exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 70 RSS Feed

Files Date: 2011-06-01 to 2011-06-02

Cisco Security Advisory 20110601-ac
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by arbitrary program execution and local privilege escalation vulnerabilities. There are no workarounds for the vulnerabilities described in this advisory.

tags | advisory, arbitrary, local, vulnerability
systems | cisco
advisories | CVE-2011-2039, CVE-2011-2040, CVE-2011-2041
SHA-256 | b6f62c24ad600052d82c60490ef64ffb9b47d1a6b4fbb76139a5453a3b92aadf
Easy FTP Server 1.7.0.2 Buffer Overflow
Posted Jun 1, 2011
Authored by b33f

Easy FTP Server version 1.7.0.2 post authentication buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 2a6596bad306c2f92f31a99a5af952a2ecb1fa44c6c4f1578665dd5c22713689
Mandriva Linux Security Advisory 2011-105
Posted Jun 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-105 - This advisory updates wireshark to the latest version. A large/infinite loop exists in the DICOM dissector. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. David Maciejak of Fortinet's FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark. Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark.

tags | advisory
systems | linux, redhat, mandriva
SHA-256 | 2f38c38e6d308c7c93fb99b72c981e9702b7cee1649aa9258e4d92c6c5b9ac01
Icinga 1.3.0 / 1.4.0 Cross Site Scripting
Posted Jun 1, 2011
Authored by Stefan Schurtz

Icinga versions 1.3.0 and 1.4.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0f2fcc0f2a5004f0756b8053320d1d9036538af9cf5fd71f737e368eb0f56a37
Cisco Security Advisory 20110601-mxe
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Media Experience Engine (MXE) 5600 devices that are running Cisco Media Processing Software releases prior to 1.2 ship with a root administrator account that is enabled by default with a default password. An unauthorized user could use this account to modify the software configuration and operating system settings or gain complete administrative control of the device. A software upgrade is not required to resolve this vulnerability. Customers can change the root account password by issuing a configuration command on affected engines. The workarounds detailed in this document provide instructions for changing the root account password.

tags | advisory, root
systems | cisco
advisories | CVE-2011-1623
SHA-256 | a9b9f6b84efd5f5410ccfdf9fc190f25c02e24a757639b8c1c38c6f42d3997fd
Vibrant Creations SQL Injection
Posted Jun 1, 2011
Authored by eXeSoul

Vibrant Creations suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 21a32b3c8444e9da7647764ff7da708c99fe8429fdbf2caee691fc400498df72
MediaCluster (mcCMS) Shell Upload
Posted Jun 1, 2011
Authored by RoAd_KiLlEr

MediaCluster (mcCMS) suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 06d93cc6955871384b4f90c0f60d2c884f75c514a2d5fd549c9b5b121b8fd2e7
Netgear WNDAP350 Root Password Disclosure
Posted Jun 1, 2011
Authored by Juerd Waalboer

Netgear WNDAP350 versions 2.0.1 and 2.0.9 suffers from a remote root password and WPA2 key disclosure vulnerability.

tags | exploit, remote, root, info disclosure
SHA-256 | cb5e3cabb4d54afcb646e5bcc9fe38768fc1bdbdea54fd02f0c0b642142df4c3
Nagios 3.2.3 Cross Site Scripting
Posted Jun 1, 2011
Authored by Stefan Schurtz

Nagios version 3.2.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a056b66c21311b190b7d847ea2b1659d52af13a17ea0e33a820d155730122899
Cisco Security Advisory 20110601-phone
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified IP Phones 7900 Series devices, also known as TNP phones, are affected by three vulnerabilities that could allow an attacker to elevate privileges, change phone configurations, disclose sensitive information, or load unsigned software. These three vulnerabilities are classified as two privilege escalation vulnerabilities and one signature bypass vulnerability. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available to mitigate these vulnerabilities.

tags | advisory, vulnerability, bypass
systems | cisco
advisories | CVE-2011-1602, CVE-2011-1603, CVE-2011-1637
SHA-256 | a5da1041cf885eced48a7af3b7acdb0686e61e90f3ff3a0f850f27a77b7a7177
Cisco Security Advisory 20110601-cnr
Posted Jun 1, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Registrar Software Releases prior to 7.2 contain a default password for the administrative account. During the initial installation, users are not forced to change this password, allowing it to persist after the installation. An attacker who is aware of this vulnerability could authenticate with administrative privileges and arbitrarily change the configuration of Cisco Network Registrar.

