what you don't know can hurt you
Showing 1 - 25 of 40 RSS Feed

Files Date: 2012-01-09

Debian Security Advisory 2384-1
Posted Jan 9, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2384-1 - Several vulnerabilities have been discovered in cacti, a graphing tool for monitoring data. Multiple cross site scripting issues allow remote attackers to inject arbitrary web script or HTML. An SQL injection vulnerability allows remote attackers to execute arbitrary SQL commands.

tags | advisory, remote, web, arbitrary, vulnerability, xss, sql injection
systems | linux, debian
advisories | CVE-2010-1644, CVE-2010-1645, CVE-2010-2543, CVE-2010-2545, CVE-2011-4824
MD5 | aca0ed2b190bec8fef2623fd76aa9b08
Red Hat Security Advisory 2012-0006-01
Posted Jan 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0006-01 - This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. All users of java-1.4.2-ibm are advised to upgrade to these updated packages, which contain the IBM Java 1.4.2 SR13-FP11 release. All running instances of IBM Java must be restarted for this update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3389, CVE-2011-3545, CVE-2011-3547, CVE-2011-3548, CVE-2011-3549, CVE-2011-3552, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560
MD5 | a2e7bb2e7d25454c54203b6402cd9e43
HP JetDirect Device Page Directory Traversal
Posted Jan 9, 2012
Authored by Digital Defense, r@b13$, sxkeebler | Site digitaldefense.net

The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root, different from CVE-2008-4419. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques.

tags | advisory, web, arbitrary, root
advisories | CVE-2011-4785
MD5 | 7dfe4ca44a797ab0dafbe716e1150c6c
HP Security Bulletin HPSBPI02733 SSRT100646
Posted Jan 9, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02733 SSRT100646 - A potential security vulnerability has been identified with certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2011-4785
MD5 | 7d25df1bab21f313b8dd11f9bc0e5b09
PHP Vulnerability Hunter 1.2.0.1
Posted Jan 9, 2012
Authored by AutoSec Tools | Site autosectools.com

PHP Vulnerability Hunter is a PHP fuzzing tool that scans for several different vulnerabilities by performing dynamic program analysis. It can detect arbitrary command execution, local file inclusion, arbitrary upload, and several other types of vulnerabilities.

Changes: Added tooltips to GUI, input map report, automatic error reporting, port setting, static analysis phase, and a ton more. Minor CLI tweaks. Code annotation improvements and updated help menu shortcut.
tags | arbitrary, local, php, vulnerability, file inclusion, fuzzer
MD5 | 4ddf92ab837e326d0d39b49b2c6d2aa6
Cisco Template Manager 0.3.2
Posted Jan 9, 2012
Authored by Pavol Krigler | Site gelogic.net

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.

Changes: A new reporting mode called "copy-and-paste". Support has been added for "object-group". ACL counters and checking ACLs defined as symbolic links have been fixed.
tags | tool, intrusion detection
systems | cisco, unix
MD5 | 0a5b0b412b750a4b710118a2166cbd83
Mandos Encrypted File System Unattended Reboot Utility 1.5.2
Posted Jan 9, 2012
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: This release removes the recently added D-Bus signal "se.recompile.Mandos.NewRequest"; its implementation was buggy and its utility questionable.
tags | tool, remote, root
systems | linux, unix
MD5 | ab6ab28cf7523469ca537c452f6636b4
Clip Bucket 2.6 Cross Site Scripting / SQL Injection
Posted Jan 9, 2012
Authored by YaDoY666

Clip Bucket version 2.6 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 2113afe612b8b9e1f6343cf293914d73
Dreambox DM800 Path Traversal
Posted Jan 9, 2012
Authored by Neusbeer

Dreambox DM800 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 3ccbcbaf309a1ca4ffccae6f228d6647
HP Security Bulletin HPSBPI02728 SSRT100692 3
Posted Jan 9, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02728 SSRT100692 3 - A potential security vulnerability has been identified with certain HP printers and HP digital senders. The vulnerability could be exploited remotely to install unauthorized printer firmware. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2011-4161
MD5 | 0ac3b53c75c6d212e7caaf8b435d8ecc
AirTies-4450 Unauthorized Remote Reboot
Posted Jan 9, 2012
Authored by rigan

AirTies-4450 suffers from an unauthorized remote reboot vulnerability.

