exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2012-11-02

CheckPoint / SofaWare Firewall Vulnerability Research
Posted Nov 2, 2012
Authored by ProCheckUp, Richard Brain | Site procheckup.com

This paper is the result of various security assessments performed on several CheckPoint/SofaWare firewalls in both a controlled (computer lab) and production environments during several penetration tests. Several different CheckPoint/SofaWare firewall models were purchased for testing in their computer lab. By having full access to the target devices, it becomes possible to discover new vulnerabilities that could be missed during a standard unauthenticated penetration test.

tags | paper, vulnerability
SHA-256 | c35375f660fa53fbebaaebb25ec6173e990a9bc1e26ffd2917339ccfbf6a2454
DCForum Information Disclosure
Posted Nov 2, 2012
Authored by r45c4l

DCForum web conference software leaves a file with user information including passwords in the document root.

tags | exploit, web, root, info disclosure
SHA-256 | 410b8716c8db53421bd4da537ccbc1c8317423f6334bb0ecb93c27889e139527
Apple Security Advisory 2012-11-01-2
Posted Nov 2, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-01-2 - Safari 6.0.2 is now available and addresses multiple arbitrary code execution vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2012-3748, CVE-2012-5112
SHA-256 | 8da82b760fa99acaf590f81a49c7fe3c1f426b36a77fd487b5dc79cad3d98fd3
Mandriva Linux Security Advisory 2012-170
Posted Nov 2, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-170 - Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object, which makes it easier for remote attackers to conduct cross-site scripting attacks via vectors involving a plugin. The nsLocation::CheckURL function in Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 does not properly determine the calling document and principal in its return value, which makes it easier for remote attackers to conduct cross-site scripting attacks via a crafted web site, and makes it easier for remote attackers to execute arbitrary JavaScript code by leveraging certain add-on behavior. Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object. The mozilla firefox packages has been upgraded to the latest version which is unaffected by these security flaws.

tags | advisory, remote, web, arbitrary, javascript, xss
systems | linux, mandriva
advisories | CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
SHA-256 | df5698b16c02425b5dc4629ca3098d7de69fc065a4cbafaa2ba5da169a673dea
Splunk 4.3.x Denial Of Service
Posted Nov 2, 2012
Authored by Alexander Klink | Site nruns.com

Splunk version 4.3.x suffers from a denial of service hash table vulnerability.

tags | advisory, denial of service
advisories | CVE-2012-1150
SHA-256 | d5cbcf654bede60e73b046c746c6d6c0a805b9e9a6f72f4af8548cd3f36fa296
HP Security Bulletin HPSBMU02815 SSRT100715 4
Posted Nov 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02815 SSRT100715 4 - Potential security vulnerabilities have been identified with HP SiteScope. The vulnerabilities in SiteScope SOAP features could be remotely exploited to allow disclosure of information or code execution. Revision 4 of this advisory.

tags | advisory, vulnerability, code execution
advisories | CVE-2012-3260, CVE-2012-3261, CVE-2012-3262, CVE-2012-3263, CVE-2012-3264, CVE-2012-3259
SHA-256 | abeda3401855f751a432b29ae51842f813aa92f93ff1ff7418e84821e956634e
HP Security Bulletin HPSBMU02827 SSRT100924
Posted Nov 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02827 SSRT100924 - Potential security vulnerabilities have been identified with HP Performance Insight when using Sybase as the database. The vulnerabilities could be remotely exploited to allow remote denial of service (DoS) and loss of data. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2012-3269, CVE-2012-3270
SHA-256 | 413dfefa94e7b73b1b50ade7370a4846fd084ec4d371868c5f97d72f71a0932d
HP Security Bulletin HPSBUX02824 SSRT100970 2
Posted Nov 2, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02824 SSRT100970 2 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX.These vulnerabilities could allow remote execution of arbitrary code and other vulnerabilities. Revision 2 of this advisory.

tags | advisory, java, remote, arbitrary, vulnerability
systems | hpux
advisories | CVE-2012-0547, CVE-2012-1682, CVE-2012-3136, CVE-2012-4681
SHA-256 | 2ec3aa87e1b79d4f333300ca6e1febbfc596b53a6b7d55d6348707edcd684d92
Apple Security Advisory 2012-11-01-1
Posted Nov 2, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-01-1 - iOS 6.0.1 is now available and addresses an information disclosure issue, a Passbook bypass, an arbitrary code execution vulnerability, and more.

