what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Websense (Triton 7.6) Authentication Bypass
Posted May 2, 2012
Authored by Ben Williams | Site ngssoftware.com

Websense (Triton version 7.6) suffers from an authentication bypass vulnerability in the report management UI.

tags | exploit, bypass
MD5 | 95c35e7dca133ded811d4ac9798a6f6f

Related Files

Zero Day Initiative Advisory 12-143
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-143 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DWGDP.DLL, which is responsible for parsing DXF files. When processing MTEXT strings in the ENTITIES section of the DXF file, certain characters are sought after to end the string copy function. If these characters are not found, the copy function will continue to copy data outside of the stack buffer, causing memory corruption. An attacker can utilize this vulnerability to execute code under the context of the program.

tags | advisory, remote, arbitrary
advisories | CVE-2012-1888
MD5 | 572d0b4809509c43b25284eaac3f86e2
Red Hat Security Advisory 2012-1151-01
Posted Aug 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1151-01 - OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-2668
MD5 | 5dbfb3d1c36d35bcadf0a4dde97a96d0
Mandriva Linux Security Advisory 2012-122
Posted Aug 3, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-122 - Multiple vulnerabilities has been discovered and corrected in icedtea-web. An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the browser used, it may cause the browser to crash or possibly execute arbitrary code. It was discovered that the IcedTea-Web web browser plugin incorrectly assumed that all strings provided by browser are NUL terminated, which is not guaranteed by the NPAPI (Netscape Plugin Application Programming Interface. When used in a browser that does not NUL terminate NPVariant NPStrings, this could lead to buffer over-read or over-write, resulting in possible information leak, crash, or code execution. The updated packages have been upgraded to the 1.1.6 version which is not affected by these issues.

tags | advisory, web, arbitrary, vulnerability, code execution
systems | linux, mandriva
advisories | CVE-2012-3422, CVE-2012-3423
MD5 | 3cc27f97068a6b9857d9f6b7e626b6c0
Ubuntu Security Notice USN-1521-1
Posted Jul 31, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1521-1 - Chamal De Silva discovered that the IcedTea-Web Java web browser plugin could dereference an uninitialized pointer. A remote attacker could use this to craft a malicious web page that could cause a denial of service by crashing the web browser or possibly execute arbitrary code. Steven Bergom and others discovered that the IcedTea-Web Java web browser plugin assumed that all strings provided by browsers are NULL terminated, which is not guaranteed by the NPAPI (Netscape Plugin Application Programming Interface). A remote attacker could use this to craft a malicious Java applet that could cause a denial of service by crashing the web browser, expose sensitive information or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, java, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3422, CVE-2012-3423, CVE-2012-3422, CVE-2012-3423
MD5 | 14c3623fa76ed21327ac5ea71b7ed2d5
Red Hat Security Advisory 2012-1132-01
Posted Jul 31, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1132-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. An uninitialized pointer use flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could possibly cause a web browser using the IcedTea-Web plug-in to crash, disclose a portion of its memory, or execute arbitrary code. It was discovered that the IcedTea-Web plug-in incorrectly assumed all strings received from the browser were NUL terminated. When using the plug-in with a web browser that does not NUL terminate strings, visiting a web page containing a Java applet could possibly cause the browser to crash, disclose a portion of its memory, or execute arbitrary code.

tags | advisory, java, web, arbitrary
systems | linux, redhat
advisories | CVE-2012-3422, CVE-2012-3423
MD5 | 50bef58daea95da735fd6ff2b279dfb6
Setuid Nmap Exploit
Posted Jul 19, 2012
Authored by egypt | Site metasploit.com

Nmap's man page mentions that "Nmap should never be installed with special privileges (e.g. suid root) for security reasons.." and specifically avoids making any of its binaries setuid during installation. Nevertheless, administrators sometimes feel the need to do insecure things. This Metasploit module abuses a setuid nmap binary by writing out a lua nse script containing a call to os.execute(). Note that modern interpreters will refuse to run scripts on the command line when EUID != UID, so the cmd/unix/reverse_{perl,ruby} payloads will most likely not work.

tags | exploit, root, perl, ruby
systems | unix
MD5 | 451cc1f390a0ee0ae43183a67ef08439
URLCrazy Domain Name Typo Tool 0.5
Posted Jul 19, 2012
Authored by Andrew Horton (urbanadventurer) | Site morningstarsecurity.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Now supports Ruby1.9.1, CSV output, homoglyphs, shows the country for IPs.
tags | tool, web
systems | unix
MD5 | bfe2e0c71cc5160530b773f15d242964
Secunia Security Advisory 49896
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Resume Submissions & Job Postings plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | f442c38d6d136b82f826f5179d3504ab
WordPress Resume Submissions / Job Postings 2.5.1 Shell Upload
Posted Jul 13, 2012
Authored by Chris Kellum

WordPress Resume Submissions and Job Postings plugin version 2.5.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | f4899f14244552c6921c182b8b197f23
strongSwan IPsec Implementation 5.0.0
Posted Jul 3, 2012
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.

