what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2012-11-19

Zero Day Initiative Advisory 12-187
Posted Nov 19, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-187 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a particular array contained within a Real Media file and then uses the data. When allocating and reading frame size information, the application will fail to check the bounds of how this array is used. The application will use results in this array as an allocation for the size of a buffer. When initializing this new buffer, the application can then write outside it's bounds which will lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2012-0923
MD5 | caf9795079d80e997299543e119f22d0
Belkin Insecure Default WPA2 Passphrase
Posted Nov 19, 2012
Authored by Jakob Lell

Having a preconfigured randomly generated WPA2-PSK passphrase for wireless routers is basically a good idea since a vendor-generated passphrase can be much more secure than most user-generated passwords. However, in the case of Belkin the default password is calculated solely based on the MAC address of the device. Since the MAC address is broadcasted with the beacon frames sent out by the device, a wireless attacker can calculate the default passphrase and then connect to the wireless network. Vulnerable versions include, but are not limited to, Belkin Surf N150 Model F7D1301v1, Belkin N900 Model F9K1104v1, Belkin N450 Model F9K1105V2, and possibly Belkin N300 Model F7D2301v1.

tags | advisory
advisories | CVE-2012-4366
MD5 | 44b1ab86b2820727ed3c030ed172a0ff
Splunk 4.x Denial Of Service
Posted Nov 19, 2012
Authored by Alexander Klink | Site nruns.com

Splunk versions 4.0 through 4.3.4 suffer from an unauthenticated remote denial of service vulnerability against splunkd.

tags | advisory, remote, denial of service
MD5 | 77701ef13cf8f0205b69ae5bc03f88df
Mandriva Linux Security Advisory 2012-172
Posted Nov 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-172 - Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow
systems | linux, mandriva
advisories | CVE-2012-4504
MD5 | bb6cff786629c6331f3a41019af956b8
Akeni LAN 1.2.118 Filter Bypass
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

A filter bypass vulnerability in Akeni LAN (LE) Messenger version 1.2.118 allows for malicious script insertion / cross site scripting attacks.

tags | exploit, xss, bypass
MD5 | 2ced5a10e9c4f6158009523f2b58bf82
Manage Engine Exchange Reporter 4.1 Cross Site Scripting
Posted Nov 19, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

Manage Engine Exchange Reporter version 4.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cf2327d6861e783bd8e15ca7659e3654
Omni-Secure 5 / 6 / 7 Remote File Disclosure
Posted Nov 19, 2012
Authored by HaCkeR_EgY

Omni-Secure versions 5, 6, and 7 suffer from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 28afbca05bd6a5d26e97284c907178e2
Skype Account Service Reset Credentials
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri, Chokri Ben Achor | Site vulnerability-lab.com

The Skype Account Service application suffered from a reset password/username vulnerability.

tags | exploit
MD5 | 1b8b33483a64506397dd6c9489db51fd
Skype Account Service Session Token Bypass
Posted Nov 19, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The Skype Account Service application suffered from a session token bypass vulnerability.

tags | exploit, bypass
MD5 | b127e8c3a17d8efff34a737b0d0f894a
HostBox SSH 0.1
Posted Nov 19, 2012
Authored by Oskar Stridsman | Site stridsmanIT.wordpress.com

HostBox SSH is a python script will scan servers and routers for insecure SSH configurations.

tags | tool, scanner, python
systems | unix
MD5 | 00486f309358c2af448eade6dbecb752
WeBid 1.0.5 Directory Traversal
Posted Nov 19, 2012
Authored by loneferret

WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 31ed75fecbce02be4931928c1382a5e4
Debian Security Advisory 2575-1
Posted Nov 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2575-1 - It was discovered that ppm2tiff of the tiff tools, a set of utilities for TIFF manipulation and conversion, is not properly checking the return value of an internal function used in order to detect integer overflows. As a consequence, ppm2tiff suffers of a heap-based buffer overflow. This allows attacker to potentially execute arbitrary code via a crafted ppm image, especially in scenarios in which images are automatically processed.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-4564
MD5 | 09747e61881552acf5e73d9adfddaa2e
Microsoft Office OneNote 2010 Memory Corruption
Posted Nov 19, 2012
Authored by coolkaveh

Microsoft Office OneNote 2010 suffers from a WriteAV memory corruption vulnerability.

tags | exploit
systems | linux
MD5 | 778501e23876cf312063c696dd2186c3
Secunia Security Advisory 51333
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the jNews component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 593d6812c922b09ee94e9d20f296b04d
Secunia Security Advisory 51339
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sophos UTM, which can be exploit by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.

tags | advisory, vulnerability, xss
MD5 | 7a82acc4baafbc38fe4f7c066b3a20bb
Secunia Security Advisory 51294
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WeeChat, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
MD5 | 1aaf7663079ca182f946fd8cd0699e5c
Secunia Security Advisory 51349
Posted Nov 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in RSA Data Protection Manager, where some have an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks.

tags | advisory, local, vulnerability, xss
MD5 | c64247139b708e972c4bbc99da51b23d
Page 1 of 1
Back1Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close