what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files Date: 2012-09-18 to 2012-09-19

SonicWALL EMail Security 7.3.5 Cross Site Scripting
Posted Sep 18, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

SonicWALL EMail Security version 7.3.5 suffers from multiple cross site scripting and script insertion vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 9114c493bb903f88704ca152163273f441bb78904b6632d33f2bc90b09352025
Axis VoIP Manager 2.1.5.7 Cross Site Scripting
Posted Sep 18, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Axis VoIP Manager version 2.1.5.7 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 227d09434d3119f83463817515890f6a160a567edeea4900637426c5a2d81678
Entropy Broker RNG 1.2
Posted Sep 18, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This release has full IPv6 support, has bps output fixes, can now retrieve entropy data from smart cards, and has support for multiple broker servers. EGD server/client now supports TCP as well (for better compatibility with EntropyKey). There are fixes for Fedora and Coverity warning fixes.
tags | encryption
systems | linux
SHA-256 | 3ecddde77082e049a2056e7fee7d05301ade18b02e1ebc838e4af707f2a74d39
HP Security Bulletin HPSBMU02813 SSRT100712
Posted Sep 18, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02813 SSRT100712 - A potential security vulnerability has been identified with HP Operations Orchestration. The vulnerability could be remotely exploited to allow execution or arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2012-3258
SHA-256 | 97d3696a2802e4bc11756ed85fe0d744044522295b85a1672ae9318f837aae13
Symantec Messaging Gateway 9.5.3-3 Cross Site Scripting
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an out-of-band stored cross site scripting vulnerability via email. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, xss
SHA-256 | efc556b14d7eaaab1ee4e073431e2ec92e2cb39a2d25ac6dc8ece93acb4541eb
Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an authenticated arbitrary file download vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, arbitrary
SHA-256 | 25af61338564cb5ac5945690d75e3ef01177fd3439ed35b0b88b7b650a1c8240
Symantec Messaging Gateway 9.5.3-3 Unauthorized SSH Access
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthorized ssh access vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory
SHA-256 | c0fb665289612f001a3b0b55edd4149f5142e0dc932b0d8e4991ffd2e0c26fc2
Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, csrf
SHA-256 | 378f303f72289da19ddbd813812ef932bf32812e90d735f95783481de4d04b58
Apple Security Advisory 2012-09-17-1
Posted Sep 18, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-17-1 - Apple Remote Desktop 3.5.3 is now available and addresses an information disclosure vulnerability.

tags | advisory, remote, info disclosure
systems | apple
advisories | CVE-2012-0681
SHA-256 | 15417159543689958e35449fe891ef88e1551b36f07a6054a729946d40ac107f
Fortigate UTM WAF Appliance Cross Site Scripting
Posted Sep 18, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Fortigate UTM WAF Appliance suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 0559718c9efd3df76f1d071fa0b3c558881ae613812b65f9b546708e466f56f7
How I DOS'ed My Bank
Posted Sep 18, 2012
Authored by FB1H2S

This is a brief whitepaper that discusses DTMF input processing and easy denial of service attack via phone lines against banking systems.

tags | paper, denial of service
SHA-256 | 69dbef581e13a4637e1b0aa3251b231aa329ac074cbf3ea2f4870506046ed98f
WordPress 3.4.2 User Enumeration / Path Disclosure
Posted Sep 18, 2012
Authored by Akastep

WordPress version 3.4.2 appears to suffer from user enumeration and path disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | f672ffa3fe1c2cdc32145c392c8ccd21e2a5005b5593a62f5cdd4f6628b98a9b
Symantec Messaging Gateway 9.5.3-3 Disclosure
Posted Sep 18, 2012
Authored by Ben Williams | Site nccgroup.com

Symantec Messaging Gateway version 9.5.3-3 suffers from an unauthenticated detailed version disclosure vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory
SHA-256 | bbb4709841e4fe0d02dc171408f915bd1b98a01e969446b1da6b82f3608fa832
Avcmedia CMS SQL Injection
Posted Sep 18, 2012
Authored by Am!r | Site irist.ir

Avcmedia CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | 386079be1ad4a0714a78b9a73a2cebfd9bde5ba6e3a91636f4f08ec4ab3ec5f2
vBulletin 4.1.12 SQL Injection
Posted Sep 18, 2012
Authored by Am!r | Site irist.ir

vBulletin version 4.1.12 suffers from a remote SQL injection vulnerability in blog_plugin_useradmin.php.

tags | exploit, remote, php, sql injection
SHA-256 | 2ff2c6b6842c2bb85c4e27bab7b624e79849eea8da77f95cba7862aa7f6a63b4
WordPress Author Name Disclosure
Posted Sep 18, 2012
Authored by PistqoN

A simple request to WordPress discloses a given author's name in the title when you enumerate values for author=.

tags | exploit, info disclosure
SHA-256 | 523ced8ffd06cb5ce06338ed19e6b1fe16dd2776ba083fa543553d63fdd4b571
Secunia Security Advisory 50604
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in CoSoSys Endpoint Protector, which can be exploited by malicious people to conduct brute-force attacks.

tags | advisory
SHA-256 | 7934a61c0aa8afa7ae8f51c53d2ea05ae28ccb5156ad65314c778d7b3f304042
Secunia Security Advisory 50679
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for spice-gtk. This fixes a vulnerability, which can be exploited by malicious, local users to potentially gain escalated privileges.

tags | advisory, local
systems | linux, redhat
SHA-256 | ef5be48554fb68e45b2229dc4a1cb28fc1e887c3b2b0bd3da1828ed3bc712473
Secunia Security Advisory 50643
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Jenkins, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | ea2f13f12305c190f04e091559c56c36a7d495bd7b697ccc6f1d384453130d7e
Secunia Security Advisory 50654
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OptiPNG, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | be9a29897e64e26110ed698afd670d310015fc407bda9a524551475e2aa1b929
Secunia Security Advisory 50626
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 52a4ca22d29d239078dc8e9ff621d64f46b60d252bcc5423493f0dbc1da20ab2
Secunia Security Advisory 50642
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Business Transaction Management, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 215e7f965c56e7b3584c25179813071521f08229313297bed42c96a7dc9e5a8c
Secunia Security Advisory 50653
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, suse
SHA-256 | a3e1aa703bba0bbc779338ac22ab2448dbe4df7132569bb1d234205e21f8a76b
Secunia Security Advisory 50588
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weaknesses and some security issues have been reported in Moodle, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose certain system information and bypass certain security restrictions.

tags | advisory
SHA-256 | 4db216c859c9b3dab1eca0056e445d7aee587a43e2690114d09243c880938d21
Secunia Security Advisory 50661
Posted Sep 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for inn. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, suse
SHA-256 | 58c7b8376cb98d77cb9b9daf0341ad4d2ae396193c52517c6f10bb20a5cc7066
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close