exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2012-09-07

Secunia Security Advisory 50553
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Business Availability Center, which can be exploited by malicious users to hijack a user's session and by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
SHA-256 | 23add80c152d2b92dce50f67e233c66f349d3fba13c7339e198947861a805f31
Secunia Security Advisory 50515
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in WordPress, where one has an unknown impact and the other can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | d7feede464b8142c89822bbdfbbed228af998c711708395a6c38e2cee0216641
Secunia Security Advisory 50506
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | 960cb4b02c3b7b44b31b0f319e9713b04951ada88bbb02c64e22e341036668d1
Secunia Security Advisory 50493
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges.

tags | advisory, local
SHA-256 | 788a12ef11b105308bdc8354ff869e70780e5e49a5bb7506734316a64229ced4
Secunia Security Advisory 50552
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
SHA-256 | c2200b71062ebc88ba60f3f602169bab5507a49874d89bbca92492257728b2dd
Secunia Security Advisory 50414
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Fabrizi has reported some vulnerabilities in Turbo NAS Firmware, which can be exploited by malicious users to disclose sensitive data and manipulate certain data.

tags | advisory, vulnerability
SHA-256 | cc0aa40722d9ed7efd92ad9546b5c86dcbf0d9fc6114969ba9911eae2d83751d
Secunia Security Advisory 50495
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Java, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability
SHA-256 | f62d9235151410fc2ff80ebd48505c4f8aa5da1ad0977a01e24303bf6dd25983
Secunia Security Advisory 50505
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | a402bb95d485f01e3d0167722d5d7b168cb98d9560f09d3b9240aeb01c15ad00
Secunia Security Advisory 50556
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Markus Pieton has discovered a weakness and multiple vulnerabilities in LimeSurvey, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct spoofing attacks.

tags | advisory, spoof, vulnerability, sql injection
SHA-256 | c71699c05b6d1a3b6477ddc6b450cefeb5ddb6204993b7cb74489379fd7d9096
Secunia Security Advisory 50512
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Webmin, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose certain sensitive information.

tags | advisory, vulnerability
SHA-256 | a3bc839370d27d6268ff958da0b2f456823580fdc1aae6756a439c3d22b1ea08
Secunia Security Advisory 50555
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache Wicket, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 4a0896886b4887bdff8aa86c4185da977d94075b074f29c9d856ea03c27d20d2
Secunia Security Advisory 50482
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cybozu KUNAI for Android, which can be exploited by malicious people to compromise a user's device.

tags | advisory
SHA-256 | 731b6c69319c99af91db994a980b60a46bfd9c3a5c68e5716926de2631a388fb
Secunia Security Advisory 50502
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Benjamin Kunz Mejri has reported three vulnerabilities in eFront, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 3c22bb1acc08529052d232cefe77e1cad1440e8d62b8ab64d8353ce5362573e1
Secunia Security Advisory 50503
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | ba1974545ef68e719eb307637c12e60302b523c75b789b85ace3b5fae2934a58
Secunia Security Advisory 50485
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in MariaDB, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 42b1a630e71daf838c4ad8d41f7fdaa5a11bcdab0fb8d3e27a7846e3bea36cd5
Secunia Security Advisory 50509
Posted Sep 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Clipster, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 2642797425f58d0a95fc81624c1354bb6feffa28a312be901c850880b65385fe
ActiveFax (ActFax) 4.3 Client Importer Buffer Overflow
Posted Sep 7, 2012
Authored by Craig Freyman, juan vazquez, Brandon Perry | Site metasploit.com

This Metasploit module exploits a vulnerability in ActiveFax Server. The vulnerability is a stack based buffer overflow in the "Import Users from File" function, due to the insecure usage of strcpy while parsing the csv formatted file. The module creates a .exp file that must be imported with ActiveFax Server. The module has been tested successfully on ActFax Server 4.32 over Windows XP SP3 and Windows 7 SP1. In the Windows XP case, when ActFax runs as a service, it will execute as SYSTEM.

