Exploit the possiblities
Showing 1 - 25 of 51 RSS Feed

Files Date: 2011-11-17

Ubuntu Security Notice USN-1266-1
Posted Nov 17, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1266-1 - It was discovered that slapd contained an off-by-one error. An authenticated attacker could potentially exploit this by sending a crafted LDIF entry containing an empty postalAddress.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2011-4079
MD5 | 2d9c5c5f57803bc8569e2e974f04f222
webERP 4.05 Cross Site Scripting / SQL Injection
Posted Nov 17, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

webERP version 4.05 suffers from cross site scripting, information disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure
MD5 | 3717f94364b8f563706843db0625bf5e
SAP NetWeaver CTC Authentication Bypass
Posted Nov 17, 2011
Authored by Sh2kerr

SAP NetWeaver suffers from an authentication bypass vulnerability in the CTC service.

tags | advisory, bypass
MD5 | 0e9a25141501eb510fb3d6363372cb2c
Red Hat Security Advisory 2011-1459-01
Posted Nov 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1459-01 - Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind97 are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-4313
MD5 | 111bb4bb6f04dbb41213d923f34b9478
SAP NetWeaver SPML Cross Site Request Forgery
Posted Nov 17, 2011
Authored by Sh2kerr

The SAP NetWeaver SPML service suffers from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | 1004099fbc4c63a617fa5a0c2e4ce23a
Zoho ManageEngine ADSelfService Plus 4.5 Cross Site Scripting
Posted Nov 17, 2011
Authored by James Webb | Site jameswebb.me

Zoho ManageEngine ADSelfService Plus version 4.5 build 4521 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | db3cddbb1332306bf836eea42dc2af51
SAP NetWeaver TH_GREP Command Execution
Posted Nov 17, 2011
Authored by Alexey Tyurin

SAP NetWeaver suffers from a command execution vulnerability in the TH_GREP report.

tags | advisory
MD5 | dc624296159cd3d0ef367185da7019f2
SAP NetWeaver RSTXSCRP Path Traversal
Posted Nov 17, 2011
Authored by Dmitriy Chastuchin

SAP NetWeaver RSTXSCRP Report has a path traversal vulnerability that can lead to an SMB relay attack and full control of the system.

tags | advisory
MD5 | d5eea936a39a0fd1cee77686a79493b5
Mandriva Linux Security Advisory 2011-176-1
Posted Nov 17, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-176 - A vulnerability was discovered and corrected in bind. Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 advisory had a faulty release number effectively preventing installation without excessive force due to a previous packaging mistake. This advisory provides corrected packages to address the problem.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-4313
MD5 | ab1573fbafc136f1ae6fd51fce249565
SAP NetWeaver BW Doc Cross Site Scripting
Posted Nov 17, 2011
Authored by Sh2kerr, Dmitriy Chastuchin

SAP NetWeaver BW DOC metadata suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e6d8a63e9acd6fdb67e93cf42a89e3c9
SAP NetWeaver Virus Scan Cross Site Scripting
Posted Nov 17, 2011
Authored by Dmitriy Evdokimov

The SAP NetWeaver Virus Scan interface suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, virus, xss
MD5 | 2f4ce85660635bae33af1714794d0f9e
SAP GUI BAPI Explorer Cross Site Scripting
Posted Nov 17, 2011
Authored by Dmitriy Chatuchin

SAP GUI BAPI Explorer suffers from a stored cross site scripting vulnerability that can lead to code execution.

tags | advisory, code execution, xss
MD5 | 5cb9c8f4b03e87701e41ea0b9a0097f9
Red Hat Security Advisory 2011-1458
Posted Nov 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1458 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server, a resolver library, and tools for verifying that the DNS server is operating correctly. A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2011-4313
MD5 | f4d7fd7b1868caf92a8da9f56c29ba5f
SAP NetWeaver MI 2 Information Disclosure
Posted Nov 17, 2011
Authored by Sh2kerr

