what you don't know can hurt you
Showing 1 - 25 of 39 RSS Feed

Files Date: 2012-01-13

Secunia Security Advisory 47122
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a weakness in HP PKI ActiveX control, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, activex
MD5 | 99db8fbeef1228a24bcf15baabfcf122
Secunia Security Advisory 47527
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in w-CMS, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss
MD5 | 0c529a9737a752b201e555f4ff021ca0
Secunia Security Advisory 47507
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Blue Coat has acknowledged multiple weaknesses, security issues and vulnerabilities in Blue Coat IntelligenceCenter, which can be exploited by malicious, local users to disclose sensitive information and bypass certain security restrictions, by malicious users to disclose sensitive information, bypass certain security restrictions, manipulate certain data, gain escalated privileges, cause a DoS (Denial of Service), and compromise a vulnerable system, and by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, spoof, vulnerability, xss
MD5 | 2e02f8bb37699b7fe63237502e7d2d4f
Secunia Security Advisory 47522
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Rational License Key Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 1b48540469cd16ee98339ccd1676be02
Secunia Security Advisory 47524
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Telelogic License Server and IBM Rational License Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 67c60d961ffad3b6c95d8e3f920bb3e7
Secunia Security Advisory 45852
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | eac16ef304e8244781266c6afb291c1e
Secunia Security Advisory 47539
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for php53 and php. This fixes two vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).

tags | advisory, denial of service, php, vulnerability
systems | linux, redhat
MD5 | 7e27041c6bd829e0015978b5bf40deff
Secunia Security Advisory 47440
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in @Mail Server, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 4787282ff16e533ac81d5b0e94e86c64
Secunia Security Advisory 47542
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-maverick. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
MD5 | e57d1553e3c9a7ce14af9589499f6905
Secunia Security Advisory 47568
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes one vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
MD5 | 6e272dba69d18f3738304b0b2be09233
Secunia Security Advisory 47573
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes one weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
MD5 | d901487cbfa6bf57092c2016c40ad67e
Secunia Security Advisory 47570
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
MD5 | 04cdcf738e3994dc8b89cbd477114cb6
Secunia Security Advisory 47518
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | cda660d7a242d66b82d2f25dffcfec07
Secunia Security Advisory 47562
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 5eaf359f37a82d2bcb9b948cb7cd6fc2
Secunia Security Advisory 47529
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Count Per Day plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
MD5 | f9adc4332d94e0a04783b861697c3a6f
Secunia Security Advisory 47572
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library.

tags | advisory, vulnerability
systems | linux, suse
MD5 | c8767f981239710f43456f284d6c870a
Secunia Security Advisory 47546
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the HD Video Share component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 0df84009d7354940248ffcc921db5357
Zero Day Initiative Advisory 12-016
Posted Jan 13, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-016 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Diagnostics server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the HP Diagnostics server handles incoming packets with 0x00000000 as the first 32-bit value. The magentservice.exe process listens on port 23472 by default. It will eventually take that first dword, decrease it by one and use it as a size value to copy data into a stack buffer. The resulting stack-based buffer overflow can result in remote code execution under the system user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-4789
MD5 | 9bf396821847a21563fc931859e050be
Zero Day Initiative Advisory 12-015
Posted Jan 13, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-015 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP MSA 2000 G3. Authentication is not required to exploit this vulnerability. The specific flaws exists within the web interface listening on TCP port 80. There exists a directory traversal flaw that can allow a remote attacker to view any file on the system by simply specifying it in the default URI. Additionally, the password file contains a default login that can be used to authenticate to the device. This can be leveraged by a remote attacker to perform any tasks an administrator is able to.

tags | advisory, remote, web, arbitrary, tcp
advisories | CVE-2011-4788
MD5 | 31e1a68e6e9acd3382e88a53dfd8ab17
Security Implications Of IPv6 Extensions Headers With Neighbor Discovery Rev 2
Posted Jan 13, 2012
Authored by Fernando Gont | Site ietf.org

IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.

tags | paper, local
MD5 | bddd807b8490984a05656623cd777ccd
MailEnable Webmail Cross Site Scripting
Posted Jan 13, 2012
Authored by Narendra Shinde, Sajjad Pourali, Shahab NamaziKhah

MailEnable Professional and Enterprise versions are prone to cross site scripting vulnerabilities as the user-supplied input received via the "Username" parameter of the "ForgottonPassword.aspx" page is not properly sanitized. Versions 4.2.6 and below, 5.52 and below and 6.02 and below are affected.

tags | exploit, vulnerability, xss
advisories | CVE-2012-0389
MD5 | 15429f98b1c54346186a220bdd5bb75f
Mandriva Linux Security Advisory 2012-004
Posted Jan 13, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-004 - Multiple vulnerabilities has been found and corrected in t1lib. A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input stream. A remote attacker could provide a DVI file, with embedded specially-crafted font file, and trick the local user to open it with an application using the AFM font parser, leading to that particular application crash or, potentially, arbitrary code execution with the privileges of the user running the application. Various other issues were also addressed.

tags | advisory, remote, overflow, arbitrary, local, vulnerability, code execution
systems | linux, mandriva
advisories | CVE-2011-0433, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554
MD5 | f4d6c3cb08dde11fdb1306e368d59d26
Zero Day Initiative Advisory 12-014
Posted Jan 13, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2011-4787
MD5 | d1f3b59832903bc0bc3be958f66f68ab
HashCollision PHP Denial Of Service Proof Of Concept 5.0
Posted Jan 13, 2012
Authored by FireFart

HashCollision denial of service proof of concept exploit written in Python. It generates the payload on the fly and sends it to the server.

Changes: Allow definition of max payload size as a parameter.
tags | exploit, denial of service, proof of concept, python
advisories | CVE-2011-4885
MD5 | 005862b9f48d4aeccfbafbfa328962a4
YABSoft Advanced Image Hosting Script SQL Injection
Posted Jan 13, 2012
Authored by Robert Cooper

YABSoft Advanced Image Hosting Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a431997007347cacdade8769524eee31
Page 1 of 2
Back12Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    1 Files
  • 24
    Jan 24th
    1 Files
  • 25
    Jan 25th
    36 Files
  • 26
    Jan 26th
    26 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close