what you don't know can hurt you
Showing 1 - 25 of 41 RSS Feed

Files Date: 2012-08-01

Citrix Access Gateway Plug-in For Windows nsepacom Buffer Overflow
Posted Aug 1, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via an overly long "CSEC" HTTP response header. Successful exploitation allows execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.

tags | advisory, web, overflow, arbitrary, activex
systems | windows
advisories | CVE-2011-2592
SHA-256 | 88190841a21f5703514230e00d059f52693aa6867752ab05cf5658926bb7ec55
Citrix Access Gateway Plug-in For Windows nsepacom Integer Overflow
Posted Aug 1, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Citrix Access Gateway Plug-in for Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the nsepacom ActiveX control (nsepa.exe) when processing HTTP responses based on the request via the "StartEpa()" method. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Content-Length" HTTP response header. Successful exploitation may allow execution of arbitrary code. Citrix Access Gateway Plug-in for Windows version 9.3.49.5 is affected.

tags | advisory, web, overflow, arbitrary, activex
systems | windows
advisories | CVE-2011-2593
SHA-256 | e3fca65bdb01a3b7b24ef54cae23d5e08cd0034667d410d5364cab845d4fe8a7
WordPress G-Lock Double Opt-in Manager 2.6.2 SQL Injection
Posted Aug 1, 2012
Authored by BEASTIAN

WordPress G-Lock Double Opt-in Manager plugin versions 2.6.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9b809a742da2c1d3b8cbdd4435983f048a1f070e4be8d8392cfd842d006b75ac
Debian Security Advisory 2518-1
Posted Aug 1, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2518-1 - Emmanuel Bouillon from NCI Agency discovered multiple vulnerabilities in MIT Kerberos, a daemon implementing the network authentication protocol.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2012-1014, CVE-2012-1015
SHA-256 | c345c3a09eb83c7948689c2f863b0f6c17f32c2ddaaa2bf52d96090953f5df04
Nvidia Linux Drive Privilege Escalation
Posted Aug 1, 2012

This is an anonymously written exploit that takes advantage of an Nvidia Linux driver vulnerability.

tags | exploit
systems | linux
SHA-256 | f7a37659c829209a18831e8b225b98e700c02613884ed687eade603d37da27ad
Digital Whisper Electronic Magazine #34
Posted Aug 1, 2012
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 34. Written in Hebrew.

tags | magazine
SHA-256 | 9d3515e953c4fea19a70d738a22dbbd64a0cfd2cadab8627a7b72a65fc6c77e5
Tekno.Portal 0.1b Blind SQL Injection
Posted Aug 1, 2012
Authored by Socket_0x03

Tekno.Portal version 0.1b suffers from a remote blind SQL injection vulnerability in link.php. This version was already known to have issues with SQL injection since 2010.

tags | exploit, remote, php, sql injection
SHA-256 | c71eed1836a67943fa03e0218fb566e5956562284ee6c837a7ec26e30d887446
eGlibc Signedness Code Execution
Posted Aug 1, 2012
Authored by c0ntex

A patch introduced a signedness bug causing any program compiled against the vulnerable version of eglibc and using optimized functions such as memcpy_ssse3 and memcpy-ssse3-back to be potentially vulnerable to unexpected code execution.

tags | exploit, code execution
advisories | CVE-2011-2702
SHA-256 | 25b911fe8b4f2b91e78c752029493fa3f38d85cdc1a956089b72d784bc277137
Joomla Nice Ajax Poll 1.3.0 SQL Injection
Posted Aug 1, 2012
Authored by Patrick de Brouwer

Joomla Nice Ajax Poll component versions 1.3.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | eb9f2498b2712b4c06f0df8709124960b7e70c6252b6b88c6df54785b9ebade9
Secunia Security Advisory 50096
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for xen. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, redhat
SHA-256 | 16b896cbbe66157888a3edebc1e084120e692c90e8dd0c2b51fb1bbe93b5845d
Secunia Security Advisory 50101
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libjpeg-turbo. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, suse
SHA-256 | e61418e5967b3edd01241839e1f9cc6553ea1522152ba7b2471601bae83c9944
Kaspersky Password Manager 5.0.0.164 XSS / Bypass
Posted Aug 1, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Kaspersky Password Manager versions 5.0.0.164 and below suffer from script insertion and bypass vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 53e355d0fc50a9fec7ebf2047e20c8a7c1b599148c4bace69f48f443828c2401
ME Mobile Application Manager 10 SQL Injection
Posted Aug 1, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

ME Mobile Application Manager version 10 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | ae7411ed882c229087606de45e1e4abc5acb2314bb4b5b6cb39bf6e3342837d1
Distimo Monitor 6.0 Cross Site Scripting
Posted Aug 1, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Distimo Monitor version 6.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8997d4bbe63b34cb1da238ba0f409d0e3cab0dbc64082cb95fb7bcf37f7dc08a
ME Application Manager 10 Cross Site Scripting / SQL Injection
Posted Aug 1, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

ME Application Manager 10 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | a50989d261f748ee4f62122c4e43b2584d1fea5712f0797d462f4216c3837550
GunBound Denial Of Service
Posted Aug 1, 2012
Authored by X-Cisadane, Vulnerability Laboratory

GunBound suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | bf859e66462c1f387fd3f2dabafdc1b0339855e90aac393aac3e89a00a44b503
Barracuda SSL VPN 680 Cross Site Scripting
Posted Aug 1, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

The Barracuda SSL VPN 680 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c641f9ef4a8a30e7fdaac2382361b13880f98192355001d16a27c808e5239125
Barracuda Application Validation Filter Bypass
Posted Aug 1, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda Appliances suffer from a validation filter bypass vulnerability.

tags | exploit, bypass
SHA-256 | c222b5b36db2aca926df6332261353a3202eb98ce3597706a147c11aa1a06dae
Secunia Security Advisory 50118
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in libvirt, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 9f2e8ca5a89f2c5d501fdea49f43da353011985d62cf01de905b1351c414f622
Secunia Security Advisory 50041
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Kerberos, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | c9568499744a750e661d48164f746125e9161356c30e1c647a275b5c3228c26c
Secunia Security Advisory 50105
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 8adae9f5fd18c590cb0789a875db24555e185bcf15abe3005135bf346b3241e4
Secunia Security Advisory 50111
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for krb5. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | e9049718a584c4502c3d5b97db8e540690fd872108152b1a36c0c80e46c0f411
Secunia Security Advisory 50084
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise SOA Platform. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 0b8185dd9007da0da65f2831d65d1f08f5e146db7dccb14083cf8198240ddf3b
Secunia Security Advisory 50119
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the RSGallery2 component for Joomla!, which can be exploited by malicious users to conduct script insertions attacks and by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 8f68a8b8ad0d3199333c07c436a3cd3930236a451b8673e1559d8fd15c48fc03
Secunia Security Advisory 50082
Posted Aug 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oliver Karow has reported a vulnerability in Dr.Web Enterprise Server, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, web
SHA-256 | 3b188db5b0899dec36da8130b99004bd387ed3311bf6ac0e994df56bf0bad7a9
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close