what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2012-09-15

Beltane Web-Based Management For Samhain 1.0.19
Posted Sep 15, 2012
Site la-samhna.de

Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.

Changes: Various updates.
tags | tool, web, intrusion detection
systems | unix
SHA-256 | 6cff066f40f8d61db49afeacb90b0290f046841d98979ebee29299be3d6fe88d
LinkedIn Clickjacking / Open Redirection
Posted Sep 15, 2012
Authored by Ajay Singh Negi

LinkedIn suffers from clickjacking and open URL redirection vulnerabilities.

tags | exploit, vulnerability
SHA-256 | b6579358ab8ea2745cc3360e9133088f1110d9aebb005e3b3138404134f48e5f
Slackware Security Advisory - patch Updates
Posted Sep 15, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New patch packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-4651
SHA-256 | 000552f2a548f3bf42223e0f2764b341a663c102cc85900664d56344ac684049
Confluence Wiki 4.1.4 Cross Site Scripting
Posted Sep 15, 2012
Authored by INTREST SEC

Confluence Wiki versions 3.5.9, 4.0.3, and 4.1.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9bcf399a2e8ea5531b3605b2128bf6b02fa2c55f7a7dea89f867a811b06a28d7
Slackware Security Advisory - bind Updates
Posted Sep 15, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
SHA-256 | a096bed06db60f636bf2bafdc2c50790b87a13319d23ccace1d019062338e47f
Slackware Security Advisory - dhcp Updates
Posted Sep 15, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-3955
SHA-256 | b786300c75cbab9d6cc18580e9be933d433110a6c529226c2fa13191cc6d8c5f
CNN.com Cross Site Scripting
Posted Sep 15, 2012
Authored by TayfunBasoglu

Multiple CNN sites suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 096af4011880d288a5647811b198a78701418586dcb30a2927def6dfc9268a09
IFOBS Cross Site Scripting / Brute Force
Posted Sep 15, 2012
Authored by MustLive

IFOBS suffers from cross site scripting and brute forcing vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 065d53ba03513e5662ef8b879522b39ede97e028bf86ca1db8b8b6aa9679f634
Vetor Design SQL Injection
Posted Sep 15, 2012
Authored by TUNISIAN CYBER

Vetor Design based sites suffer from multiple remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | fd917f043929b483d7b010f851cf056f010cf2f878bc643ccff5d44b63a5148e
Trainor SQL Injection
Posted Sep 15, 2012
Authored by Net.W0lf, Hack Center Security Team

Trainor suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 8299bb963d997ff2b0c5b98826cea0e0e7ba4cb6b3b7b717e49f86db73db7f42
University Of Wisconsin - Madison Cross Site Scripting
Posted Sep 15, 2012
Authored by s4r4d0

The University of Wisconsin suffers from a cross site scripting vulnerability on commarts.wisc.edu.

tags | exploit, xss
SHA-256 | 3c9dbcba637bf78582ce1f17faef4824ab22c796a14ea0dec8e3fac15a409641
Oracle BTM FlashTunnelService Remote Code Execution
Posted Sep 15, 2012
Authored by rgod, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits abuses the FlashTunnelService SOAP web service on Oracle Business Transaction Management 12.1.0.7 to upload arbitrary files, without authentication, using the WriteToFile method. The same method contains a directory traversal vulnerability, which allows to upload the files to arbitrary locations. In order to execute remote code two techniques are provided. If the Oracle app has been deployed in the same WebLogic Samples Domain a JSP can be uploaded to the web root. If a new Domain has been used to deploy the Oracle application, the Windows Management Instrumentation service can be used to execute arbitrary code. Both techniques has been successfully tested on default installs of Oracle BTM 12.1.0.7, Weblogic 12.1.1 and Windows 2003 SP2. Default path traversal depths are provided, but the user can configure the traversal depth using the DEPTH option.

tags | exploit, remote, web, arbitrary, root
systems | windows
advisories | OSVDB-85087
SHA-256 | 7ce41ed8870542efde605f50001955d8595ff56317328c0892477dec49dbddec
Oracle Java Applet SunToolkit.getField Method Remote Code Execution
Posted Sep 15, 2012
Authored by Minsu Kim, Hyunwoo Choi, Hyunwook Hong, Changhoon Yoon

This document is an analysis of the Oracle Java Applet SunToolkit.getField remote code execution vulnerability as noted in CVE-2012-4681.

tags | paper, java, remote, code execution
advisories | CVE-2012-4781
SHA-256 | 984b4382479c7f5ba1f0cdda3a43a567466a673b2a4732358d08f4d66b5b22cf
Trend Micro InterScan Messaging Security Suite XSS / CSRF
Posted Sep 15, 2012
Authored by modpr0be

Trend Micro InterScan Messaging Security Suite suffers from stored cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2012-2995, CVE-2012-2996
SHA-256 | d86efa1d88ecdbb7560b3e29adb1a12d5b6a2953d61809ccae4d56fd757440dc
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close