tags | exploit, overflow
systems | windows
SHA-256 | c647f83637014a447ae0a445b73bc78e1347958b1328e0f0cc2af4bc0585b90a
Sflog! CMS 1.0 Arbitrary File Upload
Posted Sep 7, 2012
Authored by dun, sinn3r | Site metasploit.com

This Metasploit module exploits multiple design flaws in Sflog 1.0. By default, the CMS has a default admin credential of "admin:secret", which can be abused to access administrative features such as blogs management. Through the management interface, we can upload a backdoor that's accessible by any remote user, and then gain arbitrary code execution.

tags | exploit, remote, arbitrary, code execution
advisories | OSVDB-83767
SHA-256 | df8a3a625895eb3faaf98942ef2a7cf7f43469012acc9d053eb309172b671640
Packet Fence 3.5.1
Posted Sep 7, 2012
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: A minor release focused on small enhancements and bugfixes. Improved performance and stability. Several fixes in the FreeRADIUS, guests, billing, captive portal, and input validation areas. French and Spanish translations were updated.
tags | tool, remote
systems | unix
SHA-256 | 73113323b7ab29f5e27abbb243890fa72310b37ec31392cf995909f28e935fac
Cannonbolt Portfolio Manager 1.0 Cross Site Scripting / SQL Injection
Posted Sep 7, 2012
Authored by LiquidWorm | Site zeroscience.mk

Cannonbolt Portfolio Manager version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | af2cde757b80b6edd1399f05f7e047043779fc2585e5a29ad412edf13cf12f21
SonicWall UTM ES WAF Input Filter Bypass
Posted Sep 7, 2012
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

The SonicWall UTM ES WAF suffers from an input filter bypass vulnerability.

tags | advisory, bypass
SHA-256 | 134825eef33bfebc96402f88d2c8325711a5d529f7ff561ab516ac5b3a6fe422
HP Security Bulletin HPSBMU02811 SSRT100937
Posted Sep 7, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02811 SSRT100937 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC). The vulnerabilities could be remotely exploited to allow cross site scripting (XSS), cross site request forgery (CSRF), and web session hijacking. Revision 1 of this advisory.

tags | advisory, web, vulnerability, xss, csrf
advisories | CVE-2012-3255, CVE-2012-3257
SHA-256 | 1f9cf178cddb06073346037698e56533887ec6038bad65dde6c385f70a0e1a01
OpenDNSSEC 1.4.0b1
Posted Sep 7, 2012
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: This version is recommended for testing only, not for use in production environments. The PIN is now optional in conf.xml. A multi-threaded option is available for the enforcer to improve performance (MySQL only). Signer Engine: The <ProvideTransfer>, <Notify>, <AllowNotify>, and <RequestTransfer> elements are now optional, but if provided they require one or more <Peer> or <Remote> elements.
tags | tool
systems | unix
SHA-256 | 27a83b2cdde60d0c606b9cda61ffcb1f5e3124c7874e52e5b20113ffe2c76b84
WordPress NextGEN Gallery 1.9.5 Cross Site Scripting
Posted Sep 7, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

WordPress NextGEN Gallery third party plugin version 1.9.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 06cb3ce18ca24b3bbd8e13460c0e145afb69e78f73cfeaba77cfc8a38fc6801f
Internet Explorer Script Interjection Code Execution
Posted Sep 7, 2012
Authored by Derek Soeder

The vulnerability described in this document can be exploited by a malicious Web page to execute arbitrary code with low integrity. Active scripting must be enabled, and the present exploitation techniques require that font downloading be set to "Enable" or "Prompt" and that the "mailto:" protocol be present. (These requirements are satisfied by default on Windows XP, Windows Vista, and Windows 7.) The user is presented with a message box which must be dismissed before code execution can occur.

tags | advisory, web, arbitrary, code execution, protocol
systems | windows
SHA-256 | b4b1af1414616836794ade27cea928934b749ebd739b732498a4491702561254
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    45 Files
  • 9
    Dec 9th
    9 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close