accept no compromises
Showing 1 - 25 of 936 RSS Feed

Files Date: 2012-08-01 to 2012-08-31

Asterisk Project Security Advisory - AST-2012-013
Posted Aug 30, 2012
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - When an IAX2 call is made using the credentials of a peer defined in a dynamic Asterisk Realtime Architecture (ARA) backend, the ACL rules for that peer are not applied to the call attempt. This allows for a remote attacker who is aware of a peer's credentials to bypass the ACL rules set for that peer.

tags | advisory, remote
advisories | CVE-2012-4737
MD5 | 91ab0e96a7351e26f182f8fba5823d97
Asterisk Project Security Advisory - AST-2012-012
Posted Aug 30, 2012
Authored by Matt Jordan | Site asterisk.org

Asterisk Project Security Advisory - The AMI Originate action can allow a remote user to specify information that can be used to execute shell commands on the system hosting Asterisk. This can result in an unwanted escalation of permissions, as the Originate action, which requires the "originate" class authorization, can be used to perform actions that would typically require the "system" class authorization.

tags | advisory, remote, shell
advisories | CVE-2012-2186
MD5 | b23f7089de8bc593b53468fabf54bc9b
Booking System Pro Cross Site Request Forgery
Posted Aug 30, 2012
Authored by DaOne

Booking System Pro suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | d93a9708f39c494a1849e30f3327d4f5
Mandriva Linux Security Advisory 2012-148
Posted Aug 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-148 - Multiple vulnerabilities has been found and corrected in ffmpeg. This advisory provides updated versions which resolves various security issues.

tags | advisory, vulnerability
systems | linux, mandriva
MD5 | 6ee13fad828d4ca3c4e75473d803060a
EMC NetWorker Format String
Posted Aug 30, 2012
Authored by Aaron Portnoy | Site emc.com

A format string vulnerability exists in the EMC NetWorker nsrd RPC service that could potentially be exploited by a malicious user to execute arbitrary code. Versions 8.0, 7.6.4, and 7.6.3 are all affected.

tags | advisory, arbitrary
advisories | CVE-2012-2288
MD5 | b4e80dd8f309b599062dbfade14faa4a
Mandriva Linux Security Advisory 2012-074-1
Posted Aug 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-074 - Multiple vulnerabilities has been found and corrected in ffmpeg. The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file. Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service via an invalid bitstream in a Chinese AVS video file, a different vulnerability than CVE-2011-3362. Various other issues have also been addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2011-3362, CVE-2011-3504, CVE-2011-3973, CVE-2011-3974, CVE-2011-3893, CVE-2011-3895, CVE-2011-4351, CVE-2011-4352, CVE-2011-4353, CVE-2011-4364, CVE-2011-4579
MD5 | 4f2cae4e150c06a5b3cda2d7bec7e23c
Symantec Messaging Gateway 9.5.x Support Backdoor
Posted Aug 30, 2012
Authored by Stefan Viehbock | Site sec-consult.com

Symantec Messaging Gateway version 9.5.x suffers from a vendor-supplied backdoor vulnerability. By default the 'support' user is enabled and uses an insecure password. This user is not visible in the web interface and therefore cannot be disabled. As the appliance provides a SSH daemon on all interfaces, this account can be used to gain remote shell access on the device.

tags | advisory, remote, web, shell
MD5 | 2abb36076a2b7977e7a2ddc3ed3ed632
HP Security Bulletin HPSB3C02809 SSRT100377
Posted Aug 30, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSB3C02809 SSRT100377 - Potential security vulnerabilities have been identified with HP iNode Management Center. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2012-3254
MD5 | cf059419a136b598d6efe64939f27011
Ubuntu Security Notice USN-1551-1
Posted Aug 30, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1551-1 - Gary Kwong, Christian Holler, Jesse Ruderman, Steve Fink, Bob Clary, Andrew Sutherland, Jason Smith, John Schoenick, Vladimir Vukicevic and Daniel Holbert discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted E-Mail, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964, CVE-2012-1956, CVE-2012-3966, CVE-2012-3970, CVE-2012-3971, CVE-2012-3972, CVE-2012-3975, CVE-2012-3978, CVE-2012-3980, CVE-2012-1956, CVE-2012-1970, CVE-2012-1971, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957
MD5 | 20c2ef2c3994c52d211ed0abed45b6f7
Debian Security Advisory 2537-1
Posted Aug 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2537-1 - Several vulnerabilities were discovered in TYPO3, a content management system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3527, CVE-2012-3528, CVE-2012-3529, CVE-2012-3530, CVE-2012-3531
MD5 | a2b35ba960de02e1a9f13b333f619645
Debian Security Advisory 2536-1
Posted Aug 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2536-1 - It was discovered that otrs2, a ticket request system, contains a cross-site scripting vulnerability when email messages are viewed using Internet Explorer. This update also improves the HTML security filter to detect tag nesting.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2012-2582
MD5 | b2dcef912354e85d71ebf5c31d56d9ab
Smart-Info Ltd CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Smart-Info Ltd CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 734133dcc0693b330a26be85a6e97592
Schoolsindia CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Schoolsindia CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 890066a159c239f2ac1fa820779cf8c1
e-Orchids CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

e-Orchids CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 6442b505f1fc6e87acdc4f3976e6ed92
Dhost Interactive CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Dhost Interactive CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | aa06f6023c2bb69f3260b35e5125e2d8
CWE CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

CWE CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 043d21a2bdf86dc41d17068c0d4f99ab
2Creation CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

2Creation CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | aa23c4fafd776ce3c44c34849639ba2d
MicroOrange CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

MicroOrange CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 50c37df8335f8235509d521251967290
Plogger CMS 1.0 RC1 Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Plogger CMS version 1.0 RC1 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | de1e1c8d8ead297825ad2b67ba380342
OpenText WSM CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

OpenText WSM CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | e09dab3f7b6dabe98cf9f13312f1d81b
Medcom LTD CMS Cross Site Scripting / SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

Medcom LTD CMS suffers from cross site scripting, and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 23683df3ce4f978604db4df9f546e010
Medcom Limited CMS Cross Site Scripting
Posted Aug 30, 2012
Authored by Crim3R

Medcom Limited CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 95e559a096ad1c9d7c882e06b52bf7b3
Mangium Infotech CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

Mangium Infotech CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 1035ef980873da3fd4896bda5c41093d
HCAMindbox CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

HCAMindbox CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 7775345974e3ebf03290f34036100546
DMPIndia CMS SQL Injection
Posted Aug 30, 2012
Authored by Crim3R

DMPIndia CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | de78610d0c40f56a1fab9527a60f87d9
Page 1 of 38
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    14 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close