what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2012-12-06

Maxthon / Avant Browser XCS / Same Origin Bypass
Posted Dec 6, 2012
Authored by Roberto Suggi Liverani | Site security-assessment.com

Maxthon and Avant browsers suffer from various flaws such as same origin policy bypass, cross context scripting, and various other vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 87028c638482f39ab332b895dec18a8784addddc5267fa402799450cab84cc65
m0n0wall 1.33 Cross Site Request Forgery
Posted Dec 6, 2012
Authored by Yann CAM

m0n0wall version 1.33 suffers from a cross site request forgery vulnerability that can allow for remote root access to the system.

tags | exploit, remote, root, csrf
SHA-256 | 1b261f2077e935c28820221d08703fe931bcb8ca1a2cf5cd6c210fe30523260a
Ubuntu Security Notice USN-1657-1
Posted Dec 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1657-1 - It was discovered that Bind incorrectly handled certain crafted queries when DNS64 was enabled. A remote attacker could use this flaw to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-5688
SHA-256 | d7b1d56b33444eb2d6b3f83abac941b3752d58b25e5d677ab4cdf4451fb05d6b
Secunia Security Advisory 51478
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.

tags | advisory
systems | linux, ubuntu
SHA-256 | f32327e3b6ee986a16e233ea5b238d0b30d2a4be92cc19fec1c3398832eb0a8e
Secunia Security Advisory 51491
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for tiff. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, ubuntu
SHA-256 | dde589f62d6bb2f7adcc6ec5e3a6f42b5d02a6671076a2452ba2a4b26688f2dd
Secunia Security Advisory 51367
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in ManageEngine AssetExplorer, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | cbcaaee27a2897c3c2d4f6a3bb9f3295712a10396316edfd75b7b1752e7dcbca
Secunia Security Advisory 51476
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kent Web Access Report, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
SHA-256 | 8ca03c141528d466dd7819688a79b98a69d4ce4a4651da669305bd19f09a2d54
Secunia Security Advisory 51502
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Network Node Manager i (NNMi), which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
SHA-256 | efd915be9a71dccfcc36f50630fcca6fcf905fe268f3abbe2de85a5d3abae753
Secunia Security Advisory 51426
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 44e4b307fbfd2796288d75d11d9e25140ecc6df3d1096409ac8d0a172c33b1c6
Secunia Security Advisory 51505
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP LaserJet and Color LaserJet Printers, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | f16ba1100333eb6730a54e63ebc43132965bb02b4ecc0310999d3c7bf78cc20a
Secunia Security Advisory 51507
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP LaserJet Pro 400 Printers, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | c6956a6c46f24de6584a4180bc3575b4a4307c404c692e958601876de281d9c7
Secunia Security Advisory 51450
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Cartel has discovered two vulnerabilities in ManageEngine MSP Center Plus, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 6039b03d6bdb9b363f6eef719e2d2f826630688dd150473da00e727c4d456b75
Secunia Security Advisory 51429
Posted Dec 6, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CA XCOM Data Transport, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 6b774edc4c844b1cd0c4e13e3fb4b08df561a1c2e7a0565ebe2bd284e70e64a4
Microsoft Internet Explorer 7 Denial Of Service
Posted Dec 6, 2012
Authored by MustLive

Microsoft Internet Explorer version 7.00.5730.13 suffers from a redirector denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 2798ded16a038d33c58d85f9d5836a22910c532d41a00d477762754385d4cbe6
Mild Subdomain Brute Forcer 0.7
Posted Dec 6, 2012
Authored by Weston Henry | Site github.com

mild.sh is a straight-forward subdomain brute forcer inspired by fierce.pl. It includes hosts-plus.txt, it randomizes queries, and it logs found subdomains.

tags | tool
systems | unix
SHA-256 | 3e234e7ee743cb072189bb310a9b12b79f5d78674f14d3ea8a36d366faf95f4e
Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution
Posted Dec 6, 2012
Authored by juan vazquez, h0ng10 | Site metasploit.com

