Skip to content

{ Tag Archives } Advisories

Kernel time – time for patches

Yesterday Linux 2.6.18.3″>Linux 2.6.18.3 came out. A quick look into the changelog revealed:

commit c721af6db5992d16fbd93855666eafa616512e00
Author: Adrian Bunk
Date: Wed Nov 15 17:01:46 2006 +0100
[PATCH] security/seclvl.c: fix time wrap (CVE-2005-4352)
initlvl=2 in seclvl gives the guarantee
“Cannot decrement the system time”.
But [...]

Also tagged
2006 11 20 jensl Advisories
RedTeam Comments (0)

Viel Spass

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096

Wenn man jetzt den passenden exploit Code zur Hand hat….;)

Also tagged
2005 07 07 tronicum Advisories
RedTeam Comments (0)

Security research

Today we have published three new advirories dealing with pserv (pico server), although we are doing penetration testing heavily at the moment. You can find them at the usual place on our homepage. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the names CAN-2005-1365, CAN-2005-1366 and CAN-2005-1367 to these issues.

Also tagged
2005 05 17 jensl Advisories
RedTeam Comments (0)

Directory traversal in CitrusDB

coming soon

Also tagged
2005 02 04 till Advisories
RedTeam Comments (0)

SQL-Injection in CitrusDB

coming soon

Also tagged
2005 02 04 till Advisories
RedTeam Comments (0)

Authorization bypass in CitrusDB

coming soon

Also tagged
2005 01 30 till Advisories
RedTeam Comments (0)

Authentication bypass in CitrusDB

coming soon

Also tagged
2005 01 30 till Advisories
RedTeam Comments (0)

Privilege escalation Vulnerability in OpenConf

Will be filled in shortly

Also tagged
2005 01 29 mdornseif Advisories
RedTeam Comments (0)

rt-sa-2005-001: Credit Card data disclosure in CitrusDB

Advisory: Credit Card data disclosure in CitrusDB
RedTeam found an information disclosure vulnerability in CitrusDB which
can result in disclosure of credit card information.
Details
=======
Product: CitrusDB
Affected Version: =0.3.6
OS affected: all
Security-Risk: very high
Remote-Exploit: yes
Vendor-URL: http://www.citrusdb.org/
Vendor-Status: informed, new version released
Advisory-URL: http://www.redteam-pentesting.de/advisories/rt-sa-2005-001.txt
CVE: CAN-2005-0229
Introduction
============
Description from vendor:
“CitrusDB is an open [...]

Also tagged
2005 01 29 mdornseif Advisories
RedTeam Comments (0)