exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2011-11-01

HP Security Bulletin HPSBMU02712 SSRT100649
Posted Nov 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02712 SSRT100649 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.

tags | advisory, web, arbitrary, vulnerability
advisories | CVE-2011-3165, CVE-2011-3166, CVE-2011-3167
SHA-256 | 1f7ca5a0ae58a0027c35ec9e374f938ee845b96cf1e71c8adc37d2ab6740c547
Singtel 2Wire Hardcoded Password / Cross Site Request Forgery
Posted Nov 1, 2011
Authored by Tan Sze Chuen

The Singtel 2Wire gateway router comes shipped with a hardcoded password that cannot be changed and suffers from a lack of cross site request forgery protection.

tags | exploit, csrf
advisories | CVE-2011-3682
SHA-256 | eb5b5217e2b643bfb0ab1be7a52fe6d7c9ec87512e821b9d6da3c54b7ae5e770
Adobe Website Cross Site Scripting
Posted Nov 1, 2011
Authored by Asish Agarwalla

Adobe's website suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a15e31e441f46bf0f587e8ef98a6abd95fb8ad45240f72445ae18c71de864ae7
IBM WebSphere Directory Traversal
Posted Nov 1, 2011
Authored by Digital Defense, r@b13$, sxkeebler, Javier Castro | Site digitaldefense.net

The default installation of the IBM WebSphere Application Server is deployed with a 'help' servlet which is designed to serve supporting documentation for the WebSphere system. When the 'help' servlet processes a URL that contains a reference to a Java plug-in Bundle that is registered with the Eclipse Platform Runtime Environment of the WebSphere Application Server, the 'help' servlet fails to ensure that the submitted URL refers to a file that is both located within the web root of the servlet and is of a type that is allowed to be served. An unauthenticated remote attacker can use this weakness in the 'help' servlet to retrieve arbitrary system files from the host that is running the 'help' servlet. This can be accomplished by submitting a URL which refers to a registered Java plug-in Bundle followed by a relative path to the desired file.

tags | advisory, java, remote, web, arbitrary, root
advisories | CVE-2011-1359
SHA-256 | 4adf33603b356ff3b73d86dd885c7fef8b16304d70e5775f89788b5d0609f5d3
Oracle Hyperion Financial Management Code Execution
Posted Nov 1, 2011
Authored by rgod | Site retrogod.altervista.org

Oracle Hyperion Financial Management suffers from a code execution vulnerability in the TList6 active-x control.

tags | exploit, code execution, activex
SHA-256 | a59b5e3567a781774f959f2ec3772f48798978127e2d4cbe4bbc80b6256ae281
Mandriva Linux Security Advisory 2011-162
Posted Nov 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-162 - KDE KSSL in kdelibs does not properly handle a NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. An input sanitization flaw was found in the KSSL API. An attacker could supply a specially-crafted SSL certificate to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. The updated packages have been patched to correct these issues.

tags | advisory, web, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-2408, CVE-2009-2702, CVE-2011-3365
SHA-256 | 0b381d0e6a6306be9feffb69a83c5e196277a065e827c68c9a869e6303be4f3d
Gentoo Linux Security Advisory 201111-01
Posted Nov 1, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201111-1 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation. Versions less than 15.0.874.102 are affected.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2345, CVE-2011-2346, CVE-2011-2347, CVE-2011-2348, CVE-2011-2349, CVE-2011-2350, CVE-2011-2351, CVE-2011-2834, CVE-2011-2835, CVE-2011-2837, CVE-2011-2838, CVE-2011-2839, CVE-2011-2840, CVE-2011-2841, CVE-2011-2843, CVE-2011-2844, CVE-2011-2845, CVE-2011-2846, CVE-2011-2847, CVE-2011-2848, CVE-2011-2849, CVE-2011-2850, CVE-2011-2851, CVE-2011-2852, CVE-2011-2853, CVE-2011-2854, CVE-2011-2855, CVE-2011-2856
SHA-256 | d303259343f4bc608387ad0a73a5b97a0c89d328efa5bd9344965626cc554353
Anatomy Of A Pass Back Attack
Posted Nov 1, 2011
Authored by Deral Heiland, Michael Belton | Site foofus.net

