Exploit the possiblities
Showing 1 - 25 of 33 RSS Feed

Files Date: 2011-07-28

HP Security Bulletin HPSBMU02692 SSRT100581 2
Posted Jul 28, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02692 SSRT100581 2 - Potential security vulnerabilities have been identified with HP SiteScope. These vulnerabilities could be exploited remotely to allow cross site scripting (XSS) and session fixation attacks. Revision 2 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2011-2400, CVE-2011-2401
MD5 | cfd209b7e56befb247042d54defc6981
Gopal Systems SQL Injection
Posted Jul 28, 2011
Authored by Ehsan_Hp200

Gopal Systems suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f284b0a047a9f26ff61a3dd023df749b
MinaliC Webserver Cross Site Scripting
Posted Jul 28, 2011
Authored by Zer0 Thunder

MinaliC Webserver suffers from a cross site scripting vulnerability in the generated 404 page.

tags | exploit, xss
MD5 | 147910b9a0a489270ee46d3a99f138ed
Zero Day Initiative Advisory 11-243
Posted Jul 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-243 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit as utilized by either Apple Safari, or Google's Chrome browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the library handles implicitly defined styles. When processing a specific case for a style, the application will dispatch an event. During this dispatch, code can be executed that can be used to manipulate the DOM tree causing a type-switch. This type-switch can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0232
MD5 | ade11551bec5661e1b0afea7d690cded
Ubuntu Security Notice USN-1178-1
Posted Jul 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1178-1 - Omair Majid discovered that an unsigned Web Start application or applet could determine the path to the cache directory used to store downloaded class and jar files by querying class loader properties. This could allow a remote attacker to discover a user's name and home directory path. Omair Majid discovered that an unsigned Web Start application could manipulate the content of the security warning dialog message to show different file names in prompts. This could allow a remote attacker to confuse a user into granting access to a different file than they believe they are granting access to. This issue only affected Ubuntu 11.04. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2011-2513, CVE-2011-2514
MD5 | 228285a0fb54372ae5f9b9d222d667f6
Firewall Builder With GUI 5.0.0.3568
Posted Jul 28, 2011
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This release includes multiple GUI enhancements and improved support for large configurations with new features like user defined subfolders, keywords for tagging objects, dynamic groups with smart filters, and more. Other new features include support for importing PF configuration files and a new object type called Attached Networks, which represents the list of networks connected to a network interface.
tags | tool, firewall
systems | cisco, linux, unix, openbsd
MD5 | 0324edab10329dde029953d646aa8dad
Mandos Encrypted File System Unattended Reboot Utility 1.3.1
Posted Jul 28, 2011
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: The client retries all Mandos servers found indefinitely.
tags | remote, root
systems | linux, unix
MD5 | c0a4f4f3993179c04dde4aa9e695dc69
Zero Day Initiative Advisory 11-242
Posted Jul 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-242 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application frees references from a particular element. When freeing these references, the application will fail to remove the reference from the rendering object. Later upon trying to free the element again, the application will access the freed reference which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0255
MD5 | 87b31285c55a8404148e0e64d3efc034
Oracle Enterprise Manager metricDetail$type Cross Site Scripting
Posted Jul 28, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Grid Control versions 10.1.0.6, 10.2.0.5 and Oracle Enterprise Manager control included in Oracle Database versions 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 suffer from a cross site scripting vulnerability in metricDetail$type page.

tags | advisory, xss
advisories | CVE-2011-0876, CVE-2011-0879
MD5 | 36663f9f5df75d6e616046b0ab069b17
Oracle Enterprise Manager Sitemap Cross Site Scripting
Posted Jul 28, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Grid Control versions 10.1.0.6 and Oracle Enterprise Manager control included in Oracle Database versions 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7 suffer from a cross site scripting vulnerability in the sitemap page.

tags | advisory, xss
advisories | CVE-2011-0877, CVE-2011-0881
MD5 | 074b382d93e1031d93862e8ee423f22d
Oracle Enterprise Manager notifRuleInfo$mode Cross Site Scripting
Posted Jul 28, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Grid Control versions 10.1.0.6 and Oracle Enterprise Manager control included in Oracle Database versions 10.1.0.5, 10.2.0.3, and 10.2.0.4 suffer from a cross site scripting vulnerability in the notifRuleInfo$mode page.

tags | advisory, xss
advisories | CVE-2011-0830
MD5 | 2cd1a5640d61e5bd0047d892e7e2491d
Oracle Enterprise Manager Cross Site Request Forgery
Posted Jul 28, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Enterprise Manager Grid Control versions 10.1.0.6, 10.2.0.5, 11.1.0.1 and Oracle Enterprise Manager control included in Oracle Database versions 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 suffer from a cross site request forgery.

tags | advisory, csrf
advisories | CVE-2011-0822, CVE-2011-0845, CVE-2011-0848, CVE-2011-0852, CVE-2011-0870, CVE-2011-2257
MD5 | bd8293c27bf37bfe376792bf31670766
PHPJunkyard 1.3 Open Redirect
Posted Jul 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

PHPJunkyard 1.3 suffers from an open redirection vulnerability.

tags | exploit
MD5 | c52d2c937d43cf5c7ffbddf4605c164f
GBook PHP Guestbook 1.7 Cross Site Scripting
Posted Jul 28, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

GBook PHP Guestbook version 1.7 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
MD5 | 84c289e39dab332e238116f07388abcd
Cisco SQL Injection / Privilege Escalation
Posted Jul 28, 2011
Authored by Michal Sajdak | Site securitum.pl

Cisco suffers from privilege escalation and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
systems | cisco
MD5 | f88d58241683c03e75fafbc800b16374
Secunia Security Advisory 45381
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - NetBSD has issued an update for bind. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | netbsd
MD5 | 49418c163650b45f0f4f89d0ae41cf7a
EMC Data Protection Advisor Information Disclosure
Posted Jul 28, 2011
Site emc.com

A vulnerability exists in EMC Data Protection Advisor versions prior to 5.8.1 in which sensitive information may be exposed in clear text in the configuration file.

tags | advisory
advisories | CVE-2011-1742
MD5 | 09193ef5e832e434788c1f7e6e404af5
Secunia Security Advisory 45377
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two security issues have been reported in SystemTap, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | 9ab26e571f523b995f1a09521a19304f
Secunia Security Advisory 45443
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in EMC Data Protection Advisor, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
MD5 | 5c77a0d0d6973a35a24bcbacdc12f5b5
Secunia Security Advisory 45452
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in EMC Captiva eInput, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

tags | advisory, vulnerability, xss
MD5 | 04a83a924a60739668cc5912d96b01ff
Secunia Security Advisory 45449
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for freetype2. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
MD5 | 6d4d3aae1ad5e648197577248edf9025
Secunia Security Advisory 45440
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP SiteScope, which can be exploited by malicious people to conduct cross-site scripting and session fixation attacks.

tags | advisory, vulnerability, xss
MD5 | 5692d541aef2a237a42fd16250a39070
Secunia Security Advisory 45448
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opie. This fixes two vulnerabilities, which can be exploited by malicious, local users to potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
MD5 | a01c79913ba6e759bb954f48622f90ae
Secunia Security Advisory 45409
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for compat-openssl097g. This fixes multiple vulnerabilities, where one has unknown impacts and others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and cause a DoS (Denial of Service).

tags | advisory, denial of service, spoof, vulnerability
systems | linux, suse
MD5 | 2a4feb88ccbcf42526a6309c7d77333e
Secunia Security Advisory 45418
Posted Jul 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in MinaliC, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 9b846d75c9214040dc799c1e9ab578c3
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close