what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2012-07-09

AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution
Posted Jul 9, 2012
Authored by rgod, juan | Site metasploit.com

This Metasploit module exploits a vulnerability in AdminStudio LaunchHelp.dll ActiveX control. The LaunchProcess function found in LaunchHelp.HelpLauncher.1 allows remote attackers to run arbitrary commands on the victim machine. This Metasploit module has been successfully tested with the ActiveX installed with AdminStudio 9.5, which also comes with Novell ZENworks Configuration Management 10 SP2, on IE 6 and IE 8 over Windows XP SP 3.

tags | exploit, remote, arbitrary, activex
systems | windows
advisories | CVE-2011-2657, OSVDB-76700
SHA-256 | 56cf9879c132897ee3261274e09284b0d6081bb9dd195db9cee39698cd90dbba
Red Hat Security Advisory 2012-1060-01
Posted Jul 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1060-01 - Cobbler is a network install server. Cobbler supports PXE, virtualized installs, and re-installing existing Linux machines. A command injection flaw was found in Cobbler's power management XML-RPC method. A remote, authenticated user who is permitted to perform Cobbler configuration changes via the Cobbler XML-RPC API, could use this flaw to execute arbitrary code with root privileges on the Red Hat Network Satellite server. Note: Red Hat Network Satellite uses a special user account to configure Cobbler. By default, only this account is permitted to perform Cobbler configuration changes, and the credentials for the account are only accessible to the Satellite host's administrator. As such, this issue only affected environments where the administrator allowed other users to make Cobbler configuration changes.

tags | advisory, remote, arbitrary, root
systems | linux, redhat
advisories | CVE-2012-2395
SHA-256 | a117798edbaaae98d35e372b2a965c0e26a3e98bfd81b95555118ca270a44f0b
Ubuntu Security Notice USN-1500-1
Posted Jul 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1500-1 - Evgeny Boger discovered that Pidgin incorrectly handled buddy list messages in the AIM and ICQ protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Thijs Alkemade discovered that Pidgin incorrectly handled malformed voice and video chat requests in the XMPP protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2011-4601, CVE-2011-4602, CVE-2011-4603, CVE-2011-4922, CVE-2011-4939, CVE-2012-1178, CVE-2012-2214, CVE-2012-2318, CVE-2012-3374, CVE-2011-4601, CVE-2011-4602, CVE-2011-4603, CVE-2011-4922, CVE-2011-4939, CVE-2012-1178, CVE-2012-2214, CVE-2012-2318, CVE-2012-3374
SHA-256 | a749885c45d3ed6a82077ecb3953f73e5275c512532f5583f18a44f27c49d270
Digiport SQL Injection
Posted Jul 9, 2012
Authored by POLTERGEISTH4CKER

Sites Powered By Digiport suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 162213ce8b7d9c21d4ee2301ef28dcb48f33a779dc35b49777cdab90e35a2068
phpList 2.10.18 Cross Site Scripting
Posted Jul 9, 2012
Authored by HTTPCS

phpList version 2.18.18 suffers from a cross site scripting vulnerability in the footer parameter.

tags | exploit, xss
SHA-256 | d88c6d1b0a7c8325ece488da854263c58fdf90fb6de27527ef41828a6b73db2d
Flogr 1.7 Cross Site Scripting
Posted Jul 9, 2012
Authored by Nafsh

Flogr version 1.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9797ee9f4c0b62070aefef551e7d26994a1a9a51793c28e57deb42b5f2aa72f0
Debian Security Advisory 2509-1
Posted Jul 9, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2509-1 - Ulf Harnhammar found a buffer overflow in Pidgin, a multi protocol instant messaging client. The vulnerability can be exploited by an incoming message in the MXit protocol plugin. A remote attacker may cause a crash, and in some circumstances can lead to remote code execution.

tags | advisory, remote, overflow, code execution, protocol
systems | linux, debian
advisories | CVE-2012-3374
SHA-256 | 34f459309c2d1dcbc50629b0c7d27153a6e3700d8fdab0296501357511e10da3
Ubuntu Security Notice USN-1499-1
Posted Jul 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1499-1 - A flaw was discovered in the Linux kernel's NFSv4 (Network file system) handling of ACLs (access control lists). A remote NFS server (attacker) could cause a denial of service (OOPS).

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2012-2375
SHA-256 | ef05151a339827bd665036be138d551449abec4cd1acf946dbcc634acafed160
Python Untrusted Search Path / Code Execution
Posted Jul 9, 2012
Authored by rogueclown

Python versions 2.7.2 and 3.2.1 suffer from an untrusted search path / code execution vulnerability.

tags | exploit, code execution, python
SHA-256 | 98e93731fcf6d0dd24fe05de218155cf894de44ce86ced09013024c3b4ecb0ac
digiGALLERY SQL Injection
Posted Jul 9, 2012
Authored by POLTERGEISTH4CKER

digiGALLERY as distributed by Digiport suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 0fd126d60ac9091073e88bbb5d53c666d9e536804446a23513fec1c1053157c0
Secunia Security Advisory 49845
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Leaflet Maps Marker, which can be exploited by malicious users to conduct SQL injection and script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | c31fd60f7b3b86c9b1c8fe019be1b06e5ee8b85a096d14cffe152f59cdf6e934
Secunia Security Advisory 49835
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 826805e88738f80b5814689653860c9ae700a8441eaa01a55954633a371572bb
Secunia Security Advisory 49829
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hitachi has acknowledged a vulnerability in Hitachi IT Operations Analyzer, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | f41915f00a8270e10966603ead09bedd7362a4dd87ac0e6894e93da0fb3a36c9
Secunia Security Advisory 49804
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered multiple vulnerabilities in MGB, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 5846214742426d4a659785f06deafc135309f463e644cede36d1c2d08cdfb915
Secunia Security Advisory 49848
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Artiss Code Embed plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | a5c5d8b71d05b7482579ebe6281dae278a91d23a5e06327523dae5ab37a37f2f
Secunia Security Advisory 49801
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Netsweeper, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
SHA-256 | b235507113b5f26310aca20e936c827974c9b400a183efb7b4c429153d635108
Secunia Security Advisory 49840
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache Sling, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 91010b5ff590244643a68e32676e6d2eee5f6ea60ec9ca154c924c3ead7b5178
Secunia Security Advisory 49812
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in eZ Publish, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | d7e0fcaa97e6617ac3dde783a2d7d482d40b13f1225bf6fd9b7421176f0d6acd
Secunia Security Advisory 49687
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has reported a vulnerability in the Flip Book plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | e614bfc8773848db2f50dd9f4717c3a6b36a6f5a7a4fd4cfaca2ea03f356f82e
Secunia Security Advisory 49838
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mono, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 8ae7aaa6db903a274990cbbf815833994386c80064c9b1d1e3d9248413cba0e9
Secunia Security Advisory 49855
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 8a1255757f651dd5f4b8c93e7d95f2d598843210aa0ffd2dd453601e5f3b8f38
Secunia Security Advisory 49852
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a weakness in Avaya Products, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
SHA-256 | 79eb8bb59c1f4950a33980bf8f9998cc898dde96b506c5f4e7e85e7323413031
Secunia Security Advisory 49813
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in WebsitePanel, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 1b22ddae90dea114d9c07c5bccf01976d5ca97c72c731e6d0c71dd91ad3e6b46
Secunia Security Advisory 49765
Posted Jul 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in KingHistorian, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 3016f14618acb8ea0920daa7e23bee01bc5a5c914ec3c9b595db3f6af7684243
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close