the original cloud security
Showing 1 - 25 of 27 RSS Feed

Files Date: 2012-08-20

Mandriva Linux Security Advisory 2012-139
Posted Aug 20, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-139 - Multiple vulnerabilities has been discovered and corrected in postgresql. libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read and write data with the privileges of the database server. xml_parse() would attempt to fetch external files or URLs as needed to resolve DTD and entity references in an XML value, thus allowing unprivileged database users to attempt to fetch data with the privileges of the database server. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2012-3488, CVE-2012-3489
MD5 | b66de77e22452889b471a5c1be59d2a1
Mandriva Linux Security Advisory 2012-140
Posted Aug 20, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-140 - Cross-site scripting vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2012-3382
MD5 | 52209cb708f5309b599ec9fd0418633b
SysAid Helpdesk Pro 8.5.04 Cross Site Scripting
Posted Aug 20, 2012
Authored by Daniel Compton | Site nccgroup.com

SysAid Helpdesk Pro version 8.5.04 suffers from a stored cross site scripting vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, xss
MD5 | 506dfea341f0b90490797c996febf32d
SysAid Helpdesk Pro 8.5.04 Blind SQL Injection
Posted Aug 20, 2012
Authored by Daniel Compton | Site nccgroup.com

SysAid Helpdesk Pro version 8.5.04 suffers from a remote blind SQL injection vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, remote, sql injection
MD5 | 5f57e3a1240ad05156fea1274af35a9e
Moodle CMS 2.2.1 Cross Site Scripting
Posted Aug 20, 2012
Authored by Daniel Compton | Site nccgroup.com

Moodle CMS version 2.2.1 suffers from a stored cross site scripting vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, xss
MD5 | 346303279526efe88a7feb84129057f5
Squiz CMS 11654 Directory Traversal
Posted Aug 20, 2012
Authored by Robert Ray | Site nccgroup.com

Squiz CMS version 11654 suffers from a directory traversal vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory
MD5 | 99ce265b57d5041a0966c0106fb9e8ca
Apple Security Advisory 2012-08-20-1
Posted Aug 20, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-08-20-1 - Apple Remote Desktop 3.6.1 is now available and addresses a failed encrypted connection that may result in an information disclosure vulnerability.

tags | advisory, remote, info disclosure
systems | apple
advisories | CVE-2012-0681
MD5 | 030da124f48598fbe36c590572e0ce19
Sysax Multi Server 5.64 Create Folder Buffer Overflow
Posted Aug 20, 2012
Authored by Matt Andreko | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixed in 5.66. In order to trigger the vulnerability valid credentials with the create folder permission must be provided. The HTTP option must be enabled on Sysax too. This Metasploit module will log into the server, get a SID token, find the root folder, and then proceed to exploit the server. Successful exploits result in SYSTEM access. This exploit works on XP SP3, and Server 2003 SP1-SP2.

tags | exploit, web, overflow, root
MD5 | 17a13fb4ba1bb14aeec150eb94056c58
Divx 6.8.2 Denial Of Service
Posted Aug 20, 2012
Authored by Dark-Puzzle

Divx version 6.8.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 024bea783395e36718f72329eb049668
Debian Security Advisory 2531-1
Posted Aug 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2531-1 - Several denial-of-service vulnerabilities have been discovered in Xen, the popular virtualization software.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3432, CVE-2012-3433
MD5 | 30004334d377c624c01f26244b3795f8
Red Hat Security Advisory 2012-1180-01
Posted Aug 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1180-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-2896, CVE-2012-3403, CVE-2012-3481
MD5 | f945a0e1b2466086833090bc9728b047
Red Hat Security Advisory 2012-1181-01
Posted Aug 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1181-01 - The GIMP is an image composition and editing program. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the GIMP's Adobe Photoshop image file plug-in. An attacker could create a specially-crafted PSD image file that, when opened, could cause the PSD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2009-3909, CVE-2011-2896, CVE-2012-3402, CVE-2012-3403, CVE-2012-3481
MD5 | 8119619c1e305025723c2b28001aaa71
Secunia Security Advisory 50322
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Hastymail2, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | dc6ca3c0ac950e220bb6a46b95261ff7
Secunia Security Advisory 50291
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
MD5 | 2129db3f77ff1f8d0f784b21d6852932
Secunia Security Advisory 50301
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ibrahim El-Sayed has reported some vulnerabilities in ManageEngine OpStor, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 32316c52a7ab95c6a3c98c8adc4cd842
Secunia Security Advisory 49398
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Zingiri Web Shop plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, web, sql injection
MD5 | f403ba7215219937703494cb331a88f7
Secunia Security Advisory 50337
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
MD5 | 284d37449184705558b9c23d20e6818e
ICAL 1.0 SQL Injection
Posted Aug 20, 2012
Authored by Samim.s

ICAL version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d1d8c5dc3eac6466166e6bc05fada0f0
Secunia Security Advisory 50342
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP ServiceGuard, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 08bc02097cc10ef89223b842837a5181
Secunia Security Advisory 50193
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OTRS, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 90105a328fa032e5aeef421eb382652b
Secunia Security Advisory 50296
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in GIMP, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 81ba0b3d529aee2bdf71fd95381e2667
Secunia Security Advisory 50275
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in McAfee Security for Microsoft SharePoint and McAfee Security for Microsoft Exchange, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 59f864372e600aca224258f59901094a
Secunia Security Advisory 50304
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in McAfee SmartFilter Administration, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 468feb2c3133de4ee75966ddc4fe596f
Secunia Security Advisory 50192
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in MDaemon, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss
MD5 | ba460f382bb586f3c1aa7768c5e978ee
Secunia Security Advisory 50316
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for nss. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | e4947ac264932aa1e75ead827583715a
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    2 Files
  • 23
    Oct 23rd
    10 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close