what you don't know can hurt you
Showing 1 - 25 of 1,444 RSS Feed

Operating System: SUSE

SUSE/Portus 2.2 Cross Site Scripting
Posted Sep 19, 2017
Authored by Ricardo Sanchez

SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
systems | linux, suse
SHA-256 | 0f89be3598b185b26e1d2346f6a7fe4fee3bd2aa160be8583d7a7b5cb67d1258
IBM OpenAdmin Tool SOAP welcomeServer PHP Code Execution
Posted Aug 22, 2017
Authored by securiteam | Site metasploit.com

This Metasploit module exploits an unauthenticated remote PHP code execution vulnerability in IBM OpenAdmin Tool included with IBM Informix versions 11.5, 11.7, and 12.1. The 'welcomeServer' SOAP service does not properly validate user input in the 'new_home_page' parameter of the 'saveHomePage' method allowing arbitrary PHP code to be written to the config.php file. The config.php file is executed in most pages within the application, and accessible directly via the web root, resulting in code execution. This Metasploit module has been tested successfully on IBM OpenAdmin Tool 3.14 on Informix 12.10 Developer Edition (SUSE Linux 11) virtual appliance.

tags | exploit, remote, web, arbitrary, root, php, code execution
systems | linux, suse
advisories | CVE-2017-1092
SHA-256 | cb6e9a3b36f0f3954b25245916aa392a5a80294c27ec99178fffa5ccf236d183
Mandriva Linux Security Advisory 2015-140
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-140 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed. The ntp package has been patched to fix these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, suse, mandriva
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297, CVE-2014-9298
SHA-256 | 6c051822021817ac7fc8875977c5ca320de4662ed0ed8219480997118279051d
Mandriva Linux Security Advisory 2015-046
Posted Feb 12, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-046 - Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed.

tags | advisory, denial of service
systems | linux, suse, mandriva
advisories | CVE-2014-9297, CVE-2014-9298
SHA-256 | 1738bc161859133a34d1c1b3f945bb293d62965b7ce6af9e1ab54e8936be9dd5
Novell ZENworks Configuration Management Remote Execution
Posted Apr 2, 2013
Authored by James Burton, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in Novell ZENworks Configuration Management 10 SP3 and 11 SP2. The vulnerability exists in the ZEnworks Control Center application, allowing an unauthenticated attacker to upload a malicious file outside of the TEMP directory and then make a second request that allows for arbitrary code execution. This Metasploit module has been tested successfully on Novell ZENworks Configuration Management 10 SP3 and 11 SP2 on Windows 2003 SP2 and SUSE Linux Enterprise Server 10 SP3.

tags | exploit, arbitrary, code execution
systems | linux, windows, suse
advisories | CVE-2013-1080, OSVDB-91627
SHA-256 | cac2ca5c89d3eedff27bc84da293cd736f6780ad4a09e145d499b111dfd7d70d
Secunia Security Advisory 52149
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for ruby on rails. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and to compromise a vulnerable system.

tags | advisory, vulnerability, sql injection, ruby
systems | linux, suse
SHA-256 | 003b99916635d79ac2ea5f23728b08b511d8e360e3c4a3d88e65b94f4d4e96bc
Secunia Security Advisory 52153
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | 5e92ae7f742fa82fab67fe8e7cef7571e17317c9478de579da12c42cf8b6745f
Secunia Security Advisory 52135
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to conduct clickjacking attacks.

tags | advisory
systems | linux, suse
SHA-256 | e4e6b8fec457d64f8f70c9935b61d29af98c716c50be91393d585316dd99d882
Secunia Security Advisory 52077
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, suse
SHA-256 | b0db8950a3bcae5cfacfd30fe0786ab2318312006549624438b1e2732f2b7280
Secunia Security Advisory 52152
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, suse
SHA-256 | 2a493dfcc767c16f6d06aff5aebbf39787bc065e8d7595b6bcdcd2172cdd69b4
Secunia Security Advisory 52151
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 0bc9a466ad7fa79732ade010be559491a38d3bb63f5b6d0403367453a4ccab55
Secunia Security Advisory 52204
Posted Feb 13, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability with an unknown impact.

tags | advisory
systems | linux, suse
SHA-256 | 63a30d57056bfc6fec216ffd2139f51684af70d2f9171330a3ea63a1177e3281
Secunia Security Advisory 52150
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 5db6bb4c8dea5aaeb9c3f3e8bbab27563200633b4f24cd7256e2411814fb4dbb
Secunia Security Advisory 52148
Posted Feb 12, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gnutls. This fixes a vulnerability, which can be exploited by malicious people to potentially cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 2383e2bf6443f36b67ca12f5a36d7ecb319121023ea637cdc21fa6101b152fad
Secunia Security Advisory 52159
Posted Feb 11, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MySQL. This fixes multiple vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | e08a115dd55ab8f1ba2ca44b08217ce6eebddf2055336d3f2b977c1bcabca785
Secunia Security Advisory 52160
Posted Feb 11, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for kernel. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, kernel, local
systems | linux, suse
SHA-256 | 09aa77d4f84b0661fa4c1f1e876eac05266fa0264e39d722d4c4b233a42280d7
Secunia Security Advisory 52049
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for v8. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 6872455564784abcad7dc6e121b17f27badd252bd60961f49652b9a619a8ae8c
Secunia Security Advisory 52113
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for apache2. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, suse
SHA-256 | 6b4ae1ffec093c9e24f5aa57b49a28b7d4a084a797a73c02f182629787c51042
Secunia Security Advisory 52111
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for apache2. This fixes two weaknesses, a security issue, and a vulnerability, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, local, xss
systems | linux, suse
SHA-256 | bc95e9d356193ef09f69dac591db77dbbe6b05535d4ffe0af27ad4e68b8e8fc0
Secunia Security Advisory 52124
Posted Feb 7, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libupnp. This fixes three vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 0f2e44b8d085a0ee97b6b59463e6bf375d60e8307340d164932b80e158d65594
Secunia Security Advisory 52044
Posted Feb 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for virtualbox. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
SHA-256 | 134f023056e7d570e539e094e2dd53ba31cd81dc98a92c311107f829c96cacfd
Secunia Security Advisory 52039
Posted Feb 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for chromium. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 08fe3615164a017ac47ef9f1f361a1b09438f14fda277b440b8ff5ceb1bdf4ea
Secunia Security Advisory 52008
Posted Jan 28, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_7_0-openjdk. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, java, vulnerability
systems | linux, suse
SHA-256 | 4d4c484b763f9ab92e1f8e0f3ff1dd1906cb38fec839fe15818c7688b4c22b65
Secunia Security Advisory 51947
Posted Jan 25, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for WebYaST and SUSE Studio Standard Edition. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.

tags | advisory
systems | linux, suse
SHA-256 | 69e545b46ae1587cecb24bcdf945b32484df927fa42edb3d47fb71a398862ec6
Secunia Security Advisory 51973
Posted Jan 25, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an updated for libtiff. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 408532807286f17437e2f1297d3acd50f7f3f34a3a7bfc5b26c6ad9d74dc025b
Page 1 of 58
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close