all things security
Showing 1 - 25 of 35 RSS Feed

Files Date: 2011-07-20

Cisco Security Advisory 20110720-sa500
Posted Jul 20, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco SA 500 Series Security Appliances are affected by two vulnerabilities on their web-based management interface. An attacker must have valid credentials for an affected device to exploit one vulnerability; exploitation of the other does not require authentication. Both vulnerabilities can be exploited over the network. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

tags | advisory, web, vulnerability
systems | cisco
advisories | CVE-2011-2546, CVE-2011-2547
MD5 | ca073b19e1a7d5d367388c8f3b68feb1
Cisco Security Advisory 20110720-asr9k
Posted Jul 20, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco IOS XR Software version 4.1.0 contain a vulnerability that may cause a network processor in a line card to lock up while processing an IP version 4 (IPv4) packet. As a consequence of the network processor lockup, the line card that is processing the offending packet will automatically reload. Cisco has released a free software maintenance upgrade (SMU) to address this vulnerability. There are no workarounds for this vulnerability.

tags | advisory
systems | cisco, osx
advisories | CVE-2011-2549
MD5 | 1cbae152475d7022322ec091e102c94e
Synergy Software SQL Injection
Posted Jul 20, 2011
Authored by Ehsan_Hp200

Synergy Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ba7f1ccfb44dedee098ce900e4fc7d6a
Technical Cyber Security Alert 2011-201A
Posted Jul 20, 2011
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2011-201A - Oracle Database, Oracle Secure Backup, Oracle Fusion Middleware, and various other Oracle products suffer from vulnerabilities including remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
MD5 | cf76371fba081e3235d374847aeb05fe
Zero Day Initiative Advisory 11-237
Posted Jul 20, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-237 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite r12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module (CA Gateway Security for HTTP), which responds to incoming HTTP requests on port 8080. Due to a flawed copy-loop algorithm in the URL parsing routine, it is possible for a remote unauthenticated user to cause an exploitable heap corruption condition. This could result in the execution of arbitrary code under the context of the Gateway Security service.

tags | advisory, remote, web, arbitrary
advisories | CVE-2011-2667
MD5 | 883ae31813306ae4fb9f325304910364
Infocus Web Solutions SQL Injection
Posted Jul 20, 2011
Authored by Ehsan_Hp200

Infocus Web Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 189861e52cae56d7c837b0a98cf2dd49
Tiki Wiki CMS 7.0 Cross Site Scripting
Posted Jul 20, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Tiki Wiki CMS version 7.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8a2622030b0abd4602df1994de755b09
Elitecore Cyberoam UTM Cross Site Scripting
Posted Jul 20, 2011
Authored by Patrick Webster

Elitecore Cyberoam UTM suffers from a cross site scripting vulnerability. Builds prior to 10.01.0 Build 0739 are affected.

tags | exploit, xss
MD5 | a85da37ecd3d19db557bb94699005da7
ARP-Scan ARP Generation Tool 1.8.1
Posted Jul 20, 2011
Authored by Roy Hills | Site nta-monitor.com

arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.

Changes: The data file "pkt-custom-request-vlan-llc.dat" was added to the tarball to allow the ARP request packet generation self test to complete successfully.
tags | tool, scanner, protocol
systems | unix
MD5 | 38db8f27fc6553a88367748ea04483d6
Mandriva Linux Security Advisory 2011-115
Posted Jul 20, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-115 - Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service via a crafted UPDATE request.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-2464
MD5 | 5dd4d51abde6e6c779ee85e8cd1f0c38
Ubuntu Security Notice USN-1171-1
Posted Jul 20, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1171-1 - It was discovered that an SQL injection vulnerability exists in the Likewise Security Authority (lsass) local authentication provider. A local attacker could use this to gain elevated privileges.

tags | advisory, local, sql injection
systems | linux, ubuntu
advisories | CVE-2011-2467
MD5 | b063086025f49fbbe59e77d8c28c7ee7
Joomla Appointment Booking Pro Arbitrary File Reading
Posted Jul 20, 2011
Authored by Don Tukulesto | Site indonesiancoder.com

