what you don't know can hurt you
Showing 26 - 50 of 59 RSS Feed

Files Date: 2012-07-19 to 2012-07-20

Secunia Security Advisory 49982
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Barracuda SSL VPN, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 4ae6f3316ea660c403f55d3be9681ede
Secunia Security Advisory 49943
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Three vulnerabilities have been reported Oracle Transportation Management, which can be exploited by malicious, local users to gain knowledge of sensitive information, malicious users to gain knowledge of sensitive information, and malicious people to manipulate certain data.

tags | advisory, local, vulnerability
MD5 | a82eb6fbd678974a2ea6c9d6c502300a
Secunia Security Advisory 49955
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Clinical Remote Data Capture, which can be exploited by malicious users to gain knowledge of sensitive information.

tags | advisory, remote
MD5 | 82bce92c36dbeda410b0b0baf67922c0
Secunia Security Advisory 49993
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
MD5 | d181c899b5d53f850b7cd03bc9b3111f
Secunia Security Advisory 49951
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise PeopleTools, which can be exploited by malicious users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 629b4dada25586122354884aa7294823
Secunia Security Advisory 49965
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
MD5 | 449ce8cf849b8c814e1a2afde9cc31d2
Secunia Security Advisory 49881
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Database, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 59b63b25897f880cb4c83e9a34429ffc
Secunia Security Advisory 49956
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in GlassFish Enterprise Server, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 61f5f72e0b4b3e873054fccda3129235
Secunia Security Advisory 49994
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Thunderbird and SeaMonkey, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
MD5 | 65549adc7f2f3843d43ea0a4ee2792a5
Secunia Security Advisory 49937
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Enterprise Manager Grid Control, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 4e12c7e4c3d7a2c4620e19d33f352fad
Secunia Security Advisory 49961
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Integrated Lights Out Manager, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | e97c9a9499226b7f4c81a62d5d225849
Secunia Security Advisory 49884
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged two vulnerabilities in Oracle Secure Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 4d61278a669a7329ab77298a124aba5d
Secunia Security Advisory 49952
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Siebel CRM, which can be exploited by malicious users to disclose certain sensitive information and by malicious people to disclose certain sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 80e4c1c959285fb5996b9f303a47095c
Secunia Security Advisory 49942
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious users to manipulate certain data and by malicious people to manipulate certain data and bypass certain security restrictions.

tags | advisory, vulnerability
MD5 | 488799c05f1de067f94c2bfb19ce9637
Secunia Security Advisory 49918
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Application Server, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and manipulate certain data.

tags | advisory, vulnerability
MD5 | 460e26cb0cc0114a30d9edc511c4979e
Secunia Security Advisory 49950
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System (HRMS), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | 9faa813687cb112480e1cffb93d5ab2b
Secunia Security Advisory 49958
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Solaris Cluster, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | solaris
MD5 | a1ef6c51dccb8e72073499403090de18
DNS Denial Of Service Tool
Posted Jul 19, 2012

This is a simple snippet of c code that can be used for creating a denial of service condition against a DNS server.

tags | denial of service
MD5 | 9943478b20771711a01cac781a3eae3c
Linux Kernel Sendpage Local Privilege Escalation
Posted Jul 19, 2012
Authored by Brad Spengler, Ramon de C Valle, Tavis Ormandy, Julien Tinnes, egypt | Site metasploit.com

The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4

tags | exploit, arbitrary, kernel, protocol, ppc
systems | linux
advisories | CVE-2009-2692
MD5 | 2592f40037078ac9737526c10644b4e9
Windows Escalate Task Scheduler XML Privilege Escalation
Posted Jul 19, 2012
Authored by jduck | Site metasploit.com

This Metasploit module exploits the Task Scheduler 2.0 XML 0day exploited by Stuxnet. When processing task files, the Windows Task Scheduler only uses a CRC32 checksum to validate that the file has not been tampered with. Also, In a default configuration, normal users can read and write the task files that they have created. By modifying the task file and creating a CRC32 collision, an attacker can execute arbitrary commands with SYSTEM privileges.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2010-3338, OSVDB-68518
MD5 | 985eb9053e6cd158c35c0837cbba1589
Novell ZENworks Configuration Management Preboot Service 0x06 Buffer Overflow
Posted Jul 19, 2012
Authored by Stephen Fewer, juan | Site metasploit.com

This Metasploit module exploits a remote buffer overflow in the ZENworks Configuration Management 10 SP2. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x06 (PROXY_CMD_CLEAR_WS) to the 998/TCP port. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and Windows Server 2003 SP2 (DEP bypass).

tags | exploit, remote, overflow, tcp
systems | windows
advisories | OSVDB-65361
MD5 | f34f24fcc433e4b088d9cd6e4754435b
Novell ZENworks Configuration Management Preboot Service 0x21 Buffer Overflow
Posted Jul 19, 2012
Authored by Stephen Fewer, juan | Site metasploit.com

This Metasploit module exploits a remote buffer overflow in the ZENworks Configuration Management 10 SP2. The vulnerability exists in the Preboot service and can be triggered by sending a specially crafted packet with the opcode 0x21 (PROXY_CMD_FTP_FILE) to port 998/TCP. The module has been successfully tested on Novell ZENworks Configuration Management 10 SP2 and Windows Server 2003 SP2 (DEP bypass).

tags | exploit, remote, overflow, tcp
systems | windows
advisories | OSVDB-65361
MD5 | 152908928a9c6adae51d63c01d75b875
Setuid Nmap Exploit
Posted Jul 19, 2012
Authored by egypt | Site metasploit.com

Nmap's man page mentions that "Nmap should never be installed with special privileges (e.g. suid root) for security reasons.." and specifically avoids making any of its binaries setuid during installation. Nevertheless, administrators sometimes feel the need to do insecure things. This Metasploit module abuses a setuid nmap binary by writing out a lua nse script containing a call to os.execute(). Note that modern interpreters will refuse to run scripts on the command line when EUID != UID, so the cmd/unix/reverse_{perl,ruby} payloads will most likely not work.

tags | exploit, root, perl, ruby
systems | unix
MD5 | 451cc1f390a0ee0ae43183a67ef08439
Zero Day Initiative Advisory 12-127
Posted Jul 19, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-127 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HsmCfgSvc.exe service which listens by default on TCP port 9111. When processing FTP archives the process does not properly validate the size of the root path specified and proceeds to copy the string into a fixed-length buffer on the stack. This can be exploited to execute arbitrary remote code under the context of the running service.

tags | advisory, remote, arbitrary, root, tcp
MD5 | 3bd1527f37b4a47ba8810e2a866dc506
Zero Day Initiative Advisory 12-126
Posted Jul 19, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-126 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HsmCfgSvc.exe service which listens by default on TCP port 9111. When processing CIFS archives the process does not properly validate the size of the archive name and proceeds to copy the string into a fixed-length buffer on the stack. This can be exploited to execute arbitrary remote code under the context of the running service.

tags | advisory, remote, arbitrary, tcp
MD5 | 6b23e0e0159a0e12252edeebeeb34100
Page 2 of 3
Back123Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close