exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 38 RSS Feed

Files Date: 2012-08-14

Secunia Security Advisory 50229
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MySQL. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information and manipulate certain data, by malicious users to gain knowledge of sensitive information, manipulate certain data, bypass certain security restrictions, and cause a DoS, and by malicious people to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | linux, suse
SHA-256 | 126be620f00bdbdbd91e3fad76a7f23ecc19469e794004a02fb50f4e9f2e5d91
Secunia Security Advisory 50243
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
SHA-256 | 3921be400542ad8b66f2ad3a5e76763bec88068d4951e85a0d664844d9ce23ed
Secunia Security Advisory 50236
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | windows
SHA-256 | 312c2d9673be9c4269e466183c43c773e722f5516f299990ed56c53da2cd58a2
Jackin' TOR Users Via Evil Proxies And The BeEF Framework
Posted Aug 14, 2012
Authored by evell | Site recursive-descent.net

This paper documents step by step instructions for intercepting TOR users via proxies and using the BeEF framework. It takes injection and proxying attacks on TOR to another level and is a very useful read.

tags | paper
SHA-256 | a9c7eed3c9863cb9f1cfe0b7e5af13778a4e6b7dd3d0709eed7757cb79cb0761
Secunia Security Advisory 50245
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | windows
SHA-256 | ea724ecfa139cce21a82d519e62f8208e1fc9f237c8b65f59575eb3205065962
Secunia Security Advisory 50237
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Four vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 70502b5fe87c4f29098d2c8751c89e58a22209d9389244c268fa0039fb22f885
Secunia Security Advisory 50285
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Flash Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | e0733d737d0d8ddbe3aadff8a040109e471ebf225c1b95fa19168f756675e864
Secunia Security Advisory 50281
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 12cc9c82d1a759e826a34c897eecd35f6dc0ec6fcc84301e9699f4c77ebdbc82
Secunia Security Advisory 50283
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | e1e63d928727335a2cb10d40933ced7165bf829ba3b84e7308fcfec354967046
Secunia Security Advisory 50286
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | d6bbe46a29dc3c302794ef44df8800306ce895bfd0c34048b4b956e4c73c2316
Secunia Security Advisory 50206
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Fortify Software Security Center, which can be exploited by malicious users and malicious people to disclose potentially sensitive information.

tags | advisory, vulnerability
SHA-256 | dcee000b95e31ec23cf2b6b5733eca431a992612a74e67ebec0c0aa7c74e9161
Secunia Security Advisory 50248
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Brendan Coles has discovered two security issues and a vulnerability in TestLink, which can be exploited by malicious people to conduct cross-site forgery attacks and disclose certain sensitive and system information.

tags | advisory
SHA-256 | b75356024a543a0d9fde7722cd0bfef56d5c9bb5cdff27c1f45155eefb22e5ad
Secunia Security Advisory 50251
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | e049e0b801540514dc4f36105c6d528a821ec2b23a16e48e0fdaf8849f69011a
Secunia Security Advisory 50247
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in some Microsoft products, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 792a63b069aa7a3f73568e6ad5a1f0884ebbf23ffdcbd39d698fa21e085202ef
Secunia Security Advisory 50183
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Service Manager and Service Center, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, xss
SHA-256 | ad6ffec457e6c1524a99a422c41160f6b60dfcc1852d2d3b8ed4c9b76d2eff58
Haveged 1.5
Posted Aug 14, 2012
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: A run time test option has been added to haveged that enables the execution of one or both of the principle AIS-31 test suites at haveged initialization and/or continuously during subsequent output. Several other changes have also been made to make haveged work better with both the systemd and sysv init systems.
tags | tool
systems | linux, unix
SHA-256 | 6950672e88376f5de7976d0ac9e479c6a3ecdb8d2d214887347eb24f367d5d8e
Sydbox Sandbox 0.7.6
Posted Aug 14, 2012
Authored by Ali Polatel | Site projects.0x90.dk

Sydbox is a ptrace-based sandbox implementation. It intercepts system calls, checks for allowed filesystem prefixes, and denies them when checks fail. It has basic support for disallowing network connections. It has basic support to sandbox execve calls. It is based in part on catbox and strace.