The Joomla Appointment Booking Pro component suffers from an arbitrary file reading vulnerability.

tags | exploit, arbitrary, file inclusion
MD5 | fea3eab5fc878d3e668bf0a075812b59
HTC / Android OBEX FTP Service Directory Traversal
Posted Jul 20, 2011
Authored by Alberto Moreno Tablado

HTC devices running Android versions 2.1 and 2.2 suffer from a directory traversal vulnerability in the OBEX FTP service. Full details provided.

tags | exploit, file inclusion
advisories | CVE-2009-0244
MD5 | 0dc1ecce4c6358d32ab53e8343f3d83c
Joomla! 1.6.5 Cross Site Scripting
Posted Jul 20, 2011
Authored by Aung Khant | Site yehg.net

Joomla! versions 1.6.5 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | cb5b86ae9850caeb34986928e1ff3ee5
Hackers 2 Hackers Conference 2011 Call For Papers
Posted Jul 20, 2011
Site h2hc.com.br

The Hackers 2 Hackers Conference (H2HC) 8th edition call for papers has been announced. It is being held in Sao Paulo, Brazil from October 29th through the 30th, 2011.

tags | paper, conference
MD5 | 1da8a341e3e6ed37af8040597406c5b9
Technical Cyber Security Alert 2011-200A
Posted Jul 20, 2011
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2011-200A - US-CERT is providing this Technical Security Alert in response to recent, well-publicized intrusions into several government and private sector computer networks. Cyber thieves, hacktivists, pranksters, nation-states, and malicious coders for hire all pose serious threats to the security of both government and private sector networks. A comprehensive security program provides the best defense against the full spectrum of threats that our computer networks face today. Network administrators and technical managers should not only follow the recommended security controls information systems outlined in NIST 800-53 but also consider the following measures. These measures include both tactical and strategic mitigations and are intended to enhance existing security programs.

tags | advisory
MD5 | fa31366aa3050c3c7ae2507937356c68
Oracle Sun GlassFish Enterprise Server 2.1.1 Cross Site Scripting
Posted Jul 20, 2011
Site senseofsecurity.com.au

Oracle Sun GlassFish Enterprise Server version 2.1.1 suffers from a cross site scripting vulnerability. Proof of concept code included.

tags | exploit, xss, proof of concept
advisories | CVE-2011-2260
MD5 | 68821146e719825e5efe14743d827327
FreeFloat FTP 1.0 Any Non Implemented Command Buffer Overflow
Posted Jul 20, 2011
Authored by Craig Freyman

FreeFloat FTP version 1.0 any non implemented command buffer overflow exploit.

tags | exploit, overflow
MD5 | 2ae54631644ea4e1d56f08d1dd01bc57
Dow Group SQL Injection
Posted Jul 20, 2011
Authored by Ehsan_Hp200

Dow Group suffers from multiple remote SQL injection vulnerabilities in dynamic.php, news_desc.php, product.php, and solutions.php.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | 5eed95c320f23eccc4036711b7d08dec
Secunia Security Advisory 45326
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Likewise Open, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | e673574c3e3aa0f4b86b98baada9b357
Secunia Security Advisory 45327
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for likewise-open. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
systems | linux, ubuntu
MD5 | 8b42153961af9ddaba930fda36fe05f2
Secunia Security Advisory 45251
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Auto Web Toolbox, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, web, sql injection
MD5 | 30ec03a8993a831afcc517e06ae1423d
Secunia Security Advisory 45297
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.

tags | advisory, denial of service, vulnerability
MD5 | d624710481184074e36310a5908cb64c
Secunia Security Advisory 45321
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System (HRMS), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | 2e478fde2188acfd296249a6d31f9b7d
Secunia Security Advisory 45320
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise Financials and Supply Chain Management (FSCM), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory
MD5 | 33525d925debbf8692c10fd52129f470
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close