tags | exploit, remote
MD5 | 0dd344eb4982878d57588b180e89ab0f
Enigma2 Webinterface Remote File Disclosure
Posted Jan 9, 2012
Authored by Todor Donev

Enigma2 Webinterface versions 1.5.x, 1.6.x and 1.7.x suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 2dc760a5eebc64f72ceec6a5012cf877
Paddelberg Topsite Script Insecure Cookie
Posted Jan 9, 2012
Authored by Christian Inci

Paddelberg Topsite Script version 1.2.3 suffers from an authentication bypass vulnerability due to insecure cookie handling.

tags | exploit, bypass, insecure cookie handling
MD5 | de908ed7f1dbdbeea8ae7d06cbc6e4d0
Debian Security Advisory 2383-1
Posted Jan 9, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2383-1 - Robert Luberda discovered a buffer overflow in the syslog logging code of Super, a tool to execute scripts (or other commands) as if they were root. The default Debian configuration is not affected.

tags | advisory, overflow, root
systems | linux, debian
advisories | CVE-2011-2776
MD5 | c80cef52b82fd0f154ca2e994d84fb25
Microsoft Security Bulletin Advance Notification For January 2012
Posted Jan 9, 2012
Site microsoft.com

This is an advance notification of 7 security bulletins that Microsoft is intending to release on January 10, 2012.

tags | advisory
MD5 | 9a14354d0d0eff572ae57a9f1523f821
Gregarius 0.x.x Cross Site Scripting / SQL Injection
Posted Jan 9, 2012
Authored by Sony

Gregarius version 0.x.x suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | f8a076b5e4a2e578f407d5be97a76a9e
Gentoo Linux Security Advisory 201201-03
Posted Jan 9, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-3 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 16.0.912.75 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3903, CVE-2011-3904, CVE-2011-3906, CVE-2011-3907, CVE-2011-3908, CVE-2011-3909, CVE-2011-3910, CVE-2011-3912, CVE-2011-3913, CVE-2011-3914, CVE-2011-3917, CVE-2011-3921, CVE-2011-3922
MD5 | b88eac328a94e212f0cc86fa93c2f2ba
Marinet CMS SQL Injection
Posted Jan 9, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Marinet CMS, which has been reported multiple times for having remote SQL injection vulnerabilities, appears to still suffer from a few more.

tags | exploit, remote, vulnerability, sql injection
MD5 | da4a31eb2a0b160b13a9f61a95568a47
Twoja Witryna CMS SQL Injection
Posted Jan 9, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Twoja Witryna CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 61dae6e6c45c421bf6c0d882f7989357
Luxun CMS SQL Injection
Posted Jan 9, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

Luxun CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3181ba445f584e5697bd07d34d7baf68
AiDesign SQL Injection
Posted Jan 9, 2012
Authored by Farbod Mahini, H4ckCity Security Team | Site h4ckcity.org

AiDesign suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0ef16a3abb954f9cef2ab2c00794f8c4
WordPress Yousaytoo Auto Publishing Cross Site Scripting
Posted Jan 9, 2012
Authored by Am!r, H4ckCity Security Team | Site irist.ir

The WordPress Yousaytoo-auto-publishing plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 25ee6569d99065a79a29e908e83aa9ba
phpMyDirectory 1.3.3 SQL Injection
Posted Jan 9, 2012
Authored by Serseri

phpMyDirectory version 1.3.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d172ceb90132434ca80472c30b48d9f1
Debian Security Advisory 2382-1
Posted Jan 9, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2382-1 - Several problems have been discovered in ecryptfs-utils, a cryptographic filesystem for Linux.

tags | advisory
systems | linux, debian
advisories | CVE-2011-1831, CVE-2011-1832, CVE-2011-1834, CVE-2011-1835, CVE-2011-1837, CVE-2011-3145
MD5 | 011504f3d0d8bbb1a004366861f5b040
OP5 Command Execution / Information Disclosure
Posted Jan 9, 2012
Authored by Peter Osterberg

OP5 suffers from poor session management, credential leakage and multiple remote root command execution vulnerabilities.

tags | exploit, remote, root, vulnerability
advisories | CVE-2012-0261, CVE-2012-0262, CVE-2012-0263, CVE-2012-0264
MD5 | 036e614569d9b74c790e04f95141919d
Page 1 of 2
Back12Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close