all things security
Showing 1 - 25 of 45 RSS Feed

Files Date: 2013-01-10

Business Solutions CMS Add Admin
Posted Jan 10, 2013
Authored by Akastep

Business Solutions CMS add administrator exploit that does not require authentication.

tags | exploit
MD5 | 0ffd3882003ceff982bf72e3495bf10c
Microsoft .NET Framework Privilege Escalation
Posted Jan 10, 2013
Authored by James Forshaw, Context Information Security Ltd | Site contextis.co.uk

The Microsoft .NET Framework contains an error in the Intermediate Language (IL) verifier which could allow hosted partial trust code to elevate privileges to escape a sandboxed environment resulting in arbitrary code execution with the permissions of the user. Affected are Microsoft .Net Frameworks versions 1.1 through 4.5.

tags | advisory, arbitrary, code execution
advisories | CVE-2013-0004
MD5 | b2c977d9688a0585d75e1206d9b93d0f
Mandriva Linux Security Advisory 2013-004
Posted Jan 10, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-004 - The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce values instead of nonce values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184. The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID. The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests. The updated packages have been patched to correct these issues.

tags | advisory, remote, web
systems | linux, mandriva
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
MD5 | a004c77af965def72affb378ad7a2c27
Red Hat Security Advisory 2013-0151-01
Posted Jan 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0151-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2012-3546
MD5 | 70411968819cf613ad30ff35c1227e6b
Ubuntu Security Notice USN-1684-1
Posted Jan 10, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1684-1 - A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4530
MD5 | 584630b2ba0b5110f9fedda129a9554b
Ubuntu Security Notice USN-1683-1
Posted Jan 10, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1683-1 - A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4530
MD5 | 891c0d276e115dc5319aa49e43a7fc1a
Secunia Security Advisory 51752
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, disclose sensitive information, and compromise a user's system.

tags | advisory, spoof, vulnerability
MD5 | 2d40e176702954a2dfb9dcc9838078b1
Secunia Security Advisory 51721
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the WP SlimStat plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | 108e5e5e48bca7ebb4a317224e0a73d1
Secunia Security Advisory 51799
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for xfs. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | 3c8e2f90f7d4b4ed45708b90af713402
Secunia Security Advisory 51770
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, disclose sensitive information, and compromise a user's system.

tags | advisory, spoof, vulnerability
systems | linux, ubuntu
MD5 | 30167c82e764a94663577ede955d1e90
Secunia Security Advisory 51789
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Proficy HMI/SCADA - CIMPLICITY, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 8297c61fe4cb9c0cf8c770bc932f1751
Secunia Security Advisory 51786
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for haproxy. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
MD5 | cad3af3cd316b3809d4bfec5557bf848
Secunia Security Advisory 51800
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Application Platform. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
MD5 | 5be59ff9ead9a8e0e618bcc074a14e44
Secunia Security Advisory 51811
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | 30bc406d2e0fa2640daa2675d3629483
Secunia Security Advisory 51783
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for dhcpcd. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
MD5 | 17ba3c0909579001fafefa3a7567d434
Secunia Security Advisory 51601
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Janek Vind has discovered a weakness in the GRAND FlAGallery plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | c6baa1e18e41be5816cb064c3d42b137
Secunia Security Advisory 51796
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debasish Mandal has reported a vulnerability in Zoom Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | a3952e5a4fab5704217bfd6400a74366
Secunia Security Advisory 51814
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CiscoWorks Prime LAN Management Solution (LMS), which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 0982a47f79efdd34ef63aa43f8193205
Secunia Security Advisory 51748
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for emacs23. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, debian
MD5 | 348f9cbd89660500957c06d2ac1ec76e
Secunia Security Advisory 51804
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for rails. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, debian
MD5 | 817ba592aa4c5669d2d27abed9b445d4
Secunia Security Advisory 51731
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Ettercap, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 23108deab36dde8c41687a39acfeee6e
Secunia Security Advisory 51810
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
MD5 | afcfbbf0471b87ecab18ccedd9b33467
Secunia Security Advisory 51805
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in tcsd included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | solaris
MD5 | dbefed980b8bd73ad2ac2cbbf92310e1
Secunia Security Advisory 51806
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Search API module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 8bae08f728c6a11129784665dc7393f0
Secunia Security Advisory 51816
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adiscon LogAnalyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | bf3d920e149c8f4a4b88588ed418718e
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close