Exploit the possiblities
Showing 1 - 25 of 32 RSS Feed

Files Date: 2012-08-08

Red Hat Security Advisory 2012-1151-01
Posted Aug 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1151-01 - OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-2668
MD5 | 5dbfb3d1c36d35bcadf0a4dde97a96d0
Plixer Scrutinizer NetFlow and sFlow Analyzer 9 Default MySQL Credential
Posted Aug 8, 2012
Authored by sinn3r, Mario Ceballos, Jonathan Claudius, Tanya Secker | Site metasploit.com

This exploits an insecure config found in Scrutinizer NetFlow & sFlow Analyzer. By default, the software installs a default password in MySQL, and binds the service to "0.0.0.0". This allows any remote user to login to MySQL, and then gain arbitrary remote code execution under the context of 'SYSTEM'. Examples of default credentials include: 'scrutinizer:admin', and 'scrutremote:admin'.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2012-3951, OSVDB-84317
MD5 | dadd1bd0ca2360eb0022a698d14e8695
PHP IRC Bot pbot eval() Remote Code Execution
Posted Aug 8, 2012
Authored by Evilcry, juan vazquez, bwall, Jay Turla | Site metasploit.com

This Metasploit module allows remote command execution on the PHP IRC bot pbot by abusing the usage of eval() in the implementation of the .php command. In order to work, the data to connect to the IRC server and channel where find pbot must be provided. The module has been successfully tested on the version of pbot analyzed by Jay Turla, and published on Infosec Institute, running over Ubuntu 10.04 and Windows XP SP3.

tags | exploit, remote, php
systems | linux, windows, xp, ubuntu
MD5 | b4302c2d8b8f5eacb2c614d506570e68
Axigen Mail Server 8.0.1 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

Axigen Mail Server version 8.0.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2592
MD5 | f172da62683c3977361addb40b7dcceb
EmailArchitect Enterprise Email Server 10.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

EmailArchitect Enterprise Email Server version 10.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2591
MD5 | 67b95527b49ccccefb4ef7fa58256f96
ESCON SupportPortal Pro 3.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2590
MD5 | ee476706cb8cdc19f95724419630a01b
MailEnable Enterprise 6.5 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

MailEnable Enterprise version 6.5 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2588
MD5 | c23f76da3c75a26be60243216f439d6a
AfterLogic Mailsuite Pro 6.3 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2587
MD5 | e73f64f4087f2f9eb677c4d30cf57d9d
MailTraq 2.17.3.3150 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

MailTraq version 2.17.3.3150 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2586
MD5 | 430db808f916265f2793a724d9158574
FreeBSD Security Advisory - named Denial Of Service
Posted Aug 8, 2012
Authored by Einar Lonn | Site security.freebsd.org

FreeBSD Security Advisory - BIND 9 stores a cache of query names that are known to be failing due to misconfigured name servers or a broken chain of trust. Under high query loads, when DNSSEC validation is active, it is possible for a condition to arise in which data from this cache of failing queries could be used before it was fully initialized, triggering an assertion failure. A remote attacker that is able to generate high volume of DNSSEC validation enabled queries can trigger the assertion failure that causes it to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2012-3817
MD5 | 0ef228d154a335e008640bab911b82dd
Mandriva Linux Security Advisory 2012-127
Posted Aug 8, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-127 - A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF image format files, performed write of TIFF image content into particular PDF document file, when not properly initialized T2P context struct pointer has been provided by tiff2pdf as one of parameters for the routine performing the write. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the privileges of the user running the tiff2pdf binary. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-3401
MD5 | db8d0b363dfcfc4309ef12c2ff94adb3
Mandriva Linux Security Advisory 2012-126
Posted Aug 8, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-126 - Multiple integer overflows in libxml2, on 64-bit Linux platforms allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2012-2807
MD5 | e9cd2acc91c30a5965909ce6d2d552ce
HP Security Bulletin HPSBMU02781 SSRT100617 2
Posted Aug 8, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02781 SSRT100617 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, windows, solaris, hpux
advisories | CVE-2009-0922, CVE-2009-3229, CVE-2009-3230, CVE-2009-3231, CVE-2009-4034, CVE-2009-4136, CVE-2010-1169, CVE-2010-1170, CVE-2010-1975, CVE-2010-3433, CVE-2010-4015
MD5 | 69a45d8ada2dbb2d0d4c94007e687dd8
Triggering Windows 7
Posted Aug 8, 2012
Authored by Prateek Shukla

This is a brief whitepaper discussing how to BackTrack 5 and the Social Engineering Toolkit (SET) to generate a malicious java applet in order to gain a reverse shell on Windows 7.

tags | paper, java, shell
systems | windows, 7
MD5 | 90592cc3d1cec515fb3309b0cc7f81d8
Secunia Security Advisory 50050
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Accuvant Labs has reported a vulnerability in Calligra, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 3656c78a78ed1738e528858954044db2
Secunia Security Advisory 50188
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for SUSE Manager. This fixes a security issue which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
systems | linux, suse
MD5 | 1e23f865ba2dc9de2bb973d09a2e7e03
Secunia Security Advisory 50177
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | freebsd
MD5 | 7e87b1c227cfde3b6a9abcba5c33e4c3
Secunia Security Advisory 49999
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matthew Joyce has discovered some vulnerabilities in ConcourseSuite, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
MD5 | b2a5e7f8a8d7335bfc889cf30527b4c9
Secunia Security Advisory 50163
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hitachi JP1/Integrated Management, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 35d472f808e0cb2b37cc13fed0cf5cca
Secunia Security Advisory 50094
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sleipnir Mobile for Android, which can be exploited by malicious people to compromise a user's device.

tags | advisory
MD5 | 0f645a00370c6ac68d9bb3eb43325e8f
Secunia Security Advisory 50155
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Vulnerability Lab has reported multiple vulnerabilities in Inout Webmail, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 3c521ab9f8dca745d7313d986d3eae15
Secunia Security Advisory 50144
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sauerbraten Game Engine, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 677a836aee1b548a5a1f35cce90832a1
Secunia Security Advisory 50178
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for sudo. This fixes a security issue, which can be exploited by malicious, local users to manipulate certain data.

tags | advisory, local
systems | linux, redhat
MD5 | 741f187fe18a9dab4aeacab57e8610b8
Secunia Security Advisory 49142
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Baby Gekko, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | b7ce1515a1962acaf44e5d72ecc4b3ee
Secunia Security Advisory 50143
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Litchfield has reported a vulnerability in Oracle Database, which can be exploited by malicious users to gain escalated privileges.

tags | advisory
MD5 | 9931aacaec1e89ba349ca2d6234ab35d
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    16 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    16 Files
  • 23
    Feb 23rd
    31 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close