Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors.
357a44e43c4f2c671f4d21ee653ec8fd76e0867ce903aed183590f7707f4ae54Cisco Security Advisory - Cisco Small Business (SRP 500) Series Services Ready Platforms contains command injection, unauthenticated configuration upload, and directory traversal vulnerabilities.
31da0efcb3a1c6bfaf12e06688d0619522253f130e943a73a69af7e3f60d8eeaOnapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), and the JDESAW Kernel is configured (it is by default), then it would be possible to read any file on the system.
8830e58431e4e54de8e064e5cd249e16908cd8f778228632a25fa840fdf16e20Onapsis Security Advisory - If a specially crafted packet is sent to the JDENet Service (6015 TCP by default), and the Security Kernel is enabled and SignonSecurity is configured, then it is possible to retrieve the password of arbitrary users.
ca8b740898e9808b2377e7e6e742f24a9adcdee6596d83dbff27ba20b10ae606YVS Image Gallery version 0.0.0.1 suffers from a remote SQL injection vulnerability.
57c8b4b331c976402d8ecbf2a7336a8a495b9664d40c2aa1baa1066165e7c43cOnapsis Security Advisory - If a "Message packet" is sent to the JDENet port (6015 by default) containing a specially crafted "File Packet", the sent file is saved in the server where the JDENet service is running, in the arbitrary location specified by the "File Packet".
110da071d60499fa9e34debb38e6a7404f1d62c2405feaa405c2015812db0a2eXenotix KeylogX is a keylogger add-on for Mozilla Firefox. It captures and logs keystrokes sent to the browser and you simply type alt-X to retrieve the data from the logfile.
67b0971f10df230d180133c5c89d059079a85c82d7ef454d272f3decf994a478Ubuntu Security Notice 1372-1 - It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions (typically root). It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. Various other issues were also addressed.
5c8cc223024eb5757b6e35e27ea76c485d767109bb47ae4e336bf0859299e7adDebian Linux Security Advisory 2417-1 - It was discovered that the internal hashing routine of libxml2, a library providing an extensive API to handle XML data, is vulnerable to predictable hash collisions. Given an attacker with knowledge of the hashing algorithm, it is possible to craft input that creates a large amount of collisions. As a result it is possible to perform denial of service attacks against applications using libxml2 functionality because of the computational overhead.
cf6eb06a9662d3cbb04a61d240b222ea745c263a73494063aa45b2362bc1dd87Red Hat Security Advisory 2012-0333-01 - Updates have been made to the Linux kernel. SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to the underlying block device, allowing a privileged user to bypass restrictions and gain read and write access to the entire block device. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. A local, unprivileged user could use a flaw in the Performance Events implementation to cause a denial of service. Various other issues have also been addressed.
ab385ec0a710376d5bd1648fee2d56710fe8b5e7cf9b6e8931a4f3a897ec925aRed Hat Security Advisory 2012-0332-01 - Samba is a suite of programs used by machines to share files, printers, and other information. An input validation flaw was found in the way Samba handled Any Batched requests. A remote, unauthenticated attacker could send a specially-crafted SMB packet to the Samba server, possibly resulting in arbitrary code execution with the privileges of the Samba server.
83217c4f85e67c38de8250edb78839110461105a09c8ced94de19612811108b2Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.
39254df708c3f5ffb0cd358ff63ee347d5e144525cd6c1dbe4247f4a12d93d07Secunia Security Advisory - Red Hat has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7a68230e661330b4c5d167879dd6b4734e5444a1ae36f1f9bff77e6c8f146919Secunia Security Advisory - Multiple vulnerabilities with unknown impacts have been reported in PHP Live!.
a67c1530bfc0610040ecc148fd7a8f1871115e01367b07df0cfb4c4a80ea82a4Secunia Security Advisory - Multiple vulnerabilities have been discovered in phpDenora, which can be exploited by malicious people to disclose sensitive information and conduct SQL injection attacks.
6c16d7397bf43eaa4c8c4a711fd1b80510988506b71117447a75283440d1c9b2Secunia Security Advisory - A vulnerability has been reported in Notmuch, which can be exploited by malicious people to potentially disclose sensitive information.
a7e0eed716535cd9df76395a1721d7f5a639fbb8ac0f3d59d0849b954aaf2b29Secunia Security Advisory - Red Hat has issued an update for kernel-rt. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges, by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges, and by malicious people to cause a DoS and compromise a vulnerable system.
8023b9bd7039cd2c3a136a4ea1a2c61f57d5e7b366f4a0f0c22002f2f224914cSecunia Security Advisory - A vulnerability has been reported in the TC BE User Admin extension for TYPO3, which can be exploited by malicious users to conduct script insertion attacks.
bdd0a95ecb7df3f1d94917537ef28390cfba5dac38ca55b4b08b419e16480660Secunia Security Advisory - A vulnerability has been discovered in The Uploader, which can be exploited by malicious people to conduct SQL injection attacks.
4099eb18a705f7e926f998d263d0a58df76cc339342cea7f22ff5bc0b34b04cdSecunia Security Advisory - Ubuntu has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
5b7469232683fadcbeda63cb2f878003dc330c26c9fd53150e78a7022829d4eaSecunia Security Advisory - Ubuntu has issued an update for puppet. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
d732492125afc1fc5774f2682a947522b901709329704e37898458b071ebb03aSecunia Security Advisory - Some vulnerabilities have been reported in Cisco Small Business SRP520 / SRP540 series, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.
2f3f55b2689997092d4a01dbc45d1c49405f5db2fb416c39d947f727955989afSecunia Security Advisory - SEC Consult has reported a vulnerability in ELBA, which can be exploited by malicious users to conduct SQL injection attacks.
270bb8917cb242f7d4791cefeeb523d5828c6313a827fff893bbe08d3ed156e4Secunia Security Advisory - SUSE has issued an update for horde3. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
cc321bc36659d38802e09a71957b3a9d977665e8eb3b74aef029a518607e2791Secunia Security Advisory - Red Hat has issued an update for cvs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
29a4872041015f80b88bd09276e69b1232b9b44be2e042f327a8d5c2fb5f276e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed