what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 57 RSS Feed

Files Date: 2012-08-15

Drupal Hotblocks 6.x Cross Site Scripting
Posted Aug 15, 2012
Authored by Justin C. Klein Keane

Drupal version 6.22 with Hotblocks 6.x suffers from cross site scripting and denial of service vulnerabilities. Proof of concept information included.

tags | exploit, denial of service, vulnerability, xss, proof of concept
SHA-256 | 17fd7caf06fdac8c5a9e14bc764b6c00c9303d84f1395974dc92767ed9a8a7f2
Drupal Custom Publishing Options 6.x XSS
Posted Aug 15, 2012
Authored by Justin C. Klein Keane

Drupal version 6.22 with Custom Publishing Options version 6.x-1.4 suffers from a cross site scripting vulnerability. Proof of concept information included.

tags | exploit, xss, proof of concept
SHA-256 | 48dd91f8b89ca979ca8e11af83723a4ee087f9e15fcaa581b8d6f6470708cf67
Cisco Security Advisory 20120530-iosxr-2
Posted Aug 15, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G and RSP-8G), Route Switch Processor 440 (RSP440), and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability.

tags | advisory, denial of service
systems | cisco, osx
SHA-256 | bc07f2e416a80379a131e30d960f750f093f1907368c5841670468346b98ce8e
Drupal Elegant Theme 7.x Cross Site Scripting
Posted Aug 15, 2012
Authored by Greg Knaddison | Site drupal.org

Drupal Elegant Theme third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 5cd009a2b5bb39d8473e502fc09119a2302b0d2363ca9167442d0a9f58ad5ea2
Drupal Custom Publishing Options 6.x Cross Site Scripting
Posted Aug 15, 2012
Site drupal.org

Drupal Custom Publishing Options third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 5c0dec500b232cd3c340e97fe90d0022a5f7a7cae9406845e963e1c4492c9de0
Drupal HotBlocks 6.x XSS / Denial Of Service
Posted Aug 15, 2012
Authored by Justin C. Klein Keane | Site drupal.org

Drupal Hotblocks third party module version 6.x suffers from cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
SHA-256 | 3a4741a9e059e7fcb96a3197a8a6b543be251afe504d362ea481cb4229600a6b
Mandriva Linux Security Advisory 2012-132
Posted Aug 15, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-132 - Multiple cross-site request forgery and cross-site scripting flaws has been found and corrected in GLPI. This advisory provides the latest version of GLPI which are not vulnerable to these issues. Additionally the latest versions of the corresponding plugins are also being provided.

tags | advisory, xss, csrf
systems | linux, mandriva
advisories | CVE-2012-4002, CVE-2012-4003
SHA-256 | 278fcab2d1ab2e4d4ef8819f221aff25448777d5df0d2fe452abe0b3a7049fea
ZeroNights 2012 Call For Papers
Posted Aug 15, 2012
Authored by ZeroNights CFP | Site zeronights.org

The ZeroNights 2012 Call For Papers has been announced. It will be held in Moscow, Russia November 19th through the 20th, 2012.

tags | paper, conference
SHA-256 | edba79f5df7aeaf759abda55a8568cb43e0427755b1fe12827b65931c2dd9375
Debian Security Advisory 2530-1
Posted Aug 15, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2530-1 - Henrik Erkkonen discovered that rssh, a restricted shell for SSH, does not properly restrict shell access.

tags | advisory, shell
systems | linux, debian
advisories | CVE-2012-3478
SHA-256 | 0d9bc3525aeb950d987b4c43ac3fdffeb95324914c2925e4c0a684a30e340450
Red Hat Security Advisory 2012-1173-01
Posted Aug 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1173-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB12-18, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.238.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2012-1535
SHA-256 | c10d85f5137cb075e49ec0b6380b902d41df64cf1042cece8b3a15b524552b6a
Technical Cyber Security Alert 2012-227A
Posted Aug 15, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-227A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
SHA-256 | f958461db70406ee608b92e86c5778602a68ddda74e3f148b3396ee851c6cd7c
Debian Security Advisory 2529-1
Posted Aug 15, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2529-1 - Jeroen Dekkers and others reported several vulnerabilities in Django, a Python Web framework.

tags | advisory, web, vulnerability, python
systems | linux, debian
advisories | CVE-2012-3442, CVE-2012-3443, CVE-2012-3444
SHA-256 | e72295d670e7e8b3f6c6c48e0ae95f800f20359a421a53e4c43f767c101a0216
Windows Service Trusted Path Privilege Escalation
Posted Aug 15, 2012
Authored by sinn3r | Site metasploit.com

This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths: C:\program.exe, and C:\program files\hello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some softwares such as OpenVPN 2.1.1, or OpenSSH Server 5, etc... all have the same problem.

tags | exploit
systems | windows
SHA-256 | 13ee2928c651d3a5639e180e5f2cafa4d077977aeeeb2da9a34de919ec969a8e
globalSCAPE CuteZIP Stack Buffer Overflow
Posted Aug 15, 2012
Authored by C4SS!0 G0M3S, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 2.1 of CuteZIP. In order for the command to be executed, an attacker must convince the target user to open a specially crafted zip file with CuteZIP. By doing so, an attacker can execute arbitrary code as the target user.

tags | exploit, overflow, arbitrary
SHA-256 | 0eb1f8858ec5246ac33385d821777542b928e2d0bb98e4789b086a62b732d909
MobileCartly 1.0 Shell Upload
Posted Aug 15, 2012
Authored by ICheer_No0M

MobileCartly version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 6b0d23136395ed8d9e37f24807974ec3247792e0f5924bcd903b104aad5f2658
MaxForum 1.0.0 Local File Inclusion
Posted Aug 15, 2012
Authored by ahwak2000

MaxForum version 1.0.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 4d2458db553c660de071d51ccccb2c8f7509d219f2b6d8b54eff09baed72708a
Blackberry Cross Site Scripting
Posted Aug 15, 2012
Authored by TayfunBasoglu

The es.blackberry.com site suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 221bcdde7a9af3450c8375649ac85ea641b58b47d4e8079b517c843819e10ec6
Secunia Security Advisory 50239
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Java in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability, xss
systems | hpux
SHA-256 | 64a709b58b6ee61639d0b91751fa1370fb95af75e8e2c731bae64a2534aa2be5
Secunia Security Advisory 50284
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for puppet. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose and manipulate certain data and by malicious people to bypass certain security restrictions.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 67eb18b247b9985f3e30a412732259d389c1696d5a01aaf91c9d01c7794d8f4a
Secunia Security Advisory 50254
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco NX-OS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | 5c5a1b4f1ce0aa8b64f4536e08eadfb68c330f841e9c01c46cd3c741294e6ff0
Secunia Security Advisory 50226
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Python Beaker Library, which can be exploited by malicious people to disclose certain sensitive information.

tags | advisory, python
SHA-256 | 8942656c4b72e5afdc7ca995f066565983408fbb924a1a1b930c18cad48472dc
Secunia Security Advisory 50240
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Business Events, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0f934c653687b3c3190527b0ba1147ee5399fae84ad92cc3c33f3716f18c8c14
Secunia Security Advisory 50214
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and two vulnerabilities have been reported in ownCloud, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 1332e189e300896ea0baa75068815455d40efa840a3b321cdafb6a9560538739
Secunia Security Advisory 50270
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 4b0428dc306c48a1dce3d0d242c022d32ecb1999aeef39be84f18c9203785e16
Secunia Security Advisory 50271
Posted Aug 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libreoffice. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 9e1a0dd01efd47003de801f3478e4ada7ea28703bbf95422503c9a3529cb8cf0
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close