what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2011-07-20 to 2011-07-21

Cisco Security Advisory 20110720-sa500
Posted Jul 20, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco SA 500 Series Security Appliances are affected by two vulnerabilities on their web-based management interface. An attacker must have valid credentials for an affected device to exploit one vulnerability; exploitation of the other does not require authentication. Both vulnerabilities can be exploited over the network. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

tags | advisory, web, vulnerability
systems | cisco
advisories | CVE-2011-2546, CVE-2011-2547
SHA-256 | 8b3960c1957150337fa342ec83e2ac3e818b1cc014f35f691270707173b6a216
Cisco Security Advisory 20110720-asr9k
Posted Jul 20, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco 9000 Series Aggregation Services Routers (ASR) running Cisco IOS XR Software version 4.1.0 contain a vulnerability that may cause a network processor in a line card to lock up while processing an IP version 4 (IPv4) packet. As a consequence of the network processor lockup, the line card that is processing the offending packet will automatically reload. Cisco has released a free software maintenance upgrade (SMU) to address this vulnerability. There are no workarounds for this vulnerability.

tags | advisory
systems | cisco, osx
advisories | CVE-2011-2549
SHA-256 | 87fa33ee924bcf0d8e5f8a6c407248b7e7facaaff576542c1526f34a106a7dff
Synergy Software SQL Injection
Posted Jul 20, 2011
Authored by Ehsan_Hp200

Synergy Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | cdf7d4ef5a37b49d8abeeb3a86f1f95ff203bb22de6317494fa470d85a7fe60c
Technical Cyber Security Alert 2011-201A
Posted Jul 20, 2011
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2011-201A - Oracle Database, Oracle Secure Backup, Oracle Fusion Middleware, and various other Oracle products suffer from vulnerabilities including remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
SHA-256 | 7c1bd1e3b5f0d9d514eee9dfcd1fbedbbcc91a1a8fc792a16611e4b45ca60fd3
Zero Day Initiative Advisory 11-237
Posted Jul 20, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-237 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite r12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module (CA Gateway Security for HTTP), which responds to incoming HTTP requests on port 8080. Due to a flawed copy-loop algorithm in the URL parsing routine, it is possible for a remote unauthenticated user to cause an exploitable heap corruption condition. This could result in the execution of arbitrary code under the context of the Gateway Security service.

tags | advisory, remote, web, arbitrary
advisories | CVE-2011-2667
SHA-256 | 03a726e72a0ef746644c53f5d9af301545b02f72a2a1b6bee3e85609ce19f145
Infocus Web Solutions SQL Injection
Posted Jul 20, 2011
Authored by Ehsan_Hp200

Infocus Web Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | d9f1a30573441b0a08214bae090c7533a6ee4d5ee848de625c3464f99ff37096
Tiki Wiki CMS 7.0 Cross Site Scripting
Posted Jul 20, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Tiki Wiki CMS version 7.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ec2d6bdcaf4a432a3e5516e038616a3e5f122796fa5e7f94f350407a10a545ee
Elitecore Cyberoam UTM Cross Site Scripting
Posted Jul 20, 2011
Authored by Patrick Webster

Elitecore Cyberoam UTM suffers from a cross site scripting vulnerability. Builds prior to 10.01.0 Build 0739 are affected.

tags | exploit, xss
SHA-256 | b06e6512b53ea8ea20ff4be6e0b06151a0930083acb280cb4531302feec1fb02
ARP-Scan ARP Generation Tool 1.8.1
Posted Jul 20, 2011
Authored by Roy Hills | Site nta-monitor.com

arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.

Changes: The data file "pkt-custom-request-vlan-llc.dat" was added to the tarball to allow the ARP request packet generation self test to complete successfully.
tags | tool, scanner, protocol
systems | unix
SHA-256 | 61055bf9e7c15e34f8adabebb4a9b035cb0030a3cd19b4f00df9fea483c0256f
Mandriva Linux Security Advisory 2011-115
Posted Jul 20, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-115 - Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service via a crafted UPDATE request.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-2464
SHA-256 | 7d41f6e52999fdc1d9c78dcfcf058cdfdebae1c5f16f889d64aef16fde5a8728
Ubuntu Security Notice USN-1171-1
Posted Jul 20, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1171-1 - It was discovered that an SQL injection vulnerability exists in the Likewise Security Authority (lsass) local authentication provider. A local attacker could use this to gain elevated privileges.

tags | advisory, local, sql injection
systems | linux, ubuntu
advisories | CVE-2011-2467
SHA-256 | 9147ace4d770d7127fbd5320246d4ce11167381a45259e91d9121fcb911c43c4
Joomla Appointment Booking Pro Arbitrary File Reading
Posted Jul 20, 2011
Authored by Don Tukulesto | Site indonesiancoder.com