Brief whitepaper discussing how to trick a printer into passing LDAP or SMB credentials back to an attacker in plain text.

tags | paper
SHA-256 | 4c1967b52b737e8378e0591046c4fbeb02462547b019cb3d9e260b1c5939d804
The Trash Attack
Posted Nov 1, 2011
Authored by Eric Lazarus, Josh Benaloh

This short paper describes the trash attack which is effective against the majority of fully- verifiable election systems. The paper then offers a simple but counter-intuitive mitigation which can be incorporated within many such schemes to substantially reduce the effectiveness of the attack. This mitigation also offers additional benefits as it significantly improves the statistical properties of existing verifiable systems.

tags | paper
SHA-256 | f3dc29a3800369867d6dbd3254907d55b91b54e054a74c5975d588767adce42e
Secunia Security Advisory 46172
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Perl, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, perl, vulnerability
SHA-256 | 0cdfb98a84e6107b0a6581d281232bd89275d8e18ba0a30f8d97d7f662ea71e5
Secunia Security Advisory 46213
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in NCSS 2007, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | bc4052b3a46b21e077d7667e139b22d81163063f4872824553306b97570e1142
Secunia Security Advisory 46192
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 4b17da2cb197437b490e71cad79cc67e46f70701ca98878bab19e19993c387e5
Secunia Security Advisory 46648
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fujitsu has acknowledged two vulnerabilities in Interstage HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass certain security restrictions.

tags | advisory, web, denial of service, vulnerability
SHA-256 | c155b0939e8b2756322b7ff2e33be518dc96a9b0d634486571356ed0475bf9a0
Secunia Security Advisory 46613
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in eFront, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to bypass certain security restrictions, conduct cross-site scripting and SQL injection attacks, and compromise a vulnerable system.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | f80c3c0994d239cceb395a6cdb5ac6d4818bad49fa17c8c3e9a0935975a4e08d
Secunia Security Advisory 46687
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux, fedora
SHA-256 | 2b4a2492368a5cce5c69b6ff535c64ad7add587df2f25ea9c1baf11d324fcb0f
Secunia Security Advisory 46671
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mr.PaPaRoSSe has discovered a vulnerability in the Simple Balance theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 274d9adf8a0bfceb275fc8ef2410fd498ed9fcb43715c77ce8d8f9ccf17171cc
Secunia Security Advisory 46695
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_6_0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, suse
SHA-256 | 478a309dd5479b62512d0ce2bc22dcd3ba7758af23dfa33f448a5f06f15b6982
Secunia Security Advisory 46614
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for python-django. This fixes some vulnerabilities, which can be exploited by malicious people to disclose certain system information, manipulate certain data, conduct cache poisoning attacks, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, python
systems | linux, debian
SHA-256 | fc21dab2e465f35e889f38f1a6c4f602975855e2cadfe7945165f5c4bea5c7bb
Secunia Security Advisory 46640
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for tor. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
systems | linux, debian
SHA-256 | 17c4cce78d049b3487987b5f6379608430ce7e71dcb6a3304134105912c69457
Secunia Security Advisory 46115
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in SonicWALL ViewPoint, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | bdb27c8521da7f1b68f026ee292cf9fed815a86aaa9794dc5c269a396c413137
Secunia Security Advisory 46214
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | a4c309ba8c24ef17de27c6496794d7379f8dbaad602918ea64b3edada530d7ad
Secunia Security Advisory 46214
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | a4c309ba8c24ef17de27c6496794d7379f8dbaad602918ea64b3edada530d7ad
Secunia Security Advisory 46665
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - demonalex has discovered a vulnerability in Megatops YaTFTPSvr, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.

tags | advisory
SHA-256 | 164e5b762ce8d81425193c16ad6904d59adb166ba3a852f03a93be3d76ebb414
Secunia Security Advisory 46625
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CSWorks, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 15536964e10c7902ee142af82bea84d53495fde072f472b1da36bc128d03ead8
Secunia Security Advisory 46609
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 87dcbd57f51d620e49ad945e298dfd988c4cd86f32ba4351cd79dbfe641465f4
Page 1 of 2
Back12Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close