The Avamar Server root user password is stored in plain text on Avamar VMWare proxy client. This could allow a malicious user with network access to proxy client and Avamar Server to gain privileged access to the Avamar server.
42555590e2ec1eaa4ed0e58462ba49dc8fd26c16852f27e2bdf6f80bb817912e
TP-LINK TL-WR841N suffers from a local file inclusion vulnerability. Firmware versions 3.13.9 Build 120201 Rel.54965n and below are affected.
30b33ca4e19b4006382480798e9d11511f9fab053f7f020f3416d3cf693d302a
Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix a security issue.
b3530772c2e519ca40f58872a39ef3d1c3c568a41a37bf4943b3f7cd0265fd4f
Call For Papers for Positive Hack Days III which will take place May 22nd through the 23rd, 2013 in Moscow, Russia.
237eb04df98bf6a16b35515b1159888b207611bd72f3be73b9dd33105d775d8c
Call For Papers for DIMVA 2013, the 10th International Conference on Detection of Intrusions and Malware and Vulnerability Assessment. This conference will be held from July 18th through the 19th, 2013 in Berlin, Germany.
9ddb48597e48c32b3f1033d4fa44bd5a3f93eb6c773439796f3781e973b3a09b
360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.
83a14cd01c162dbb2b4f78021b1b6a8d2a95fc60ef2cb2d383c7c55458a39622
Secunia Security Advisory - Some vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
ffc00ca2f9a908e46dec016bb7a8b16923322b279631060c67fe58158b246bea
Secunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver Process Integration, which can be exploited by malicious people to disclose potentially sensitive information.
2d6807ea481f9b69db211fe8f581d889683598c20c45bd0627ca7d22573b2518
Secunia Security Advisory - Debian has issued an update for exim4. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
f633d5ddb7743f28fda9f71d0d87659940f8023d21bd4ee685b6db34f5eae6bb
Secunia Security Advisory - ERPScan has reported a vulnerability in Oracle Business Intelligence, which can be exploited by malicious people to conduct cross-site scripting attacks.
ef6f1af2c2008304225c80b1b14790e0dfd64dd07eff9da161c91cf4bffc0e99
Secunia Security Advisory - Red Hat has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
985fb172a58814d1499ccd7da2a669c0ba03f92af15fa62ba5c618135e262d97
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
a6d20c0c7e9a201910ffd9d38caa6fc8e25c61bc38ea0dcdea1feb5802aabc00
Secunia Security Advisory - Debian has issued an update for rtfm. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.
0d4eb7d52fbe4e46a3dc7abd115d0a558f410c852380b9c2d1a29f34023fc2ff
Secunia Security Advisory - Ubuntu has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
6b905e4277fce4fc889eb97d40442bf619cc159192e9ee19fc1789b7238c992e
Secunia Security Advisory - Debian has issued an update for request-tracker3.8. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct spoofing attacks, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to conduct cross-site request forgery attacks.
8dce55e4b09c534669667c8eaca07fa840578e864796ecc3c26089485d97f61c
Secunia Security Advisory - SUSE has issued an update for exim. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
1e07b274ee5ff2dc78544963b5b613c491dc53de876849737d3f06be02d2ea13
Secunia Security Advisory - Ubuntu has issued an update for exim4. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
74d9ca41fd0ea7cd018a60b054c9c3b110a912de43ea2b0d16bbf72c99223ee6
This Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x8c opcode. This Metasploit module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.
b17f8aa903e5e1fb8c11edc59aa31a5d56b46b6c73d9f2b8f5465c470c2951aa
This Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component (coda.exe) when parsing requests for the 0x34 opcode. This Metasploit module has been tested successfully on HP Operations Agent 11.00 over Windows XP SP3 and Windows 2003 SP2 (DEP bypass). The coda.exe components runs only for localhost by default, network access must be granted through its configuration to be remotely exploitable. On the other hand it runs on a random TCP port, to make easier reconnaissance a check function is provided.
809a9aac4f2a408b3f9058799cf1083d77ec0a7e8360fb3dc6acb06f3554aeee
This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability.
ae2e0907bda1eeb2906f4560caa8085b35712d1a7fe05eeb19dddd8fe8de7ac1
Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
f5025f8f3cf38601f02fc821e95e9ff7774909fa90c2605ec0dfe5c8b46ff0a5
Aladdin Knowledge System Ltd PrivAgent.ocx ChooseFilePath buffer overflow proof of concept exploit.
6b0e1f5b8ce0b43f6fe89b5aefc2eb998856bca69d78c4825813a7b9d9459d3d
This is a brief whitepaper detailing how to bypass the Avast! sandbox using alternate data streaming.
586680dac0f8f3d57c5eef0b2ad0936aa1ccd4bdf17ed5704a5051a36a13ff3f
hMailServer version 5.3.3 IMAP remote crash proof of concept exploit.
454219d88cfcbbb8095c691c1741bbe47a484f55661fbda3a4c11ecd92d298bb
Microsoft Windows Help memory corruption proof of concept exploit.
82d19ca3b60a9332405e2523a1e48b00ebbabb65324fe0407d610384e7436670