what you don't know can hurt you
Showing 1 - 25 of 28 RSS Feed

Files Date: 2012-06-26

Zend Framework XXE Injection
Posted Jun 26, 2012
Authored by Kestutis Gudinavicius | Site sec-consult.com

Zend Framework versions 1.11.11, 1.12.0 RC1, and 2.0.0 beta4 suffer from remote file disclosure via an XXE injection vulnerability.

tags | exploit, remote, xxe
SHA-256 | c3bbf3eadcb973470c3821625d1d343feeac92ba6e51810c867cb80422569cac
IMCE Mkdir Shell Upload
Posted Jun 26, 2012
Authored by Ryuzaki Lawlet

IMCE Mkdir suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | e4862ad1c8229486e151ffef5d58a420b118ab778afbcf8bf5ccae86186955b0
DigPHP Remote File Disclosure
Posted Jun 26, 2012
Authored by Ryuzaki Lawlet

DigPHP, the web based file browser, suffers from a remote file disclosure vulnerability.

tags | exploit, remote, web, info disclosure
SHA-256 | 137ed2183213444ec50bf2684d013c77e6db58c57e7fbdb23e6d44bacd5f9f38
WordPress Website FAQ 1.0 SQL Injection
Posted Jun 26, 2012
Authored by Chris Kellum

WordPress Website FAQ plugin version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 194080a9c6d560ac3dd0cf6014d77cc563bfbf371d95c99fbee6c22e24ceed4e
Dove Forums 1.0.3 Cross Site Request Forgery
Posted Jun 26, 2012
Authored by Ashiyane Digital Security Team

Dove Forums version 1.0.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 03a69411efa7ea797c72c3c1d9d50aec88ce945f381905f67ca1dae3d0077606
HP Security Bulletin HPSBMU02792 SSRT100820 2
Posted Jun 26, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02792 SSRT100820 2 - A potential security vulnerability has been identified with HP Business Service Management (BSM) . The vulnerability could be remotely exploited to allow unauthorized disclosure of information, unauthorized modification, and Denial of Service (DoS) Revision 2 of this advisory.

tags | advisory, denial of service
advisories | CVE-2012-2561
SHA-256 | 02ada30c5b2b25138587bce2855554d1cb43092030ae3f9bb9451f0ed3b6029c
OpenLimit Reader Vulnerable Components
Posted Jun 26, 2012
Authored by Stefan Kanthak

OpenLimit reader, an application aimed to provide security by validating X.509 signatures and signing PDFs inside Adobe Reader, contains completely outdated, superfluous and vulnerable components, which comprise 40% of the whole installation package.

tags | advisory
SHA-256 | 4cc2e247a5f3aaa21b4f53170afeda08847ab6f3934f5cbbdf9af600f6da8c02
Slackware Security Advisory - Freetype Updates
Posted Jun 26, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New freetype packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-1126, CVE-2012-1144
SHA-256 | 41cb6e0675fc04dd566d6c6376f8c6fa71e90af8d43606c5430c148c6702b020
Red Hat Security Advisory 2012-1041-01
Posted Jun 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1041-01 - Red Hat Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way Red Hat Directory Server handled password changes. If an LDAP user had changed their password, and the directory server had not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password via the "unhashed#user#password" attribute. It was found that when the password for an LDAP user was changed, and audit logging was enabled, the new password was written to the audit log in plain text form. This update introduces a new configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which when set to "on", prevents Red Hat Directory Server from writing plain text passwords to the audit log. This option can be configured in "/etc/dirsrv/slapd-[ID]/dse.ldif".

