what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 511 RSS Feed

Files

SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference
Posted Oct 31, 2012
Authored by Lucas Apa | Site ioactive.com

IOActive Security Advisory - A vulnerability exists within AscoServer.exe of SIEMENS SiPass during the handling of RPC messages over the ethernet bus. Insufficient sanity checking allows remote and unauthenticated attackers to corrupt a heap-allocated structure and then dereference an arbitrary pointer. This flaw allows remote attackers to execute arbitrary code on the target system, under the context of the SYSTEM account, where the vulnerable versions of SIEMENS SiPass Integrated are installed. More advanced payloads could modify the behavior of the application’s internal controllers to unlock doors, control specific hardware, or expose businesses to other security risks. SIEMENS SiPass Integrated versions MP2.6 and earlier are affected.

tags | advisory, remote, arbitrary
SHA-256 | 6c360fd7a497194cefa22ee03fee415561bb9f756de284b4f7fa3b2eae5e5953
Drupal Password Policy 6.x / 7.x Information Disclosure
Posted Oct 31, 2012
Authored by Alexis Wilke | Site drupal.org

Drupal Password Policy third party module versions 6.x and 7.x suffer from an information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | 4f166deab0186f97644f13236a2f760abbe59ed8082944d698f4cbd95cb7eb4e
Cisco Security Advisory 20121031-dcnm
Posted Oct 31, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Prime Data Center Network Manager (DCNM) contains a remote command execution vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary commands on the computer that is running the Cisco Prime DCNM application. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, arbitrary
systems | cisco
SHA-256 | 2f82b42df8ccd88fb4ed8096916f6700e1ff0b044532fae2f1f4d025164daad8
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Oct 31, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 2ee2db415b12689d6f8289e311590b5173458b14e6d21c07db0d0e896dfa554f
Cisco Security Advisory 20121031-mp
Posted Oct 31, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified MeetingPlace Web Conferencing is affected by remote SQL injection and buffer overrun vulnerabilities. Cisco has released free software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities.

tags | advisory, remote, web, overflow, vulnerability, sql injection
systems | cisco
SHA-256 | c8372cfbc399ee23d63927afafe27e610a6548cdd057c146f8b92cfb306c4d46
HP Security Bulletin HPSBUX02825 SSRT100974
Posted Oct 30, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02825 SSRT100974 - A potential security vulnerability has been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. This could allow remote unspecified indirect vulnerabilities. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2012-0547
SHA-256 | 547ceb4ef1c1d89b9d16d647e2865c0306004252d0f2fa561617c7dfa92310e2
Red Hat Security Advisory 2012-1416-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1416-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
SHA-256 | 101cacfd82c7dac3ea6d3f99a4197eed000e0c42051e56aed16c17208f1c73a8
Red Hat Security Advisory 2012-1418-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1418-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
SHA-256 | 6582863cde9c49a0e0bc85184224c6048197a56271a1b5c82822fe8778621d7f
Red Hat Security Advisory 2012-1417-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1417-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, the Extended Update Support for Red Hat Enterprise Linux 6.0 will end on 30th November, 2012.

tags | advisory
systems | linux, redhat
SHA-256 | c9451315b1ce5338a1748fe923873d9af637d3dfa78f3e93176d908e4589506b
Citrix XenServer 6.0.2 Privilege Escalation
Posted Oct 30, 2012
Authored by James Forshaw, Context Information Security Ltd | Site contextis.co.uk

Citrix XenServer version 5.0 through 6.0.2 suffer from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2012-4606
SHA-256 | eb3974e68da4195443054f477c4bf3f18f7d35f86b9ec8a0799c51acbb0c4459
Secunia Security Advisory 51130
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in EMC Avamar Client for VMware, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
SHA-256 | deaac988fa770fc458028bfe0f9f9fe35562dd4d3b67ff7be8a2db044a58ea6f
Secunia Security Advisory 51116
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the Formhandler extension for TYPO3, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 875d2cfd25178a58dac0e234b2838f0c47b3d7181a052e23bc535c818b8f624a
Secunia Security Advisory 51127
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox, MozillaThunderbird, xulrunner, and seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, suse
SHA-256 | 1fea2bbae517baa23ca053dc1ae64c82fd9e15994a3ee08e24ff219495c1aea5
Secunia Security Advisory 51123
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, redhat
SHA-256 | bdd901343c88160ef5544078a6448e4c838f7ff514f18d3b165c9ba0bf1acd98
Secunia Security Advisory 51075
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Craig has reported a vulnerability in D-Link Wireless N300 Cloud Router, which can be exploited by malicious people to compromise a vulnerable device.

tags | advisory
SHA-256 | 0c755c044ff7818095b8456ebfb819b7501699f81f43a2f50268485322346eca
Ubuntu Security Notice USN-1620-2
Posted Oct 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1620-2 - USN-1620-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Please note that Thunderbird is only affected by window.location issues through RSS feeds and extensions that load web content. Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the Location object. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections and perform cross-origin reading of the Location object. Various other issues were also addressed.

tags | advisory, remote, web, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2012-4196, CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
SHA-256 | f2e4e764d882fd6bbb7f865b89f77a72bcbe31d45eecbc5b68c1ddb8b974ee7d
Secunia Security Advisory 51121
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, ubuntu
SHA-256 | 5b38e09956f586c935b4630b82e2cbe5589bc7e004a970632e953834c2293b8f
Secunia Security Advisory 51105
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 930fea3ca9f7afe619635f17bc6af000f510550568de2821a2f436d3f6684732
Secunia Security Advisory 51108
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has reported a vulnerability in CorePlayer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 870733fc405b5be026a1fc2b6bf94d2bace074f3968dc0d1414a4b513b9f048f
Secunia Security Advisory 51135
Posted Oct 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in the Slideshow plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | cae362d210f74443ff8b56bb92abeac5f7ae52f94e4b5fc060ecb07b665e3b0e
Red Hat Security Advisory 2012-1413-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1413-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the location object implementation in Thunderbird. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Thunderbird to execute arbitrary code.

tags | advisory, arbitrary, xss
systems | linux, redhat
advisories | CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
SHA-256 | ccae172d860a3458ffe08c0e4d3601ae3a7c6d83f4023e8cca647e1d72557f01
Debian Security Advisory 2569-1
Posted Oct 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2569-1 - Multiple vulnerabilities have been discovered in Icedove, Debian's version of the Mozilla Thunderbird mail client.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3982, CVE-2012-3986, CVE-2012-3990, CVE-2012-3991, CVE-2012-4179, CVE-2012-4180, CVE-2012-4182, CVE-2012-4186, CVE-2012-4188
SHA-256 | 5a06bd2116ba702863aef57845ec332601a1a47904f725f8392f9f557e438fe5
EMC Avamar Client For VMware Information Disclosure
Posted Oct 29, 2012
Site emc.com

The Avamar Server root user password is stored in plain text on Avamar VMWare proxy client. This could allow a malicious user with network access to proxy client and Avamar Server to gain privileged access to the Avamar server.

tags | advisory, root
advisories | CVE-2012-4610
SHA-256 | 42555590e2ec1eaa4ed0e58462ba49dc8fd26c16852f27e2bdf6f80bb817912e
Slackware Security Advisory - mozilla-firefox Updates
Posted Oct 29, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
SHA-256 | b3530772c2e519ca40f58872a39ef3d1c3c568a41a37bf4943b3f7cd0265fd4f
Secunia Security Advisory 51144
Posted Oct 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | ffc00ca2f9a908e46dec016bb7a8b16923322b279631060c67fe58158b246bea
Page 1 of 21
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close