the original cloud security
Showing 1 - 25 of 35 RSS Feed

Files Date: 2012-09-07

Secunia Security Advisory 50553
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Business Availability Center, which can be exploited by malicious users to hijack a user's session and by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
MD5 | 9d4450b1d2f706c4d10cc3643df2e72b
Secunia Security Advisory 50515
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in WordPress, where one has an unknown impact and the other can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | afb6380bbee4327c5e239f724e41d54b
Secunia Security Advisory 50506
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | 0076d99747c94e35fce25fce4a882c96
Secunia Security Advisory 50493
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

tags | advisory, local
MD5 | b4c70152fcfad16c5469aa2da3221fec
Secunia Security Advisory 50552
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
MD5 | bbd16c68c86ba05b58b69e15da194094
Secunia Security Advisory 50414
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Fabrizi has reported some vulnerabilities in Turbo NAS Firmware, which can be exploited by malicious users to disclose sensitive data and manipulate certain data.

tags | advisory, vulnerability
MD5 | b20e28338f03c3246a0d927e5dee63a9
Secunia Security Advisory 50495
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Java, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability
MD5 | 155aa73b268bbb1256e9d158be7ec81c
Secunia Security Advisory 50505
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
MD5 | bd05e9fa2f1109db8728f051f82c4188
Secunia Security Advisory 50556
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Markus Pieton has discovered a weakness and multiple vulnerabilities in LimeSurvey, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct spoofing attacks.

tags | advisory, spoof, vulnerability, sql injection
MD5 | 8292a257225ebb3a403825ddfe015deb
Secunia Security Advisory 50512
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Webmin, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose certain sensitive information.

tags | advisory, vulnerability
MD5 | 7ae46f098ad3397ad05875b53ade91ad
Secunia Security Advisory 50555
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache Wicket, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | ed1a7a06778232acbd96c8a845924c79
Secunia Security Advisory 50482
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cybozu KUNAI for Android, which can be exploited by malicious people to compromise a user's device.

tags | advisory
MD5 | 1a36b24e0e083c9604c3d81133b1f893
Secunia Security Advisory 50502
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Benjamin Kunz Mejri has reported three vulnerabilities in eFront, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 116cdce5572d18f172270c0d27b196af
Secunia Security Advisory 50503
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability
systems | linux, redhat
MD5 | e3bb5a5964de70139224c53522b9fc1b
Secunia Security Advisory 50485
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in MariaDB, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 03c81403ff17cb8a3ae6044d3c0b31b1
Secunia Security Advisory 50509
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Clipster, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 475794d43bf73e1c393e3a900f281022
ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
Posted Sep 7, 2012
Authored by Craig Freyman, juan vazquez, Brandon Perry | Site metasploit.com

This Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.

tags | exploit, overflow
systems | windows, xp, 7
MD5 | 3d493b320b659b926b9c741afb1512b5
Sflog! CMS 1.0 Arbitrary File Upload
Posted Sep 7, 2012
Authored by dun, sinn3r | Site metasploit.com

This Metasploit module exploits multiple design flaws in Sflog 1.0. By default, the CMS has a default admin credential of "admin:secret", which can be abused to access administrative features such as blogs management. Through the management interface, we can upload a backdoor that's accessible by any remote user, and then gain arbitrary code execution.

tags | exploit, remote, arbitrary, code execution
advisories | OSVDB-83767
MD5 | 12ae94a4a6178fe449f24fdbf74b4c20
Packet Fence 3.5.1
Posted Sep 7, 2012
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: A minor release focused on small enhancements and bugfixes. Improved performance and stability. Several fixes in the FreeRADIUS, guests, billing, captive portal, and input validation areas. French and Spanish translations were updated.
tags | tool, remote
systems | unix
MD5 | 5e2e5db3448c6f39e4520f670ef77613
Cannonbolt Portfolio Manager 1.0 Cross Site Scripting / SQL Injection
Posted Sep 7, 2012
Authored by LiquidWorm | Site zeroscience.mk

Cannonbolt Portfolio Manager version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | eb0f2b879842a688678e2fa62454a75e
SonicWall UTM ES WAF Input Filter Bypass
Posted Sep 7, 2012
Site vulnerability-lab.com

The SonicWall UTM ES WAF suffers from an input filter bypass vulnerability.

tags | advisory, bypass
MD5 | d06083002721394e2cfc400e6ead9f7b
HP Security Bulletin HPSBMU02811 SSRT100937
Posted Sep 7, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02811 SSRT100937 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC). The vulnerabilities could be remotely exploited to allow cross site scripting (XSS), cross site request forgery (CSRF), and web session hijacking. Revision 1 of this advisory.

tags | advisory, web, vulnerability, xss, csrf
advisories | CVE-2012-3255, CVE-2012-3257
MD5 | d8dde394ff101e0d0ca8b79e3b3f4b1f
OpenDNSSEC 1.4.0b1
Posted Sep 7, 2012
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: This version is recommended for testing only, not for use in production environments. The PIN is now optional in conf.xml. A multi-threaded option is available for the enforcer to improve performance (MySQL only). Signer Engine: The <ProvideTransfer>, <Notify>, <AllowNotify>, and <RequestTransfer> elements are now optional, but if provided they require one or more <Peer> or <Remote> elements.
tags | tool
systems | unix
MD5 | c5951e833a9414e3cbe575e7c66ee3ee
WordPress NextGEN Gallery 1.9.5 Cross Site Scripting
Posted Sep 7, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

WordPress NextGEN Gallery third party plugin version 1.9.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 60a9c0ef21d4c08b470c1fd53acab2d7
Internet Explorer Script Interjection Code Execution
Posted Sep 7, 2012
Authored by Derek Soeder

The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.

tags | advisory, web, arbitrary, code execution, protocol
systems | windows, xp, vista, 7
MD5 | 29f0774b1970da1d137c7138635a612d
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close