The Joomla Appointment Booking Pro component suffers from an arbitrary file reading vulnerability.

tags | exploit, arbitrary, file inclusion
SHA-256 | 3919153d2e40600bef5a3b3385d421da5a7351ac182a07274b851a53bcbdc041
HTC / Android OBEX FTP Service Directory Traversal
Posted Jul 20, 2011
Authored by Alberto Moreno Tablado

HTC devices running Android versions 2.1 and 2.2 suffer from a directory traversal vulnerability in the OBEX FTP service. Full details provided.

tags | exploit, file inclusion
advisories | CVE-2009-0244
SHA-256 | cd9dc9bff02c9bfc1d7a54707217d4b420a7848b53831a382f95fad8326e714e
Joomla! 1.6.5 Cross Site Scripting
Posted Jul 20, 2011
Authored by Aung Khant | Site yehg.net

Joomla! versions 1.6.5 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 4a02bc6a0b3a648183829132a928faa71371aae04716c35f03f753193221f26e
Hackers 2 Hackers Conference 2011 Call For Papers
Posted Jul 20, 2011
Site h2hc.com.br

The Hackers 2 Hackers Conference (H2HC) 8th edition call for papers has been announced. It is being held in Sao Paulo, Brazil from October 29th through the 30th, 2011.

tags | paper, conference
SHA-256 | 6abf5bb679b73d1024b3c4ebfe1e31214e38626c31d3a30e526fa62a56d626d8
Technical Cyber Security Alert 2011-200A
Posted Jul 20, 2011
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2011-200A - US-CERT is providing this Technical Security Alert in response to recent, well-publicized intrusions into several government and private sector computer networks. Cyber thieves, hacktivists, pranksters, nation-states, and malicious coders for hire all pose serious threats to the security of both government and private sector networks. A comprehensive security program provides the best defense against the full spectrum of threats that our computer networks face today. Network administrators and technical managers should not only follow the recommended security controls information systems outlined in NIST 800-53 but also consider the following measures. These measures include both tactical and strategic mitigations and are intended to enhance existing security programs.

tags | advisory
SHA-256 | 4a87eb5de090dc25ebd48d8673de5aafcc291456942b65ad5f05132ed3e47288
Oracle Sun GlassFish Enterprise Server 2.1.1 Cross Site Scripting
Posted Jul 20, 2011
Site senseofsecurity.com.au

Oracle Sun GlassFish Enterprise Server version 2.1.1 suffers from a cross site scripting vulnerability. Proof of concept code included.

tags | exploit, xss, proof of concept
advisories | CVE-2011-2260
SHA-256 | e852d78319b40a191a8aa9ea6c5cefd12cf9f11cf487cae2ce22d9f26df1275b
FreeFloat FTP 1.0 Any Non Implemented Command Buffer Overflow
Posted Jul 20, 2011
Authored by Craig Freyman

FreeFloat FTP version 1.0 any non implemented command buffer overflow exploit.

tags | exploit, overflow
SHA-256 | ac83615e8ea562e1c12cf0b82fac72d7376e0499e575ecd08be1d32ca60d543b
Dow Group SQL Injection
Posted Jul 20, 2011
Authored by Ehsan_Hp200

Dow Group suffers from multiple remote SQL injection vulnerabilities in dynamic.php, news_desc.php, product.php, and solutions.php.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | f3d4b978a82f3af2df87010f44ffd2ce67118b3ecf95deef66533259cd39c60a
Secunia Security Advisory 45326
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Likewise Open, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 5125c343fccad6e2f43b62bcc05aabc5bdd736014b81e340e25757f766e166c8
Secunia Security Advisory 45327
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for likewise-open. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
systems | linux, ubuntu
SHA-256 | b7e481f14aad4a85a63e429e43bf44549078020fb7afb900caf22828af2030d6
Secunia Security Advisory 45251
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Auto Web Toolbox, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, web, sql injection
SHA-256 | 01fbe2d1f7ee205ff8137a7e35caefced9d1d9459faed8173bc31fb078f8c9bb
Secunia Security Advisory 45297
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the library.

tags | advisory, denial of service, vulnerability
SHA-256 | 1bc737cf81abf0ee2c2f02b4ab76786bcaf47a5b116373b58631a6e831eb1c48
Secunia Security Advisory 45321
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System (HRMS), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
SHA-256 | 9fe1fddbe1150ebf625ac559854483f198ed2f84e087cf40454ddaccab587ca3
Secunia Security Advisory 45320
Posted Jul 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise Financials and Supply Chain Management (FSCM), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory
SHA-256 | 8e99fdc0ec975dbf87695b6e68875467c0781b04b391114a459b44c37019b96e
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close