exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2012-08-20 to 2012-08-21

Mandriva Linux Security Advisory 2012-139
Posted Aug 20, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-139 - Multiple vulnerabilities has been discovered and corrected in postgresql. libxslt offers the ability to read and write both files and URLs through stylesheet commands, thus allowing unprivileged database users to both read and write data with the privileges of the database server. xml_parse() would attempt to fetch external files or URLs as needed to resolve DTD and entity references in an XML value, thus allowing unprivileged database users to attempt to fetch data with the privileges of the database server. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2012-3488, CVE-2012-3489
SHA-256 | b626ecf629cea63c6722a9394e10f6f5f9a0c83303712b7e5640c33051aebdb6
Mandriva Linux Security Advisory 2012-140
Posted Aug 20, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-140 - Cross-site scripting vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2012-3382
SHA-256 | 3d141ef4c46f1abdd3beec20f1fca302eb29ec58c0221662a9b904124bf1f03f
SysAid Helpdesk Pro 8.5.04 Cross Site Scripting
Posted Aug 20, 2012
Authored by Daniel Compton | Site nccgroup.com

SysAid Helpdesk Pro version 8.5.04 suffers from a stored cross site scripting vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, xss
SHA-256 | 03c43058e177e3b91020c6e39d3d4b8fef0a48ac9173faa8dfc4180f12dd8a08
SysAid Helpdesk Pro 8.5.04 Blind SQL Injection
Posted Aug 20, 2012
Authored by Daniel Compton | Site nccgroup.com

SysAid Helpdesk Pro version 8.5.04 suffers from a remote blind SQL injection vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, remote, sql injection
SHA-256 | fa0cc50d3a2adf2a8ddb3859e8fb079052be312b93323a5634d101115b058456
Moodle CMS 2.2.1 Cross Site Scripting
Posted Aug 20, 2012
Authored by Daniel Compton | Site nccgroup.com

Moodle CMS version 2.2.1 suffers from a stored cross site scripting vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, xss
SHA-256 | 4a0870cfddbf39fd62f02df0db57dd921f34ce9e7f9ed2934dac0a28128680f8
Squiz CMS 11654 Directory Traversal
Posted Aug 20, 2012
Authored by Robert Ray | Site nccgroup.com

Squiz CMS version 11654 suffers from a directory traversal vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory
SHA-256 | bd1d48dd97d7de5029f3cb53576f8191116e49f18e456dc5eea6446e09176111
Apple Security Advisory 2012-08-20-1
Posted Aug 20, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-08-20-1 - Apple Remote Desktop 3.6.1 is now available and addresses a failed encrypted connection that may result in an information disclosure vulnerability.

tags | advisory, remote, info disclosure
systems | apple
advisories | CVE-2012-0681
SHA-256 | f27f103fee4eeb50dc396bf4a3750d2154a0a596681618a2c6f7ad7d0c9defb8
Sysax Multi Server 5.64 Create Folder Buffer Overflow
Posted Aug 20, 2012
Authored by Matt Andreko | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixed in 5.66. In order to trigger the vulnerability valid credentials with the create folder permission must be provided. The HTTP option must be enabled on Sysax too. This Metasploit module will log into the server, get a SID token, find the root folder, and then proceed to exploit the server. Successful exploits result in SYSTEM access. This exploit works on XP SP3, and Server 2003 SP1-SP2.

tags | exploit, web, overflow, root
SHA-256 | 422ebcc0706927fdc0d3540364b547ee04c57ddb23038a64dcb8dc6be41b6f88
Divx 6.8.2 Denial Of Service
Posted Aug 20, 2012
Authored by Dark-Puzzle

Divx version 6.8.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 9e4f3b9ce274360447887becad17d4617d27a3dc9c999659e4bc9cd7e48a92c4
Debian Security Advisory 2531-1
Posted Aug 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2531-1 - Several denial-of-service vulnerabilities have been discovered in Xen, the popular virtualization software.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3432, CVE-2012-3433
SHA-256 | 9f9933a091cc52467042db0785c8656fdbed09ca5667d0981881de73077fc6a8
Red Hat Security Advisory 2012-1180-01
Posted Aug 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1180-01 - The GIMP is an image composition and editing program. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2011-2896, CVE-2012-3403, CVE-2012-3481
SHA-256 | 5fe242f87bec9fe61d0273ef28381208c2155f5a6a03b6ffdb51a02ab7105d57
Red Hat Security Advisory 2012-1181-01
Posted Aug 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1181-01 - The GIMP is an image composition and editing program. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the GIMP's Adobe Photoshop image file plug-in. An attacker could create a specially-crafted PSD image file that, when opened, could cause the PSD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2009-3909, CVE-2011-2896, CVE-2012-3402, CVE-2012-3403, CVE-2012-3481
SHA-256 | d07a668d4092b975d010a7e8cabb42339fa978256fe5994567236ee4a082550a
Secunia Security Advisory 50322
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Hastymail2, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 8e3d34f8b3f2077438fd0c8a557651e36c9cf694a0edcf67e0c37f6d5030004c
Secunia Security Advisory 50291
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xen. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
SHA-256 | 68b38fae0c6aa70ed26b895fbf026dc28737dc7c1529b01bf9d30c4d4a9145bc
Secunia Security Advisory 50301
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ibrahim El-Sayed has reported some vulnerabilities in ManageEngine OpStor, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | f738a9ba321caf81a4f45ebcb103ab7d5c8ecd11dd8a6a7c83d07fcbf9f03503
Secunia Security Advisory 49398
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Zingiri Web Shop plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, web, sql injection
SHA-256 | 229a3c51a45ec5b3514b491e049d9cbf4c265ad0d7cbb30e35e5a5e2cd21635d
Secunia Security Advisory 50337
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | e62c278c5ea96f73fba7ba3fa411c328bad60e75103573d520ed2e8eca66ef74
ICAL 1.0 SQL Injection
Posted Aug 20, 2012
Authored by Samim.s

ICAL version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 365d857493ea945924644e4a436ab74b9d8e2d57980d365cd33cab7dc0464be3
Secunia Security Advisory 50342
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP ServiceGuard, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 4e9f81968284b34089675eab253ad392e6a3685821db10c63654deb311892dbc
Secunia Security Advisory 50193
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OTRS, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 62662fb0917e56027fd346d0685a1f127aa3fffe675245cea30d38ddab762afd
Secunia Security Advisory 50296
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in GIMP, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 1f1316645df5df97210bf9e034d33467b589eb48f5f02f67b1c02dc2bd26ca62
Secunia Security Advisory 50275
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in McAfee Security for Microsoft SharePoint and McAfee Security for Microsoft Exchange, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 1b96f725cd09e98614ef2fed1a60e7ca3ccba63efe4b7157ef2246e75849b23d
Secunia Security Advisory 50304
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in McAfee SmartFilter Administration, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | a703b1a95357d6c56e78153fecfe2423f047d759e2a36648b9be443b22464153
Secunia Security Advisory 50192
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in MDaemon, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss
SHA-256 | edf4f6b05952076f79f675f6b73d19de37f806e58b45ff40ce877f5d1bc14d5c
Secunia Security Advisory 50316
Posted Aug 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for nss. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | a22ea235370e731b0b3d70da6236fbddeeb7d1c26ee36b8ee1fb96de0c26e4b5
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close