and inserting it into the PTHREAD_CONFIG variable. Version 5.1b is affected. |
| Homepage: | http://www.netragard.com |
| MD5 Checksum: | c15d7a566c97361fe11f65fdbda11ff9 |
|
| /// File Name: |
NETRAGARD-20061206.txt |
Description:
| Netragard, L.L.C Advisory - @Mail version 4.51 does not properly sanitize email allowing for cross site scripting attacks. |
| Homepage: | http://www.netragard.com |
| MD5 Checksum: | 1e73247370f70b7019041da3b6f68945 |
|
| /// File Name: |
sa23472.txt |
Description:
| Secunia Security Advisory - Netragard has reported two vulnerabilities in @Mail, which potentially can be exploited by malicious people to conduct cross-site scripting attacks or cross-site request forgery attacks. |
| Homepage: | http://secunia.com/advisories/23472/ |
| MD5 Checksum: | 59ead0cd59e762828fc89be832da006d |
|
| /// File Name: |
NETRAGARD-20061218.txt |
Description:
| Netragard, L.L.C Advisory - It is possible to take control of an @Mail webmail email account by exploiting a Cross Site Request Forgery (XRSF) vulnerability in the @Mail webmail product. An attacker can send a specially crafted email to any @Mail webmail user with a forged "img" tag. This forged tag, if crafted properly, will inject new settings into the @Mail webmail users account. Version 4.51 is susceptible. |
| Homepage: | http://www.netragard.com |
| MD5 Checksum: | 629b483b68e10bb70a63d9f54125e278 |
|
| /// File Name: |
NETRAGARD-20070220-1.txt |
Description:
| Netragard, L.L.C Advisory - McAfee Virex contains an exploitable feature that enables users to define what files should be excluded for scanning. This feature relies on a configuration file with insecure privileges and is located in /Library/Application Support. Any user on the system can modify or delete the configuration file thus affecting what Virex will scan. Versions 7.7 and below are affected. |
| Author: | Kevin Finisterre |
| Homepage: | http://www.netragard.com/html/recent_research.html |
| MD5 Checksum: | 7a113c2b8adb0d5f52d1d955c4363497 |
|
| /// File Name: |
NETRAGARD-20070313.txt |
Description:
| Netragard, L.L.C Advisory - Netragard's SNOsoft Research Team discovered two critical vulnerabilities in the OpenBase SQL Relational Database that can lead to full system compromise. OpenBase versions 10.0.5 and below are affected. |
| Author: | Adriel T. Desautels,Kevin Finisterre |
| Homepage: | http://www.netragard.com/ |
| MD5 Checksum: | 0c384ec80b5dc1e8f843028ebcd5ff01 |
|
| /// File Name: |
NETRAGARD-20070628.txt |
Description:
| Netragard, L.L.C Advisory - Core Image Fun House versions 2.0 and below for OS X suffer from a buffer overflow vulnerability when a specially crafted .funhouse file is leveraged. Proof of concept code included. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| MD5 Checksum: | 4ebf0758abef6c1b823f393ad43b0478 |
|
| /// File Name: |
facebook-reconpwn.txt |
Description:
| Netragard's account of using Facebook to earn the trust of a company's employees and turning the tables on them. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| MD5 Checksum: | fe2a65806dd838861445d497728a15b9 |
|
| /// File Name: |
NETRAGARD-20070820.txt |
Description:
| Netragard, L.L.C Advisory - The Cambium Group Content Management System (CAMAS) Failed most Open Web Application Security Project ("OWASP") criterion during testing. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| MD5 Checksum: | ff91376dbceabe9276e92e521943eec9 |
|
| /// File Name: |
NETRAGARD-2009042.txt |
Description:
| Netragard, L.L.C Advisory - The GoGo Inflight Internet service fails to encrypt wireless connections between users and the access point. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| MD5 Checksum: | 88e5aad645ef5a3e072f96ad92710f70 |
|
| /// File Name: |
NETRAGARD-20090622.txt |
Description:
| Netragard, L.L.C Advisory - The libxml library is prone to a heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary within the context of an application using the affected library. Failed exploit attempts will result in a denial-of-service vulnerability. Safari uses the vulnerable libxml library and can be attacked via the feed:// input vector. Versions below 3.2.3 are affected. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| Related CVE(s): | CVE-2008-3529 |
| MD5 Checksum: | 8793dbcfcf2af7d27c3ceba8df209a16 |
|
| /// File Name: |
NETRAGARD-20091219.txt |
Description:
| Netragard, L.L.C Advisory - Mac OS X Java Runtime suffers from buffer overflows that allow for remote code execution. |
| Author: | Adriel T. Desautels |
| Homepage: | http://www.netragard.com/ |
| Related CVE(s): | CVE-2009-3869, CVE-2009-3871, CVE-2009-3875, CVE-2009-3874, CVE-2009-3728, CVE-2009-3872, CVE-2009-3868, CVE-2009-3867, CVE-2009-3884, CVE-2009-3873, CVE-2009-3877, CVE-2009-3865, CVE-2009-3866 |
| MD5 Checksum: | bf29ef8a7cb944628b6bfd65dacce73a |
|
Interested in what other people are searching for? Check out the Packet Storm Storm Watch!
Archive Search Results for: Netragard
Search Results: 1 - 25
Total Results: 22
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
