exploit the possibilities
Showing 1 - 25 of 70 RSS Feed

Files Date: 2011-06-01

Cisco Security Advisory 20110601-ac
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by arbitrary program execution and local privilege escalation vulnerabilities. There are no workarounds for the vulnerabilities described in this advisory.

tags | advisory, arbitrary, local, vulnerability
systems | cisco
advisories | CVE-2011-2039, CVE-2011-2040, CVE-2011-2041
MD5 | ded5df1f191a82920beb766e9cbda8aa
Easy FTP Server 1.7.0.2 Buffer Overflow
Posted Jun 1, 2011
Authored by b33f

Easy FTP Server version 1.7.0.2 post authentication buffer overflow exploit.

tags | exploit, overflow
MD5 | e12184204f724898fca9ca5180055fc1
Mandriva Linux Security Advisory 2011-105
Posted Jun 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-105 - This advisory updates wireshark to the latest version. A large/infinite loop exists in the DICOM dissector. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. David Maciejak of Fortinet's FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark.

tags | advisory
systems | linux, redhat, mandriva
MD5 | 3dc330ad7545ca5ea0e0c7a8d962434a
Icinga 1.3.0 / 1.4.0 Cross Site Scripting
Posted Jun 1, 2011
Authored by Stefan Schurtz

Icinga versions 1.3.0 and 1.4.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0b2057e1fda7c6b824c4c685546d5d67
Cisco Security Advisory 20110601-mxe
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

tags | advisory, root
systems | cisco
advisories | CVE-2011-1623
MD5 | 415ceb69603668e452a7c42eabf110e1
Vibrant Creations SQL Injection
Posted Jun 1, 2011
Authored by eXeSoul

Vibrant Creations suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 61c7c4b45803728bef9488405194982e
MediaCluster (mcCMS) Shell Upload
Posted Jun 1, 2011
Authored by RoAd_KiLlEr

MediaCluster (mcCMS) suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 44b326918b84be62bb4e32c2061a9dd9
Netgear WNDAP350 Root Password Disclosure
Posted Jun 1, 2011
Authored by Juerd Waalboer

Netgear WNDAP350 versions 2.0.1 and 2.0.9 suffers from a remote root password and WPA2 key disclosure vulnerability.

tags | exploit, remote, root, info disclosure
MD5 | a7c0c44850d5f27f989063945eb404d7
Nagios 3.2.3 Cross Site Scripting
Posted Jun 1, 2011
Authored by Stefan Schurtz

Nagios version 3.2.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b02380adad6dfbcb6005bfb195965b9f
Cisco Security Advisory 20110601-phone
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified IP Phones 7900 Series devices, also known as TNP phones, are affected by three vulnerabilities that could allow an attacker to elevate privileges, change phone configurations, disclose sensitive information, or load unsigned software. These three vulnerabilities are classified as two privilege escalation vulnerabilities and one signature bypass vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

tags | advisory, vulnerability, bypass
systems | cisco
advisories | CVE-2011-1602, CVE-2011-1603, CVE-2011-1637
MD5 | b208d185c8bbff6de34959a875feea7e
Cisco Security Advisory 20110601-cnr
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Registrar Software Releases prior to 7.2 contain a default password for the administrative account. During the initial installation, users are not forced to change this password, allowing it to persist after the installation. An attacker who is aware of this vulnerability could authenticate with administrative privileges and arbitrarily change the configuration of Cisco Network Registrar.

tags | advisory
systems | cisco
advisories | CVE-2011-2024
MD5 | 0f20371013340ae928abeaa3d3aa07d7
Mandriva Linux Security Advisory 2011-104
Posted Jun 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-104 - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service via a negative response containing large RRSIG RRsets.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1910
MD5 | ead04afbf2cf0461d1e99d4a0500357d
A Really Simple Chat (ARSC) 3.3-rc2 XSS / SQL Injection
Posted Jun 1, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

A Really Simple Chat (ARSC) version 3.3-rc2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 4c9b509ace25703774943cbbe05804f9
Innovative Web SQL Injection
Posted Jun 1, 2011
Authored by Kalashinkov3

Innovative Web suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 529b6e8192dc7a37b3acdf00a46c2256
Post Revolution 0.8.0c XSS / XSRF / Denial Of Service
Posted Jun 1, 2011
Authored by Javier Bassi

Post Revolution version 0.8.0c suffers from cross site request forgery, cross site scripting, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, info disclosure, csrf
advisories | CVE-2011-1952, CVE-2011-1953, CVE-2011-1954
MD5 | 4ec390ec639cc30be942d7cad1621048
Cherokee Cross Site Request Forgery
Posted Jun 1, 2011
Authored by dave b

The Cherokee server admin configuration web interface suffers from a cross site request forgery vulnerability.

tags | advisory, web, csrf
MD5 | 6274758ba4e4c8e66d6a30f8efa1c215
VALID 2011 Call For Papers
Posted Jun 1, 2011
Site iaria.org

The VALID 2011 Call For Papers has been announced. This conference will be held in Barcelona, Spain from October 23rd through the 28th, 2011.

tags | paper, conference
MD5 | d4a455d567aa8a27a53a0548460509db
CodeMeter WebAdmin 3.30 / 4.30 Cross Site Scripting
Posted Jun 1, 2011
Authored by Rob Kraus | Site solutionary.com

CodeMeter WebAdmin versions 3.30 and 4.30 suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | b834b65b3c48ade728b6feab1dcc9e22
Debian Security Advisory 2250-1
Posted Jun 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2250-1 - Wouter Coekaerts discovered that the jabber server component of citadel, a complete and feature-rich groupware server, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-1756
MD5 | b689b92e54da94bf48e32aebe89be0a6
Debian Security Advisory 2249-1
Posted Jun 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2249-1 - Wouter Coekaerts discovered that jabberd14, an instant messaging server using the Jabber/XMPP protocol, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.

tags | advisory, denial of service, protocol
systems | linux, debian
advisories | CVE-2011-1754
MD5 | 912e276e010309c6b39860737ca1d01b
Debian Security Advisory 2248-1
Posted Jun 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2248-1 - Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server written in Erlang, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-1753
MD5 | d433a8d53b432e1a10afddabd3fbe51d
Secunia Security Advisory 44772
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SecureSphere Web Application Firewall, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, web
MD5 | bbdd0208cc794926b1ee3cdc81e3166d
Secunia Security Advisory 44765
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for ejabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
MD5 | b0ab5c0069536c054b3afce341e27ab1
Secunia Security Advisory 44808
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gdm. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
MD5 | e64b938acd246af2ef67b0a6c78aebde
Secunia Security Advisory 44465
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Georg Fritsch has reported a vulnerability in Wyse ThinOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 2c5c52ec94ea798b2d754107f8a7e7ea
Page 1 of 3
Back123Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    1 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close