exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2012-08-08

Red Hat Security Advisory 2012-1151-01
Posted Aug 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1151-01 - OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-2668
SHA-256 | b5e58ac02a262a4dec401a753af836111759f4a329334fb8c3c1a2a0b7b62159
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
Posted Aug 8, 2012
Authored by sinn3r, Mario Ceballos, Jonathan Claudius, Tanya Secker | Site metasploit.com

This exploits an insecure config found in Scrutinizer NetFlow & sFlow Analyzer. By default, the software installs a default password in MySQL, and binds the service to "0.0.0.0". This allows any remote user to login to MySQL, and then gain arbitrary remote code execution under the context of 'SYSTEM'. Examples of default credentials include: 'scrutinizer:admin', and 'scrutremote:admin'.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2012-3951, OSVDB-84317
SHA-256 | 61e06a2fa99c7125dcd2af5faeafdcb8556b0880070d66206fa0180b420ee612
PHP IRC Bot pbot eval() Remote Code Execution
Posted Aug 8, 2012
Authored by Evilcry, juan vazquez, bwall, Jay Turla | Site metasploit.com

This Metasploit module allows remote command execution on the PHP IRC bot pbot by abusing the usage of eval() in the implementation of the .php command. In order to work, the data to connect to the IRC server and channel where find pbot must be provided. The module has been successfully tested on the version of pbot analyzed by Jay Turla, and published on Infosec Institute, running over Ubuntu 10.04 and Windows XP SP3.

tags | exploit, remote, php
systems | linux, windows, ubuntu
SHA-256 | af5927c4e9d6a607a05e48844259bb81f722ee9404fcdab77834d99f0a04d614
Axigen Mail Server 8.0.1 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

Axigen Mail Server version 8.0.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2592
SHA-256 | b712d8ab578b4188e22a4207f80f37e1183a304194159d181703507b37e78350
EmailArchitect Enterprise Email Server 10.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

EmailArchitect Enterprise Email Server version 10.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2591
SHA-256 | 1d614ed71a8927d8aefe626bbcff7dd35a56dc0ab018757a65f61785d9f38e5f
ESCON SupportPortal Pro 3.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2590
SHA-256 | 276e0b8f015732fce0ae5dbd7e7bdd804d1aa558b1f1268b2d84dc292f750351
MailEnable Enterprise 6.5 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

MailEnable Enterprise version 6.5 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2588
SHA-256 | fd72faeb58eb75ffa50d2abc0e461b01e20ed0f5d946c64e0d92334ec5a8ef56
AfterLogic Mailsuite Pro 6.3 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2587
SHA-256 | 70975b139f142c6b5aa2788169c1656874f10ae8fd42b3b7714b3d1791acff41
MailTraq 2.17.3.3150 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

MailTraq version 2.17.3.3150 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2586
SHA-256 | 146ace147ff06c7f56045da0af62a91fa81e836cd9400ac850544756e07b726e
FreeBSD Security Advisory - named Denial Of Service
Posted Aug 8, 2012
Authored by Einar Lonn | Site security.freebsd.org