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-2678, CVE-2012-2746
SHA-256 | 02001d1e71ee84e1ac827dd563294cf7f71f0d1e542e4d2379a601515d3d2c88
Red Hat Security Advisory 2012-1043-01
Posted Jun 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2149
SHA-256 | e23252ae448c1a44a7f03eeeafc940ab7c8d750681fe5a9dbffb9731f0bfe7c1
Red Hat Security Advisory 2012-1042-01
Posted Jun 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1042-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. It was found that the kvm_vm_ioctl_assign_device() function in the KVM subsystem of a Linux kernel did not check if the user requesting device assignment was privileged or not. A local, unprivileged user on the host could assign unused PCI devices, or even devices that were in use and whose resources were not properly claimed by the respective drivers, which could result in the host crashing.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2011-4347, CVE-2012-0038, CVE-2012-0044, CVE-2012-1097, CVE-2012-1179
SHA-256 | 40cee47ca38fd36212e40e2fc4e2a93d9ca6eec1d81c1a7cbc0f4200899d8b20
Secunia Security Advisory 49665
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SEC Consult has reported a vulnerability in Zend Framework, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | f4599f9fbc1c8138c26b70bb8b8f2a39bee051ef689b31973dd31abcdb907d75
Secunia Security Advisory 49717
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for postgresql and postgresql84. This fixes a weakness, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
systems | linux, redhat
SHA-256 | de8d3cad81f77cdaa5b68ba7f61935e32af28f8771201960e2a4790449adbe53
Secunia Security Advisory 49617
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sense of Security has reported multiple vulnerabilities in Squiz Matrix, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

tags | advisory, vulnerability, xss
SHA-256 | f7464bd473216b5acea9d5fc7715ef19e6de04eb18ffa6e7aed4f19a3e0d2eff
Secunia Security Advisory 49557
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Support Tickets MyTickets, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | edb65b1bfb040891e601d335ffe29552ae2aa23ae6031499d53fd544ef9ff755
Secunia Security Advisory 49685
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gitsnik has discovered a vulnerability in SoftPerfect Bandwidth Manager, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | b37fea7757d55b4644158b61b201ed2a45b2ac680e329f4b0ab07affdbf64f8e
Secunia Security Advisory 49675
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WaveMaker, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | bd8c21e8722676aee7a75f88abd5e3588a2eba7231b60d82adffec3412b17207
Secunia Security Advisory 49643
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IMP Webmail Client, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | d6b422fac87fe944fbc538345e9ab3bb1bca256c4c1d0536404c375c0847fac0
Secunia Security Advisory 49718
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for postgresql. This fixes a weakness, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
systems | linux, redhat
SHA-256 | 99cf12afeff86c25c43717ed1dc99a25f6d8aec46965cfff9585431fc34abec2
Secunia Security Advisory 49712
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, gentoo
SHA-256 | f454376bff4abe4b3ac28fc0704c0d88d4fb3261ddb8276fd49a82e789abd5e8
Secunia Security Advisory 49713
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for mount-cifs. This fixes a weakness and a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, and potentially gain escalated privileges.

tags | advisory, denial of service, local
systems | linux, gentoo
SHA-256 | 403952ee0a7472ecf3e7a3a4b33b7519891d865239f22825b18b282c5adc8129
Secunia Security Advisory 49714
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for texlive-core. This fixes multiple vulnerabilities, which can potentially be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
SHA-256 | d3088ac468e5810ed3cee612f44196ea8800cded805cc3226be9a42f2778928b
Secunia Security Advisory 49697
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for logrotate. This fixes some security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges.

tags | advisory, denial of service, local
systems | linux, gentoo
SHA-256 | 023ec0b3f6fdf86937c131c61d66d400e5bb9cbcabb45a387f66dfcdab1da98f
Secunia Security Advisory 49049
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache Roller, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 01856174b1dcf04423c8e4deaf524aed773ff87a20f9779011b6cdccad323169
Secunia Security Advisory 49680
Posted Jun 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for rpm. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to bypass certain access restrictions and gain escalated privileges and by malicious people to manipulate certain data and compromise a user's system.

tags | advisory, local, vulnerability
systems | linux, gentoo
SHA-256 | fcace556e6484d062355dc826185233a8203995cf7f1467961e00ce7c98a059f
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close