SAP NetWeaver Mobile Engine suffers from an information disclosure vulnerability that discloses version and username information.

tags | advisory, info disclosure
MD5 | 0ac0ae7fe78bed62ae6ecd4196dbc314
SAP NetWeaver ABAP Authorization Bypass / SMBRelay
Posted Nov 17, 2011
Authored by Alexey Sintsov

SAP NetWeaver ABAP suffers from authorization bypass, directory traversal, and SMBRelay vulnerabilities.

tags | advisory, vulnerability
MD5 | 924b503d275cb8007ae227956880e44d
SAP NetWeaver JavaMailExamples Cross Site Scripting
Posted Nov 17, 2011
Authored by Dmitriy Evdokimov

SAP NetWeaver JavaMailExamples suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 25b99d465dc0fed251fa334a89b95ef8
Tiki Wiki CMS Groupware Cross Site Scripting
Posted Nov 17, 2011
Authored by Stefan Schurtz

Tiki Wiki CMS Groupware suffers from multiple cross site scripting vulnerabilities. Versions 7.2 and 8.0 RC1 are affected.

tags | exploit, vulnerability, xss
advisories | CVE-2011-4454, CVE-2011-4455
MD5 | c4ee2779c755ae0d78b003ded62cdc14
HP Security Bulletin HPSBOV02470 SSRT080123 2
Posted Nov 17, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02470 SSRT080123 2 - A potential security vulnerability has been identified with HP OpenVMS TCP/IP Services running SMTP server. The vulnerability could result in a remote Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, remote, denial of service, tcp
advisories | CVE-2011-3169
MD5 | 93aa97a9dc7a9afb3c8f033b982c1020
WordPress Flexible Custom Post Type Cross Site Scripting
Posted Nov 17, 2011
Authored by Am!r | Site irist.ir

The WordPress Flexible Custom Post Type plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ae4bf8d173e04b172db07fde02473d98
PHP Vulnerability Hunter 1.1.4.6
Posted Nov 17, 2011
Authored by AutoSec Tools | Site autosectools.com

PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.

Changes: Added code coverage report. Updated GUI validation. Several instrumentation fixes. Fixed lingering connection issue. Fixed GUI and report viewer crashes related to working directory.
tags | tool, arbitrary, local, php, vulnerability, file inclusion, fuzzer
MD5 | 392085a25f1f990b947853370d539873
V-CMS 1.0 Cross Site Scripting
Posted Nov 17, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in V-CMS version 1.0 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | 1b4bc6deefd42efc1d825c37fda25766
V-CMS 1.0 SQL Injection
Posted Nov 17, 2011
Authored by AutoSec Tools | Site autosectools.com

A SQL injection vulnerability in V-CMS version 1.0 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.

tags | exploit, arbitrary, shell, php, sql injection
MD5 | 227ff1a112b2e271f868947e6f5843e5
V-CMS 1.0 Shell Upload
Posted Nov 17, 2011
Authored by AutoSec Tools | Site autosectools.com

An arbitrary upload vulnerability in V-CMS version 1.0 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.

tags | exploit, arbitrary, shell, php
MD5 | 16fbeae097458ceaf503548c01ac8d6f
Herberlin Bremsserver 3.0 Directory Traversal
Posted Nov 17, 2011
Authored by AutoSec Tools | Site autosectools.com

A directory traversal vulnerability in Herberlin Bremsserver version 3.0 can be exploited to read files outside of the web root.

tags | exploit, web, root
MD5 | 6239926a009b5342021fdfdc46486256
Ubuntu Security Notice USN-1265-1
Posted Nov 17, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1265-1 - Marc Deslauriers discovered that system-config-printer's cupshelpers scripts used by the Ubuntu automatic printer driver download service queried the OpenPrinting database using an insecure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered packages and repositories.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2011-4405
MD5 | 59f59479d1632d1a61f0acf1d05571a1
Page 1 of 3
Back123Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close