FreeBSD Security Advisory - BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken chain of trust. Under high query loads, when DNSSEC validation is active, it is possible for a condition to arise in which data from this cache of failing queries could be used before it was fully initialized, triggering an assertion failure. A remote attacker that is able to generate high volume of DNSSEC validation enabled queries can trigger the assertion failure that causes it to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2012-3817
SHA-256 | 14ce0ceb3dfdd72660f83035bfda8974a44d0c866f0212093a308b810aac8df9
Mandriva Linux Security Advisory 2012-127
Posted Aug 8, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-127 - A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF image format files, performed write of TIFF image content into particular PDF document file, when not properly initialized T2P context struct pointer has been provided by tiff2pdf as one of parameters for the routine performing the write. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the privileges of the user running the tiff2pdf binary. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-3401
SHA-256 | 149b7cb1a9d75035cbf157d9a41f74cd86afc4f26ebe2a53fe79e88cc5726a0b
Mandriva Linux Security Advisory 2012-126
Posted Aug 8, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-126 - Multiple integer overflows in libxml2, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2012-2807
SHA-256 | 6a3ce55329031068584d5c7d764a0eaa56d8918f2f86f153cbcf8edeee863c66
HP Security Bulletin HPSBMU02781 SSRT100617 2
Posted Aug 8, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02781 SSRT100617 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows, solaris, hpux
advisories | CVE-2009-0922, CVE-2009-3229, CVE-2009-3230, CVE-2009-3231, CVE-2009-4034, CVE-2009-4136, CVE-2010-1169, CVE-2010-1170, CVE-2010-1975, CVE-2010-3433, CVE-2010-4015
SHA-256 | 969977237cbe019bfcfe019ff2785e5a2cd29b36bd1679c3d115100fcd8f2197
Triggering Windows 7
Posted Aug 8, 2012
Authored by Prateek Shukla

This is a brief whitepaper discussing how to BackTrack 5 and the Social Engineering Toolkit (SET) to generate a malicious java applet in order to gain a reverse shell on Windows 7.

tags | paper, java, shell
systems | windows
SHA-256 | c465ce76e11d434cefe598ce9ad6f6709a3c029e5620d87ca6bb83721ba8d677
Secunia Security Advisory 50050
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Accuvant Labs has reported a vulnerability in Calligra, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | b67fcaae429b33a0a4151deb0249754d7149fb5c0cba132e57bc9fc99d6ea01f
Secunia Security Advisory 50188
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for SUSE Manager. This fixes a security issue which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
systems | linux, suse
SHA-256 | 5ea7395bb014f5909c2f72aaaea8d4c2671315d00ebab58fdd557ad87e510d8a
Secunia Security Advisory 50177
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | freebsd
SHA-256 | 555cd0aed919baf30a8c3f0e6c85fda01ad6c658cc9582d5b683a3dbac9d8ea0
Secunia Security Advisory 49999
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matthew Joyce has discovered some vulnerabilities in ConcourseSuite, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 048a6cd89895dd4d0e3351bc27906ef963207169477b47fcc1219eddb3f3694f
Secunia Security Advisory 50163
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hitachi JP1/Integrated Management, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | e1e4fd2b43a7f2ebe7f350917caab52ef7de2545adaef3ac7e021acc73dcf864
Secunia Security Advisory 50094
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sleipnir Mobile for Android, which can be exploited by malicious people to compromise a user's device.

tags | advisory
SHA-256 | 943f2ce7fee15408d358baaad3f9bc05c904e8694aa65521dc950f607ec1cac8
Secunia Security Advisory 50155
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vulnerability Lab has reported multiple vulnerabilities in Inout Webmail, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 758f94ecb90c9ba246456f2dc018afe833005413480d232321b3edfed53a9fae
Secunia Security Advisory 50144
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sauerbraten Game Engine, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 415bdb53a582f34c45fd6d68ab280ae7b73a6a7f56050e69f13483d539d6bbbe
Secunia Security Advisory 50178
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for sudo. This fixes a security issue, which can be exploited by malicious, local users to manipulate certain data.

tags | advisory, local
systems | linux, redhat
SHA-256 | 0c5659ac4f1df773e82c3574bd1df02c2a0af87b5bc055904252b5189fd96879
Secunia Security Advisory 49142
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Baby Gekko, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 59136adaf0e567b0ce15b4f2538944a0c01f2d4b96f4f62b0bdc2880f9857edc
Secunia Security Advisory 50143
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Litchfield has reported a vulnerability in Oracle Database, which can be exploited by malicious users to gain escalated privileges.

tags | advisory
SHA-256 | c0e217a5a59ee9cffe7edc6da96fa7ac2c6c0b6ddda4477b3549a3266b2ea978
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close