tags | advisory, arbitrary, code execution, info disclosure
systems | apple
advisories | CVE-2012-3748, CVE-2012-3749, CVE-2012-3750, CVE-2012-5112
SHA-256 | bb29a1d3c66440c76260fdaa5d43c43b2293e2d6e250d392f4373a39f3dd8dcd
CheckPoint/Sofaware Firewall XSS / CSRF / Redirection / Disclosure
Posted Nov 2, 2012
Authored by ProCheckUp, Richard Brain | Site procheckup.com

CheckPoint/Sofaware firewalls suffer from redirection, cross site request forgery, cross site scripting, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
SHA-256 | 5ae76cdada41d919af4e21bd1b0d36824ad80b60a77057ebb204db615d421663
eM Client 4 Vulnerable Runtime DLLs
Posted Nov 2, 2012
Authored by Stefan Kanthak

eM Client 4 ships with deprecated and vulnerable Microsoft Visual C++ 2008 runtime DLLs.

tags | advisory
SHA-256 | 6b09813e63424906cd88cf7e406e13caa79e7f3a4fc8f530ead65701b478e952
Kindsight Malware Report Q3 2012
Posted Nov 2, 2012
Site kindsight.net

The Kindsight Security Labs Q3 2012 Malware Report examines general trends for malware infections in home networks or infections in mobile devices and computers connected through mobile adapters. The data in this report is aggregated across the networks where Kindsight solutions are deployed.

tags | paper, virus
SHA-256 | 4358fac16115036cd5347643c7df24ea0a1c9963e8d996174c8561f908070ef5
vBulletin ChangUonDyU Advanced Statistics SQL Injection
Posted Nov 2, 2012
Authored by Juno_okyo

vBulletin ChangUonDyU Advanced Statistics suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dfddaf215a60127d0a5b03a40f8478952e2141992d8ed19886c76c73038ff2b3
Adobe Reader 11.0.0 Stack Exhaustion
Posted Nov 2, 2012
Authored by coolkaveh

Adobe Reader version 11.0.0 suffers from a stack exhaustion vulnerability.

tags | exploit, denial of service
systems | linux
SHA-256 | 5f7ddd9bf90517ae0acacadaed88adf3e8c6ecf0e4a00e7a0c49388fc9fb7f73
YSD Cross Site Scripting
Posted Nov 2, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites designed by YSD suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 28a44c1ca856ab654db908d94f979b2728372de4553cd034a7c3fb15ac5307ea
Secunia Security Advisory 51110
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in MosP, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, vulnerability
SHA-256 | 2ea53909cf9e15ae9b3ffde7d6ade99fc837c8d2acd5ce807e6a9510e291de0a
Secunia Security Advisory 51128
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PgBouncer, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 74e5e2c6d5b943d1ef0f46b064db728a2b53d94f333710dfee28bdd2acbfe5a7
Secunia Security Advisory 51176
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ManageEngine SupportCenter Plus, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | e2c62ea132fd39cf8f94005737145fbfff0443e642e0d4d0c9a6ef0d072ab3df
Secunia Security Advisory 51149
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Marcela Benetrix has discovered multiple vulnerabilities in Dokeos, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | d1e602e9e1f7c86986646e2bf1a6403011bdfd70e64672acabe8379142eaafcf
Secunia Security Advisory 50874
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered two vulnerabilities in the All Video Gallery plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 9ab70767e66aa6e8815c445c0d9e8bf0cd05b3f34eecda5ec7b4b0d09cbde1a9
Secunia Security Advisory 51143
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Spider Catalog plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 659a382bf797271a5302c6a6fe3791767c64184ed8d95ae02f2925a03f963ceb
Secunia Security Advisory 51134
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Follower User plugin for MyBB, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | b6309744b602f940cf99e1b5269d4c627eb906515f6a29aad6fa649baf6f8fca
Secunia Security Advisory 51117
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matan Azugi has reported a vulnerability in the TP-LINK TL-WR841N Router, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | a2cf8a267b181cce1fe8bc639e6f4961bac4de4cb3bf936a7a58aaca6f634640
Secunia Security Advisory 51136
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Performance Insight, which can be exploited by malicious people to disclose certain sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 9178a9b63e7e6aca359971d929c3cdb5cb44476ce9ba0c3823791f7ad9c2d0ea
Secunia Security Advisory 51133
Posted Nov 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LibTIFF, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 6869f37b575b1d5778b2a707b95942384927cfabec8378afbdeca5c28d48cac2
Page 1 of 2
Back12Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close