Changes: The IKEv1 protocol was re-implemented from scratch by extending the successful IKEv2 code. The charon keying daemon now supports both protocols, which allowed the old IKEv1 pluto daemon to be removed. Support for the IKEv1 Aggressive and Hybrid Modes has been added.
tags | tool, encryption, protocol
systems | linux, freebsd, apple, osx
MD5 | 1d7bccb50f01020bb04d06e9755e0eec
Secunia Security Advisory 49749
Posted Jul 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - NGS Secure has reported a vulnerability in the Graph Explorer component for Nagios XI, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 7e4e80ff45f6e27399d37d7b28142464
Mandriva Linux Security Advisory 2012-096-1
Posted Jul 2, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-096 - Multiple vulnerabilities has been discovered and corrected in python. The _ssl module would always disable the CBC IV attack countermeasure. A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name to a server could possibly perform a cross-site scripting attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file. A race condition was found in the way the Python distutils module set file permissions during the creation of the.pypirc file. Various other issues were also addressed.

tags | advisory, vulnerability, xss, python
systems | linux, mandriva
advisories | CVE-2011-3389, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, CVE-2012-0876, CVE-2012-1150
MD5 | 9dad8d0091ad24def18306069abf416c
Zero Day Initiative Advisory 12-102
Posted Jun 28, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-102 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required in that a target must visit a malicious page or open a malicious file. The flaw exists within the exposed GetDriverSettings method in the nipplib component imported by ienipp and npnipp. When encountering a realm parameter this user supplied value's length is not properly verified before copying into a fixed length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary
advisories | CVE-2011-4187
MD5 | 0adcb46c88fc004173174faa48e545d4
Hashdays 2012 Call For Papers
Posted Jun 25, 2012
Site hashdays.ch

Hashdays 2012 Call For Papers - Hashdays is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks. The event features many international IT security experts sharing their deep technical knowledge in an open environment and takes place October 31st to November 3rd, 2012 in Lucerne.

tags | paper, conference
MD5 | 0d9b06173bf8b27af376f4e5f7fec032
Nmap Port Scanner 6.01
Posted Jun 24, 2012
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Multiple bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | bf87f6cabb1b65576f73140a1feb207c
Mandriva Linux Security Advisory 2012-096
Posted Jun 21, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-096 - Multiple vulnerabilities has been discovered and corrected in python. A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. A race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. Various other issues have also been addressed. The updated packages have been patched to correct these issues.

tags | advisory, vulnerability, python
systems | linux, mandriva
advisories | CVE-2011-3389, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, CVE-2012-0876, CVE-2012-1150
MD5 | 2ea6b630ab4083b2d6da0e0cb314b1b7
Red Hat Security Advisory 2012-0811-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0811-04 - The php-pecl-apc packages contain APC, the framework for caching and optimization of intermediate PHP code. A cross-site scripting flaw was found in the "apc.php" script, which provides a detailed analysis of the internal workings of APC and is shipped as part of the APC extension documentation. A remote attacker could possibly use this flaw to conduct a cross-site scripting attack. Note: The administrative script is not deployed upon package installation. It must manually be copied to the web root .

tags | advisory, remote, web, root, php, xss
systems | linux, redhat
advisories | CVE-2010-3294
MD5 | c1f2e2155f67e7037dd2ce43ca63f41c
Ubuntu Security Notice USN-1477-1
Posted Jun 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1477-1 - Georgi Guninski discovered that APT did not properly validate imported keyrings via apt-key net-update. USN-1475-1 added additional verification for imported keyrings, but it was insufficient. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. This update corrects the issue by disabling the net-update option completely. A future update will re-enable the option with corrected verification.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2012-0954
MD5 | a872f452ada6e25e1e3bae2203a0fea5
Ubuntu Security Notice USN-1475-1
Posted Jun 16, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1475-1 - Georgi Guninski discovered that APT relied on GnuPG argument order and did not check GPG subkeys when validating imported keyrings via apt-key net-update. While it appears that a man-in-the-middle attacker cannot exploit this, as a hardening measure this update adjusts apt-key to validate all subkeys when checking for key collisions.

tags | advisory
systems | linux, ubuntu
MD5 | 9bda0462f9269e003cc738297124516f
Secunia Security Advisory 49537
Posted Jun 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the kk Star Ratings plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 28167329767b7a6669ab1174ce4893e9
FreeBSD Security Advisory - Kernel Privilege Escalation
Posted Jun 12, 2012
Authored by Rafal Wojtczuk, John Baldwin | Site security.freebsd.org

FreeBSD Security Advisory - The FreeBSD operating system implements a rings model of security, where privileged operations are done in the kernel, and most applications request access to these operations by making a system call, which puts the CPU into the required privilege level and passes control to the kernel. FreeBSD/amd64 runs on CPUs from different vendors. Due to varying behaviour of CPUs in 64 bit mode a sanity check of the kernel may be insufficient when returning from a system call. Successful exploitation of the problem can lead to local kernel privilege escalation, kernel data corruption and/or crash.

tags | advisory, kernel, local
systems | freebsd
advisories | CVE-2012-0217
MD5 | 56d3bf6b6e660c92e8067bdb14796166
Secunia Security Advisory 49336
Posted Jun 4, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for strongswan. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, suse
MD5 | 6bb89c114c0ea04422ce395a4ab7d66e
Secunia Security Advisory 49370
Posted Jun 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in strongSwan, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 22d0a987f5479a2a54b6841fc675cb14
Secunia Security Advisory 49315
Posted Jun 1, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for strongswan. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, debian
MD5 | 105768f0b9143f7282913590ca9c2e68
Debian Security Advisory 2483-1
Posted Jun 1, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2483-1 - An authentication bypass issue was discovered by the Codenomicon CROSS project in strongSwan, an IPsec-based VPN solution. When using RSA-based setups, a missing check in the gmp plugin could allow an attacker presenting a forged signature to successfully authenticate against a strongSwan responder.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2388
MD5 | 03293a0423f67544c76e2a16b7aaf668
Page 1 of 4
Back1234Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close