Changes: This is a maintenance release addressing a few issues. Note that no few features are going to be added to sydbox-0.
tags | tool
systems | unix
SHA-256 | 3c758c94c86c4ac72895c9fdaefa767f6b9256d8e658c5b70a850133a119c72b
HP Security Bulletin HPSBHF02804 SSRT100631
Posted Aug 14, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02804 SSRT100631 - A potential security vulnerability has been identified with HP Integrity Server models rx2800 i2, BL860c i2, BL870c i2, BL890c i2.The vulnerability could be exploited to cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2012-3247
SHA-256 | 4e4cf0259e45a78879f22245f35ad765f2328c35712f2d71b73b33d87d5d00f6
Novell ZENworks Asset Management Remote Execution
Posted Aug 14, 2012
Authored by juan vazquez | Site metasploit.com

This Metasploit module exploits a path traversal flaw in Novell ZENworks Asset Management 7.5. By exploiting the CatchFileServlet, an attacker can upload a malicious file outside of the MalibuUploadDirectory and then make a secondary request that allows for arbitrary code execution.

tags | exploit, arbitrary, code execution
advisories | CVE-2011-2653, OSVDB-77583
SHA-256 | 0b8fb5d16df4fc969d43e3061660de06ffdf0cfc0581883a9f80e8a04b40a600
Cyclope Employee Surveillance Solution 6 SQL Injection
Posted Aug 14, 2012
Authored by loneferret, sinn3r | Site metasploit.com

This Metasploit module exploits a SQL injection found in Cyclope Employee Surveillance Solution. Because the login script does not properly handle the user-supplied username parameter, a malicious user can manipulate the SQL query, and allows arbitrary code execution under the context of 'SYSTEM'.

tags | exploit, arbitrary, code execution, sql injection
advisories | OSVDB-84517
SHA-256 | 943d1370d3c4c203bec054c6328adda12b9aa04b01b7010bb71dea9ec2bef8a7
Ubuntu Security Notice USN-1537-1
Posted Aug 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1537-1 - It was discovered that OpenOffice.org incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause OpenOffice.org to crash or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2665
SHA-256 | 732af7ab4447e86da664cb28cd27c2933227231e898ccd4393d48db0e3186698
Ubuntu Security Notice USN-1536-1
Posted Aug 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1536-1 - It was discovered that LibreOffice incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2665
SHA-256 | 4d043603529ee5cc103e3b5aee7adbaaa490fe5f2e360031f1ed03e54b0f33ca
TestLink 1.9.3 Arbitrary File Upload
Posted Aug 14, 2012
Authored by Brendan Coles | Site metasploit.com

This Metasploit module exploits a vulnerability in TestLink versions 1.9.3 and prior. This application has an upload feature that allows any authenticated user to upload arbitrary files to the '/upload_area/nodes_hierarchy/' directory with a randomized file name. The file name can be retrieved from the database using SQL injection.

tags | exploit, arbitrary, sql injection
SHA-256 | d7801d84f2c0b381a4eab2c495d1007bc1e69f64d876b88ff24732a4755a2f71
Entropy Broker RNG 1.0.1
Posted Aug 14, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This is an important bugfix release. This version replaces the ivec initializer code with something more sensible.
tags | encryption
systems | linux
SHA-256 | e505291a3ada9f1ba3928113fa70f9f79bfc771b2fe8e20560d612d5c64beb5b
Mandriva Linux Security Advisory 2012-131
Posted Aug 14, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-131 - Just Ferguson discovered that libotr, an off-the-record messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to an application that is using libotr to perform denial of service attacks or potentially execute arbitrary code. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2012-3461
SHA-256 | d2dfc5f2426fd1d0773603a84cfba004ef4a99ccaa10eaee9b7fdd6c41ecb855
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close