tags | advisory
systems | cisco
advisories | CVE-2011-2024
SHA-256 | 6c73501b3f4ee218038777f46b6592c27d8398fe0ea571b5943f57bb082bc5a3
Mandriva Linux Security Advisory 2011-104
Posted Jun 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-104 - Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service via a negative response containing large RRSIG RRsets.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1910
SHA-256 | 508ee1aa8ffd4f27a9758171dac332d4d481de68724feca7f6f389471dc75d4c
A Really Simple Chat (ARSC) 3.3-rc2 XSS / SQL Injection
Posted Jun 1, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

A Really Simple Chat (ARSC) version 3.3-rc2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 249904eba1bb0a21fd20acb8fdb72e6d7161acae6fb1b1e2924b0fd886fc5e27
Innovative Web SQL Injection
Posted Jun 1, 2011
Authored by Kalashinkov3

Innovative Web suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 2617b117c0d794f9db284cf8cd1804c0c06743144af640c952c8fb51e06f0067
Post Revolution 0.8.0c XSS / XSRF / Denial Of Service
Posted Jun 1, 2011
Authored by Javier Bassi

Post Revolution version 0.8.0c suffers from cross site request forgery, cross site scripting, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, info disclosure, csrf
advisories | CVE-2011-1952, CVE-2011-1953, CVE-2011-1954
SHA-256 | c326ab8cc2255d5e582a5a5c103cc9b9e6e64ac1effb215d3c8e08c05d0b1799
Cherokee Cross Site Request Forgery
Posted Jun 1, 2011
Authored by dave b

The Cherokee server admin configuration web interface suffers from a cross site request forgery vulnerability.

tags | advisory, web, csrf
SHA-256 | 586c995fad51dc5bd0787f10314d084e145efaa7e2f61ce7bc8aa7c1bf5970d3
VALID 2011 Call For Papers
Posted Jun 1, 2011
Site iaria.org

The VALID 2011 Call For Papers has been announced. This conference will be held in Barcelona, Spain from October 23rd through the 28th, 2011.

tags | paper, conference
SHA-256 | 41576e3a99041238e6564d80dbda242c65c6cc165b2ca56696674b2f3d0bc356
CodeMeter WebAdmin 3.30 / 4.30 Cross Site Scripting
Posted Jun 1, 2011
Authored by Rob Kraus | Site solutionary.com

CodeMeter WebAdmin versions 3.30 and 4.30 suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 37b2d92023e5ba909975303fa7fb686f9e8f69afae90052f86672f0c13a993cc
Debian Security Advisory 2250-1
Posted Jun 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2250-1 - Wouter Coekaerts discovered that the jabber server component of citadel, a complete and feature-rich groupware server, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-1756
SHA-256 | 0f0e08b40a952cc7e46f5001f5c290c85367e3af53eb2c045331c0fa34fa926f
Debian Security Advisory 2249-1
Posted Jun 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2249-1 - Wouter Coekaerts discovered that jabberd14, an instant messaging server using the Jabber/XMPP protocol, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.

tags | advisory, denial of service, protocol
systems | linux, debian
advisories | CVE-2011-1754
SHA-256 | a991672c4d34580ef442852169e167e37d426325361127f31153c7141950080f
Debian Security Advisory 2248-1
Posted Jun 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2248-1 - Wouter Coekaerts discovered that ejabberd, a distributed XMPP/Jabber server written in Erlang, is vulnerable to the so-called "billion laughs" attack because it does not prevent entity expansion on received data. This allows an attacker to perform denial of service attacks against the service by sending specially crafted XML data to it.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-1753
SHA-256 | de1900df9f3c9ee82372dc03eef9a63db5a89024f5837f7f77fe44f4b9d4e27b
Secunia Security Advisory 44772
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SecureSphere Web Application Firewall, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, web
SHA-256 | 8a05dd7d363bab7a969f9f78a5ffd7ce694af4ec1bd403cdee37f087a82a512d
Secunia Security Advisory 44765
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for ejabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 416cc993727e0d1cb7f187e732f831942c207e6d0d78711736624bcd6b67a98f
Secunia Security Advisory 44808
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gdm. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
SHA-256 | 81b430b2401177c84af1f31faf7a31a37276151469150f0bc56185a7c5470013
Secunia Security Advisory 44465
Posted Jun 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Georg Fritsch has reported a vulnerability in Wyse ThinOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 4ddbda0f1acb2346bd9b032e11411db32a486be77699d2474aec09fb48af53cc
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close