exploit the possibilities
Showing 1 - 25 of 31 RSS Feed

Files Date: 2011-11-01

HP Security Bulletin HPSBMU02712 SSRT100649
Posted Nov 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02712 SSRT100649 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.

tags | advisory, web, arbitrary, vulnerability
advisories | CVE-2011-3165, CVE-2011-3166, CVE-2011-3167
MD5 | a12a6763587ca784af768e5c59b7cb66
Singtel 2Wire Hardcoded Password / Cross Site Request Forgery
Posted Nov 1, 2011
Authored by Tan Sze Chuen

The Singtel 2Wire gateway router comes shipped with a hardcoded password that cannot be changed and suffers from a lack of cross site request forgery protection.

tags | exploit, csrf
advisories | CVE-2011-3682
MD5 | ef22ffa5f84452bf7ef1acc9e9440925
Adobe Website Cross Site Scripting
Posted Nov 1, 2011
Authored by Asish Agarwalla

Adobe's website suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d47e99736ef465150991a0760dd56ad5
IBM WebSphere Directory Traversal
Posted Nov 1, 2011
Authored by Digital Defense, r@b13$, sxkeebler, Javier Castro | Site digitaldefense.net

The default installation of the IBM WebSphere Application Server is deployed with a 'help' servlet which is designed to serve supporting documentation for the WebSphere system. When the 'help' servlet processes a URL that contains a reference to a Java plug-in Bundle that is registered with the Eclipse Platform Runtime Environment of the WebSphere Application Server, the 'help' servlet fails to ensure that the submitted URL refers to a file that is both located within the web root of the servlet and is of a type that is allowed to be served. An unauthenticated remote attacker can use this weakness in the 'help' servlet to retrieve arbitrary system files from the host that is running the 'help' servlet. This can be accomplished by submitting a URL which refers to a registered Java plug-in Bundle followed by a relative path to the desired file.

tags | advisory, java, remote, web, arbitrary, root
advisories | CVE-2011-1359
MD5 | bbda60a4066610b477cb344a711398fa
Oracle Hyperion Financial Management Code Execution
Posted Nov 1, 2011
Authored by rgod | Site retrogod.altervista.org

Oracle Hyperion Financial Management suffers from a code execution vulnerability in the TList6 active-x control.

tags | exploit, code execution, activex
MD5 | f2b652a4c61fb020064defd54fcd5737
Mandriva Linux Security Advisory 2011-162
Posted Nov 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-162 - KDE KSSL in kdelibs does not properly handle a NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. An input sanitization flaw was found in the KSSL API. An attacker could supply a specially-crafted SSL certificate to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. The updated packages have been patched to correct these issues.

tags | advisory, web, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-2408, CVE-2009-2702, CVE-2011-3365
MD5 | 4213f00026400b82e246c568f026894f
Gentoo Linux Security Advisory 201111-01
Posted Nov 1, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201111-1 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code and local root privilege escalation. Versions less than 15.0.874.102 are affected.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2345, CVE-2011-2346, CVE-2011-2347, CVE-2011-2348, CVE-2011-2349, CVE-2011-2350, CVE-2011-2351, CVE-2011-2834, CVE-2011-2835, CVE-2011-2837, CVE-2011-2838, CVE-2011-2839, CVE-2011-2840, CVE-2011-2841, CVE-2011-2843, CVE-2011-2844, CVE-2011-2845, CVE-2011-2846, CVE-2011-2847, CVE-2011-2848, CVE-2011-2849, CVE-2011-2850, CVE-2011-2851, CVE-2011-2852, CVE-2011-2853, CVE-2011-2854, CVE-2011-2855, CVE-2011-2856
MD5 | d6e27313f7c19a461d7e1b0d41d6d284
Anatomy Of A Pass Back Attack
Posted Nov 1, 2011
Authored by Deral Heiland, Michael Belton | Site foofus.net

Brief whitepaper discussing how to trick a printer into passing LDAP or SMB credentials back to an attacker in plain text.

tags | paper
MD5 | 8a5033d9c7adfc19759c96133ff7f0ea
The Trash Attack
Posted Nov 1, 2011
Authored by Eric Lazarus, Josh Benaloh

This short paper describes the trash attack which is effective against the majority of fully- verifiable election systems. The paper then offers a simple but counter-intuitive mitigation which can be incorporated within many such schemes to substantially reduce the effectiveness of the attack. This mitigation also offers additional benefits as it significantly improves the statistical properties of existing verifiable systems.

tags | paper
MD5 | 601a2786154b417d984dd536b3e6c1a6
Secunia Security Advisory 46172
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Perl, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, perl, vulnerability
MD5 | b081a1edc2e3ea5a751b7a896921c3cf
Secunia Security Advisory 46213
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in NCSS 2007, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 0ac805295139f4a0d7e22454d1328e7a
Secunia Security Advisory 46192
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | d4adf39b2d50728b8424c58139926c46
Secunia Security Advisory 46648
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fujitsu has acknowledged two vulnerabilities in Interstage HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass certain security restrictions.

tags | advisory, web, denial of service, vulnerability
MD5 | 938ef5666db6857e09c39a8a78ac101c
Secunia Security Advisory 46613
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in eFront, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to bypass certain security restrictions, conduct cross-site scripting and SQL injection attacks, and compromise a vulnerable system.

tags | advisory, vulnerability, xss, sql injection
MD5 | 336e4af72fd1c1c50f7dea32e010be6b
Secunia Security Advisory 46687
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux, fedora
MD5 | 4755da58922d8cadf7d771516a3d3b7e
Secunia Security Advisory 46671
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mr.PaPaRoSSe has discovered a vulnerability in the Simple Balance theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 6ec5a96ace978c96a1fff053f346ed6b
Secunia Security Advisory 46695
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_6_0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, suse
MD5 | 19fccf317f0c474817771145c69208d9
Secunia Security Advisory 46614
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for python-django. This fixes some vulnerabilities, which can be exploited by malicious people to disclose certain system information, manipulate certain data, conduct cache poisoning attacks, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, python
systems | linux, debian
MD5 | ffad227e0415ae8e1ed9b382e59baa77
Secunia Security Advisory 46640
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for tor. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
systems | linux, debian
MD5 | be533cc04febb8d6833c45d47e068f0f
Secunia Security Advisory 46115
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in SonicWALL ViewPoint, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 2cf7b35ce8195c08825d98b536275a51
Secunia Security Advisory 46214
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 169b3d93546a1f2914de8f5c662d01d5
Secunia Security Advisory 46214
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 169b3d93546a1f2914de8f5c662d01d5
Secunia Security Advisory 46665
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - demonalex has discovered a vulnerability in Megatops YaTFTPSvr, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.

tags | advisory
MD5 | 3f10dd15298642bcc6fa7bd04f0db620
Secunia Security Advisory 46625
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CSWorks, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | cf902716d37df56dfd83373d86e806d6
Secunia Security Advisory 46609
Posted Nov 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Squid, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 7c0a1b17ed95d8e794a056934db22814
Page 1 of 2
Back12Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close