what you don't know can hurt you
Showing 1 - 25 of 30 RSS Feed

Files Date: 2012-11-02

CheckPoint / SofaWare Firewall Vulnerability Research
Posted Nov 2, 2012
Authored by ProCheckUp, Richard Brain | Site procheckup.com

This paper is the result of various security assessments performed on several CheckPoint/SofaWare firewalls in both a controlled (computer lab) and production environments during several penetration tests. Several different CheckPoint/SofaWare firewall models were purchased for testing in their computer lab. By having full access to the target devices, it becomes possible to discover new vulnerabilities that could be missed during a standard unauthenticated penetration test.

tags | paper, vulnerability
MD5 | 4a8958e1f542a11320bad75718792819
DCForum Information Disclosure
Posted Nov 2, 2012
Authored by r45c4l

DCForum web conference software leaves a file with user information including passwords in the document root.

tags | exploit, web, root, info disclosure
MD5 | 7d46953860090ee385da78328ca699e9
Apple Security Advisory 2012-11-01-2
Posted Nov 2, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-01-2 - Safari 6.0.2 is now available and addresses multiple arbitrary code execution vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2012-3748, CVE-2012-5112
MD5 | 7f99fcbc7fe227f0fd799bc903faf8be
Mandriva Linux Security Advisory 2012-170
Posted Nov 2, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-170 - Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object, which makes it easier for remote attackers to conduct cross-site scripting attacks via vectors involving a plugin. The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior. Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object. The mozilla firefox packages has been upgraded to the latest version which is unaffected by these security flaws.

tags | advisory, remote, web, arbitrary, javascript, xss
systems | linux, mandriva
advisories | CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
MD5 | 127d29906117ab9b08f0fcf2d2a0bc7e
Splunk 4.3.x Denial Of Service
Posted Nov 2, 2012
Authored by Alexander Klink | Site nruns.com

Splunk version 4.3.x suffers from a denial of service hash table vulnerability.

tags | advisory, denial of service
advisories | CVE-2012-1150
MD5 | b21dca98d8d2b5e3bc0cf392cb4186d4
HP Security Bulletin HPSBMU02815 SSRT100715 4
Posted Nov 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02815 SSRT100715 4 - Potential security vulnerabilities have been identified with HP SiteScope. The vulnerabilities in SiteScope SOAP features could be remotely exploited to allow disclosure of information or code execution. Revision 4 of this advisory.

tags | advisory, vulnerability, code execution
advisories | CVE-2012-3260, CVE-2012-3261, CVE-2012-3262, CVE-2012-3263, CVE-2012-3264, CVE-2012-3259
MD5 | 9b14d048f7b2637c941a05327cc88b11
HP Security Bulletin HPSBMU02827 SSRT100924
Posted Nov 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02827 SSRT100924 - Potential security vulnerabilities have been identified with HP Performance Insight when using Sybase as the database. The vulnerabilities could be remotely exploited to allow remote denial of service (DoS) and loss of data. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2012-3269, CVE-2012-3270
MD5 | 8063369959a97c0b58a008c7902bd67f
HP Security Bulletin HPSBUX02824 SSRT100970 2
Posted Nov 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02824 SSRT100970 2 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX.These vulnerabilities could allow remote execution of arbitrary code and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, java, remote, arbitrary, vulnerability
systems | hpux
advisories | CVE-2012-0547, CVE-2012-1682, CVE-2012-3136, CVE-2012-4681
MD5 | 20fbcfe1d50b10403ce19877ac2b3067
Apple Security Advisory 2012-11-01-1
Posted Nov 2, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-01-1 - iOS 6.0.1 is now available and addresses an information disclosure issue, a Passbook bypass, an arbitrary code execution vulnerability, and more.

tags | advisory, arbitrary, code execution, info disclosure
systems | apple
advisories | CVE-2012-3748, CVE-2012-3749, CVE-2012-3750, CVE-2012-5112
MD5 | fe179f5ed734824c5ef1a51bc1936610
CheckPoint/Sofaware Firewall XSS / CSRF / Redirection / Disclosure
Posted Nov 2, 2012
Authored by ProCheckUp, Richard Brain | Site procheckup.com

CheckPoint/Sofaware firewalls suffer from redirection, cross site request forgery, cross site scripting, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
MD5 | b4b18dc7ead8697ae2c32563c1de9370
eM Client 4 Vulnerable Runtime DLLs
Posted Nov 2, 2012
Authored by Stefan Kanthak

eM Client 4 ships with deprecated and vulnerable Microsoft Visual C++ 2008 runtime DLLs.

tags | advisory
MD5 | 0c2921bfc6e7c7eb9b9b8f42b376e54a
Kindsight Malware Report Q3 2012
Posted Nov 2, 2012
Site kindsight.net

The Kindsight Security Labs Q3 2012 Malware Report examines general trends for malware infections in home networks or infections in mobile devices and computers connected through mobile adapters. The data in this report is aggregated across the networks where Kindsight solutions are deployed.

tags | paper, virus
MD5 | cee14b616ad58606b3d3bddc4949021c
vBulletin ChangUonDyU Advanced Statistics SQL Injection
Posted Nov 2, 2012
Authored by Juno_okyo

vBulletin ChangUonDyU Advanced Statistics suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d9834c589ea7667f2e86258c9976e698
Adobe Reader 11.0.0 Stack Exhaustion
Posted Nov 2, 2012
Authored by coolkaveh

Adobe Reader version 11.0.0 suffers from a stack exhaustion vulnerability.

tags | exploit, denial of service
systems | linux
MD5 | 138e07d41d81ee4956e2427c8eacf2d1
YSD Cross Site Scripting
Posted Nov 2, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites designed by YSD suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 2eb3ae1f68657738645166cdedb136a9
Secunia Security Advisory 51110
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in MosP, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, vulnerability
MD5 | 9d34eb8b8d8abfcab4a4687754a4b193
Secunia Security Advisory 51128
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PgBouncer, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 230cb077d529e520cd56769f57602660
Secunia Security Advisory 51176
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ManageEngine SupportCenter Plus, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | a7f60d0b3c2704541be8d63dd0458275
Secunia Security Advisory 51149
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Marcela Benetrix has discovered multiple vulnerabilities in Dokeos, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 0753ac82a503bd40f838504ecd5ead06
Secunia Security Advisory 50874
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered two vulnerabilities in the All Video Gallery plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 1c7da1c8bfcef041c22b5ec295cd47a1
Secunia Security Advisory 51143
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Spider Catalog plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | c768c0fd131245989319dcb24872d166
Secunia Security Advisory 51134
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Follower User plugin for MyBB, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 2cb2c099365784505aabd0c8e3917ed6
Secunia Security Advisory 51117
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matan Azugi has reported a vulnerability in the TP-LINK TL-WR841N Router, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | 6731e3a11b1c137656b25875d2aba5df
Secunia Security Advisory 51136
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Performance Insight, which can be exploited by malicious people to disclose certain sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 024ae918ebc0d4f21a59f4cb1e502d6c
Secunia Security Advisory 51133
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LibTIFF, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 260007ceaf9970da165e0c30770c9e18
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close