This Metasploit module abuses the "RunScript" procedure provided by the SOAP interface of Adobe InDesign Server, to execute arbitrary vbscript (Windows) or applescript(OSX). The exploit drops the payload on the server and must be removed manually.

tags | exploit, arbitrary
systems | windows, apple
advisories | OSVDB-87548
SHA-256 | a474d8f16474af9f0443d62d7ed406752fc73bffa28c33ce13eddc4d8ac8e269
NVIDIA Install Application 2.1002.85.551 Buffer Overflow
Posted Dec 6, 2012
Authored by LiquidWorm | Site zeroscience.mk

NVIDIA Install Application version 2.1002.85.551 (NVI2.dll) unicode buffer overflow proof of concept exploit. The vulnerability is caused due to a boundary error in NVI2.DLL when handling the value assigned to the 'pDirectory' string variable in the 'AddPackages' function and can be exploited to cause a unicode buffer overflow by inserting an overly long array of data which may lead to execution of arbitrary code.

tags | exploit, overflow, arbitrary, proof of concept
SHA-256 | 940daccf645bccea74ea3412d042b5f53742c5a6c98c1ca9c1a5d0721a725f9e
Drupal Nodewords: D6 Meta Tags 6.x Information Disclosure
Posted Dec 6, 2012
Authored by Andrey Tretyakov, asb | Site drupal.org

Drupal Nodewords: D6 Meta Tags third party module verison 6.x suffers from an information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | 966f5e35ef6f78008ed13e366ce04508cb64b815bfc8505b70d91ea991b97b88
CA XCOM Data Transport Command Execution
Posted Dec 6, 2012
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA XCOM Data Transport. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA Technologies has issued patches to address the vulnerability. The vulnerability occurs due to insufficient verification of requests. A remote attacker can send a carefully constructed request to execute arbitrary commands and compromise the server.

tags | advisory, remote, arbitrary
advisories | CVE-2012-5973
SHA-256 | 239c6eaa7173b4f89af22da52f04a65f1d261f70a0307189f6106dc8714326da
Mandriva Linux Security Advisory 2012-177
Posted Dec 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-177 - BIND 9 nameservers using the DNS64 IPv6 transition mechanism are vulnerable to a software defect that allows a crafted query to crash the server with a REQUIRE assertion failure. Remote exploitation of this defect can be achieved without extensive effort, resulting in a denial-of-service vector against affected servers. The updated packages have been upgraded to bind 9.8.4-P1 which is not vulnerable to this issue.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2012-5688
SHA-256 | 0c694d6b5b9f7cced15468a4804662a86ad30d24bf918c55b7a160b710fe65fc
HP Security Bulletin HPSBMU02816 SSRT100949
Posted Dec 6, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02816 SSRT100949 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access. Revision 1 of this advisory.

tags | advisory
systems | linux, windows, solaris, hpux
advisories | CVE-2012-3275
SHA-256 | 9dc77b5c071bf84ab32d6bb7a952e3459f74a296273e9fc9492d0dec9716f578
HP Security Bulletin HPSB3C02831 SSRT100661
Posted Dec 6, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSB3C02831 SSRT100661 - A potential security vulnerability has been identified with HP Intelligent Management Center User Access Manager (UAM). The vulnerability could be remotely exploited resulting in the execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2012-3274
SHA-256 | 95bf93b3023be55b4f40ecfc6019dd70ec1f7ee3521e673ceef58499964b84ff
HP Security Bulletin HPSBPI02828 SSRT100778
Posted Dec 6, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02828 SSRT100778 - A potential security vulnerability has been identified with certain HP LaserJet and Color LaserJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2012-3272
SHA-256 | 557b9fb671b487c8863ae88755bf3cf6645498cab99ba408fa4ad1dafccd351c
HP Security Bulletin HPSBPI02807 SSRT100928
Posted Dec 6, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02807 SSRT100928 - Potential security vulnerabilities have been identified with certain HP LaserJet Pro 400 Multifunction Printers (MFP). The vulnerabilities could be remotely exploited to allow unauthorized access. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2012-3273
SHA-256 | c2d733d08a2431a39d4505cea0ca5af02c5dfd2a24aac72afb678a311fafa825
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close