what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 45 RSS Feed

Files Date: 2013-01-10

Business Solutions CMS Add Admin
Posted Jan 10, 2013
Authored by Akastep

Business Solutions CMS add administrator exploit that does not require authentication.

tags | exploit
SHA-256 | fa6b20834c1535c6a89139a7f3194efde7fe3bb133b1ffaf7e80a747ce527856
Microsoft .NET Framework Privilege Escalation
Posted Jan 10, 2013
Authored by James Forshaw, Context Information Security Ltd | Site contextis.co.uk

The Microsoft .NET Framework contains an error in the Intermediate Language (IL) verifier which could allow hosted partial trust code to elevate privileges to escape a sandboxed environment resulting in arbitrary code execution with the permissions of the user. Affected are Microsoft .Net Frameworks versions 1.1 through 4.5.

tags | advisory, arbitrary, code execution
advisories | CVE-2013-0004
SHA-256 | 079e079043b920220d28f1a88dcf3dd9d69b471f51c59bc6253d0bd339e455ac
Mandriva Linux Security Advisory 2013-004
Posted Jan 10, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-004 - The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce values instead of nonce values, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests, a different vulnerability than CVE-2011-1184. The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote attackers to bypass authentication via vectors related to the session ID. The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to bypass intended access restrictions by sniffing the network for valid requests. The updated packages have been patched to correct these issues.

tags | advisory, remote, web
systems | linux, mandriva
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
SHA-256 | 0f6f2fdd564188898a7147b9d1bc195b5fd0b89edd4b2aaaca208eaea27223db
Red Hat Security Advisory 2013-0151-01
Posted Jan 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0151-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2012-3546
SHA-256 | da53a6a9c886ec1076f05400b23c0d28eb3099dbcfee4fe515fbe62926eaa0e4
Ubuntu Security Notice USN-1684-1
Posted Jan 10, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1684-1 - A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4530
SHA-256 | a13ef4d294465071b2a61382d84d80fe26c5944c7223069e6c86df3c652031ba
Ubuntu Security Notice USN-1683-1
Posted Jan 10, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1683-1 - A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4530
SHA-256 | 58d54e3f8882a8b5c415c501a401d5b5582c6e8aa8c6d834857d3ad3ef725a2d
Secunia Security Advisory 51752
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, disclose sensitive information, and compromise a user's system.

tags | advisory, spoof, vulnerability
SHA-256 | b4fc7b177a111c538a0421e455f21ea1fb001da91eea21da29693d75e5cafd5f
Secunia Security Advisory 51721
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the WP SlimStat plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 998b0ff33a72723ee46bc252df2f0601037565a03c022bb70b0e7ddf06128830
Secunia Security Advisory 51799
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for xfs. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
SHA-256 | 625cd9c318511d22dc0e3c7584a4ce0b8ced247a5c7a78806552d65cd32ce5fd
Secunia Security Advisory 51770
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, disclose sensitive information, and compromise a user's system.

tags | advisory, spoof, vulnerability
systems | linux, ubuntu
SHA-256 | 7ef5ce47c1d328fdef932de19b9556c4831a79c1eb71aa765d41086154d64178
Secunia Security Advisory 51789
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Proficy HMI/SCADA - CIMPLICITY, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0d547ff078da8e3b76150189f942840fd5c3f583e4de81b438bfcf1433a82903
Secunia Security Advisory 51786
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for haproxy. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
SHA-256 | 7927d4a560d2c37f515ba2a4e87e67f276949c1427c146dd5061671b92406033
Secunia Security Advisory 51800
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Application Platform. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
SHA-256 | c5d09d856f4e09cba8290e3e0b14a460c1172a48c5eb12436ee22c950e782162
Secunia Security Advisory 51811
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 9261a6485edd7279341aa627c5e6e2af80f130ed8917e2a462eb4c96c45a09ad
Secunia Security Advisory 51783
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for dhcpcd. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, gentoo
SHA-256 | 5403a3aaf0c88a340dba41ce9c0011dc81495a208357c3635dc7a0d742a35128
Secunia Security Advisory 51601
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Janek Vind has discovered a weakness in the GRAND FlAGallery plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | c907558f61da00be667bb7fcb5c5537ef1d98ddf1c89d76ac73011869b1a751e
Secunia Security Advisory 51796
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debasish Mandal has reported a vulnerability in Zoom Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | bd45e259e02cd0bc683d011687bb9c6480fa3c6a27deae8c36c116da82f8c3c4
Secunia Security Advisory 51814
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CiscoWorks Prime LAN Management Solution (LMS), which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 5491c379c38dcac1b3c02c368d09ffaa7ac79cda66ab24dbba5a7ffa6a562c4d
Secunia Security Advisory 51748
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for emacs23. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, debian
SHA-256 | 97e7b670a714cf81d2e49859da6c0549f02aa7330d7e0b5b9f6a091b5c1d33d8
Secunia Security Advisory 51804
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for rails. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, debian
SHA-256 | 46ceab3a1570e624a9b00b408dac4aa3b164fc38e8ae529605e0d129a4e92d8c
Secunia Security Advisory 51731
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Ettercap, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 45f6f9587ff05c34ccc647f51e8d5d9f0c2720a7dc74f2226a50509823c6173b
Secunia Security Advisory 51810
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
SHA-256 | e106f9b7edc73cfab8d226818a0acf126795be362914f3eada51ff340ce7c073
Secunia Security Advisory 51805
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in tcsd included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | solaris
SHA-256 | d6cee4080ab795ea060085c152f6a8036212edd1a9d1ab8a6c1504938806224c
Secunia Security Advisory 51806
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Search API module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 42fd17cb95b700815786a87d8124229a0c03ff7bc6c67efcfad63a979a14fd8f
Secunia Security Advisory 51816
Posted Jan 10, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adiscon LogAnalyzer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 13c6c23355496d3ff29efcd04ac2b0da761174e56562b5d6865326a45620c4a0
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close