what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 58 RSS Feed

Files Date: 2012-08-30

Asterisk Project Security Advisory - AST-2012-013
Posted Aug 30, 2012
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - When an IAX2 call is made using the credentials of a peer defined in a dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are not applied to the call attempt. This allows for a remote attacker who is aware of a peer's credentials to bypass the ACL rules set for that peer.

tags | advisory, remote
advisories | CVE-2012-4737
SHA-256 | 1dbe89247fe8ae0e746deba8d087c0a2e8f0db2a220148bcfd8d8c829b97520c
Asterisk Project Security Advisory - AST-2012-012
Posted Aug 30, 2012
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - The AMI Originate action can allow a remote user to specify information that can be used to execute shell commands on the system hosting Asterisk. This can result in an unwanted escalation of permissions, as the Originate action, which requires the "originate" class authorization, can be used to perform actions that would typically require the "system" class authorization.

tags | advisory, remote, shell
advisories | CVE-2012-2186
SHA-256 | a16cf1c312b65d9b8b4ddd517f7fef1fb90fcf85094f853ed40ad6333d9fe808
Booking System Pro Cross Site Request Forgery
Posted Aug 30, 2012
Authored by DaOne

Booking System Pro suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | d6537cfa113bde257fb118f3bc449e9523674fe97c7780c4ed292493c4c46941
Mandriva Linux Security Advisory 2012-148
Posted Aug 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-148 - Multiple vulnerabilities has been found and corrected in ffmpeg. This advisory provides updated versions which resolves various security issues.

tags | advisory, vulnerability
systems | linux, mandriva
SHA-256 | dc4b48dc91bf77b70f8a47d5aaa5d9e521c4035f2645af7ccd9069f8d5735ed2
EMC NetWorker Format String
Posted Aug 30, 2012
Authored by Aaron Portnoy | Site emc.com

A format string vulnerability exists in the EMC NetWorker nsrd RPC service that could potentially be exploited by a malicious user to execute arbitrary code. Versions 8.0, 7.6.4, and 7.6.3 are all affected.

tags | advisory, arbitrary
advisories | CVE-2012-2288
SHA-256 | 768328413795e6970904bc4833c2ec26daa72cde036884a7e4eaced57398951b
Mandriva Linux Security Advisory 2012-074-1
Posted Aug 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-074 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service via an invalid bitstream in a Chinese AVS video file, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2011-3362, CVE-2011-3504, CVE-2011-3973, CVE-2011-3974, CVE-2011-3893, CVE-2011-3895, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579
SHA-256 | 18dc0b1c3f83bcd521ea58847ed494e97c63f2bb8bcd31d035718be13de786d5
Symantec Messaging Gateway 9.5.x Support Backdoor
Posted Aug 30, 2012
Authored by Stefan Viehbock | Site sec-consult.com

Symantec Messaging Gateway version 9.5.x suffers from a vendor-supplied backdoor vulnerability. By default the 'support' user is enabled and uses an insecure password. This user is not visible in the web interface and therefore cannot be disabled. As the appliance provides a SSH daemon on all interfaces, this account can be used to gain remote shell access on the device.

tags | advisory, remote, web, shell
SHA-256 | d327098479a9098d90ac2ea33a247a5c26c17c8e26b8959dee707097e490d059
HP Security Bulletin HPSB3C02809 SSRT100377
Posted Aug 30, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSB3C02809 SSRT100377 - Potential security vulnerabilities have been identified with HP iNode Management Center. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2012-3254
SHA-256 | e014c95c4d2bb9e7447585cb6ccd4ff9f0c5f925bbda4e2097817049e6d1026d
Ubuntu Security Notice USN-1551-1
Posted Aug 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1551-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted E-Mail, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-1956, CVE-2012-3966, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3975, CVE-2012-3978, CVE-2012-3980, CVE-2012-1956, CVE-2012-1970, CVE-2012-1971, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957
SHA-256 | c4e43e8c6418c4f1f910b3c3afaea8c1d484fffcf4da3940e16208abd45dcd5d
Debian Security Advisory 2537-1
Posted Aug 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2537-1 - Several vulnerabilities were discovered in TYPO3, a content management system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3527, CVE-2012-3528, CVE-2012-3529, CVE-2012-3530, CVE-2012-3531
SHA-256 | 61d23ef21aebae51fc8bbade236820e8ef95587197fc7341dc5affccfddda183
Debian Security Advisory 2536-1
Posted Aug 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2536-1 - It was discovered that otrs2, a ticket request system, contains a cross-site scripting vulnerability when email messages are viewed using Internet Explorer. This update also improves the HTML security filter to detect tag nesting.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2012-2582
SHA-256 | 4f188624c08347780c254407978e0878a970ce7fb48697547c14a11bb88e4231
Smart-Info Ltd CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Smart-Info Ltd CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 047c33a2f3bee46445f180d67c0e55fbc881e801526442db3dc3dba24a04654e
Schoolsindia CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Schoolsindia CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 3bfdb0049bead70baa2c1b1ace5568c8ca3d6bd18fe8e0122f1858cd48a89156
e-Orchids CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

e-Orchids CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 4f7cb497df0174d384e200453992e11f7bd6a54ca5b7d7b750f418b39ba2462a
Dhost Interactive CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Dhost Interactive CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | dcc3d70c3c2af61f92433ba42e005169fa5e9fdc9e7ad9c0407791762f334043
CWE CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

CWE CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | e011e3348cbee590b904f3b1523e8ae68af4f5e4d6cbe3be674f48c75d770119
2Creation CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

2Creation CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | b4b0f82130d99fff3aceda3045a09c31bc1a840d5d79ddb5443dbc2cdda25214
MicroOrange CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

MicroOrange CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 6cf51259dea417cc3e6b3996f8a4386978c58a7fa06f806b73b16380c4d0f483
Plogger CMS 1.0 RC1 Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Plogger CMS version 1.0 RC1 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 46cffb9af2c2fe39aebadc21069f6ba49b39236022f293c7648e78a331e063f0
OpenText WSM CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

OpenText WSM CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 28b781ec8f860efa508d0e021a024afa38dc729f223e1173a54021e52be3a11a
Medcom LTD CMS Cross Site Scripting / SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

Medcom LTD CMS suffers from cross site scripting, and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | bcd4b63a25797a509ead3cb44d4d8184837790d133ac49daa9862eacaf58f6ba
Medcom Limited CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Medcom Limited CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 79bcd426c2be168a35bdd45b5c6bee1bef6025ffcf4937068fa54132bc791bc5
Mangium Infotech CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

Mangium Infotech CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 0942286f605074803801dc6ebec38a6aeb1ec747092d11e2cf3d384df8b6452b
HCAMindbox CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

HCAMindbox CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 4e0d7abc43e6e63e5e38f4052f385f767a8b51f50b012075390d39fd069ae952
DMPIndia CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

DMPIndia CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 52fb3c5345c19f8da402e7d96ef769c5f1f4bd40c8f405ebcb544c088432b521
Page 1 of 3
Back123Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close