Exploit the possiblities
Showing 1 - 25 of 1,444 RSS Feed

Operating System: SUSE

SUSE/Portus 2.2 Cross Site Scripting
Posted Sep 19, 2017
Authored by Ricardo Sanchez

SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
systems | linux, suse
MD5 | 45c4673d073bbdcf395b309bad7cd3d0
IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution
Posted Aug 22, 2017
Authored by securiteam | Site metasploit.com

This Metasploit module exploits an unauthenticated remote PHP code execution vulnerability in IBM OpenAdmin Tool included with IBM Informix versions 11.5, 11.7, and 12.1. The 'welcomeServer' SOAP service does not properly validate user input in the 'new_home_page' parameter of the 'saveHomePage' method allowing arbitrary PHP code to be written to the config.php file. The config.php file is executed in most pages within the application, and accessible directly via the web root, resulting in code execution. This Metasploit module has been tested successfully on IBM OpenAdmin Tool 3.14 on Informix 12.10 Developer Edition (SUSE Linux 11) virtual appliance.

tags | exploit, remote, web, arbitrary, root, php, code execution
systems | linux, suse
advisories | CVE-2017-1092
MD5 | b78839adcfa2b9b750dba9d03fc684b8
Mandriva Linux Security Advisory 2015-140
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-140 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed. The ntp package has been patched to fix these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, suse, mandriva
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297, CVE-2014-9298
MD5 | 63eace47c4bb590165b141e4cf13cf56
Mandriva Linux Security Advisory 2015-046
Posted Feb 12, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-046 - Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed.

tags | advisory, denial of service
systems | linux, suse, mandriva
advisories | CVE-2014-9297, CVE-2014-9298
MD5 | 96c786831d217fa6fc18b336957264a6
Novell ZENworks Configuration Management Remote Execution
Posted Apr 2, 2013
Authored by James Burton, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in Novell ZENworks Configuration Management 10 SP3 and 11 SP2. The vulnerability exists in the ZEnworks Control Center application, allowing an unauthenticated attacker to upload a malicious file outside of the TEMP directory and then make a second request that allows for arbitrary code execution. This Metasploit module has been tested successfully on Novell ZENworks Configuration Management 10 SP3 and 11 SP2 on Windows 2003 SP2 and SUSE Linux Enterprise Server 10 SP3.

tags | exploit, arbitrary, code execution
systems | linux, windows, suse
advisories | CVE-2013-1080, OSVDB-91627
MD5 | 6880855d26d4b493acfa080a98b99059
Secunia Security Advisory 52149
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for ruby on rails. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and to compromise a vulnerable system.

tags | advisory, vulnerability, sql injection, ruby
systems | linux, suse
MD5 | af5b0f07ec2a6d842e8acf44de26b42b
Secunia Security Advisory 52153
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | b4b32b06479e9dc8ad56a934682726f0
Secunia Security Advisory 52135
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to conduct clickjacking attacks.

tags | advisory
systems | linux, suse
MD5 | d56ac76efb05bcc0033ebd280274db5f
Secunia Security Advisory 52077
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, suse
MD5 | 731548357c69e80c74a4f74044649952
Secunia Security Advisory 52152
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | e296269d71df7863d9632c8131607a15
Secunia Security Advisory 52151
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 3edc1eb13c9b3e2a24d74081fdcc1837
Secunia Security Advisory 52204
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability with an unknown impact.

tags | advisory
systems | linux, suse
MD5 | e546589a09e57b48d331a12543960949
Secunia Security Advisory 52150
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 2325d603c2141a87813a5723f824db05
Secunia Security Advisory 52148
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gnutls. This fixes a vulnerability, which can be exploited by malicious people to potentially cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
systems | linux, suse
MD5 | 32893a9674eabbb394c1c1d21a709ef2
Secunia Security Advisory 52159
Posted Feb 11, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MySQL. This fixes multiple vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 1ee7749aa06c79f5bb91d99699539e75
Secunia Security Advisory 52160
Posted Feb 11, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for kernel. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, kernel, local
systems | linux, suse
MD5 | 1b16ab2490a6469a30e5aab37d800d19
Secunia Security Advisory 52049
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for v8. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 05ac7ca3c2aab90bc4d4d48949921f62
Secunia Security Advisory 52113
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for apache2. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, suse
MD5 | ab1cd02842cb3e0188e9518b0cccccf2
Secunia Security Advisory 52111
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for apache2. This fixes two weaknesses, a security issue, and a vulnerability, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, local, xss
systems | linux, suse
MD5 | 6bac9c326427b43d32a517059acb3460
Secunia Security Advisory 52124
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libupnp. This fixes three vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 2ba9385b4c07fea626704641bea88c2c
Secunia Security Advisory 52044
Posted Feb 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for virtualbox. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
MD5 | 6e352c4e5456264d76963e8b5ccc9057
Secunia Security Advisory 52039
Posted Feb 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for chromium. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | e0339b7f59bf3e4c9016375c0fb364cb
Secunia Security Advisory 52008
Posted Jan 28, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_7_0-openjdk. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, java, vulnerability
systems | linux, suse
MD5 | 67e27dc578b9824b470d2074f448832d
Secunia Security Advisory 51947
Posted Jan 25, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for WebYaST and SUSE Studio Standard Edition. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, suse
MD5 | 236d74f7e23268fac57972151cf7f5d8
Secunia Security Advisory 51973
Posted Jan 25, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an updated for libtiff. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 4776160f1a694bd39ffb8af364a73563
Page 1 of 58
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close