what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files

Ledger MCU Backdoor
Posted Mar 21, 2018
Authored by Saleem Rashid | Site saleemrashid.com

Proof-of-concept exploit for the Ledger Nano S that hides the non-genuine user interface confirmation. Intentionally unreliable to avoid weaponization. It should be trivial to adapt to the Ledger Blue.

tags | exploit
SHA-256 | 6cfcc12e16811027480ebacc4a36f5fcc88bbc466900a68ce5c618f75206bf74

Related Files

Ubuntu Security Notice USN-5097-1
Posted Oct 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5097-1 - It was discovered that LedgerSMB incorrectly handled certain inputs. An attacker could use this to leak sensitive information, cause a DoS, or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3693
SHA-256 | 984bebbc6bedc09a3c18d8fba143a8afaaa1de6d468b180259e8a08b5cd6f8f7
Debian Security Advisory 4962-1
Posted Aug 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4962-1 - The update for ledgersmb released as DSA 4862-1 introduced a regression in the display of some search results. Updated ledgersmb packages are now available to correct this issue.

tags | advisory
systems | linux, debian
SHA-256 | 4f9d4bf6b0e20a288cb975a798832a4dc31c818f95dace609059a514d2777a32
Gentoo Linux Security Advisory 202004-05
Posted Apr 2, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202004-5 - Multiple vulnerabilities have been found in ledger, the worst of which could result in the arbitrary execution of code. Versions less than 3.1.2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-12481, CVE-2017-12482, CVE-2017-2807, CVE-2017-2808
SHA-256 | 92a7a64a66bbe3d36df9adb6bcb9292019eeb3ecf20074f31f1d4a3d1e906355
LedgerSMB Improper Logout
Posted Feb 3, 2014
Authored by Chris Travers

LedgerSMB versions prior to 1.3.36 suffer from an improper logout vulnerability that can allow for replay attacks.

tags | exploit
SHA-256 | aebd76ca1473ca0c35d7b7dbc17da3b164760cd470cacb9812093262becbfd72
Secunia Security Advisory 50114
Posted Jul 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LedgerSMB, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | fd192c27c1a662c3c39472fc60c7ce046c6de1f5d8d69b9e0bf62ba894f90934
LedgerSMB 1.3 Denial Of Service
Posted Jul 31, 2012
Authored by Chris Travers

A security oversight has been discovered in LedgerSMB 1.3 which could allow a malicious user to cause a denial of service against LedgerSMB or otherwise affect the way in which certain forms of data would get entered.

tags | advisory, denial of service
SHA-256 | 4cd2f77e1b66b8024507a17ff8fd9246978a15c4237dcc46026b9a96ef1a1227
SQL-Ledger 2.8.33 / LedgerSMB 1.2.24 SQL Injection
Posted Aug 31, 2011
Authored by Chris Travers

SQL-Ledger versions 2.8.33 and below and LedgerSMB versions 1.2.24 and below suffer from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
SHA-256 | 74ae2dd9a5dbeecf672c223648b93cc3b3ea5aeb23766d4edca33c4cbbb332c1
Secunia Security Advisory 45780
Posted Aug 27, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SQL-Ledger, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 50c22ea6d08f57de3b5a5ba9d7683f54168b57651f4742c5b952bfdee832893a
LedgerSMB 1.2.24 SQL Injection
Posted Aug 25, 2011
Authored by Chris Travers

The LedgerSMB development team has found an SQL injection issue in LedgerSMB version 1.2.24. Because this issue stems from their common SQL-Ledger heritage, it affects all versions of LedgerSMB and has been confirmed in SQL-Ledger version 2.8.33.

tags | advisory, sql injection
SHA-256 | d46a40d761ab4f653c338833304f4974937256b45896dba52e8970d226b6ce1c
Secunia Security Advisory 45649
Posted Aug 22, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LedgerSMB, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 3cd05460eeb11474d202475d1463c79e7182b3807092cd0b77dd837d328f00f1
Secunia Security Advisory 43944
Posted Apr 19, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in SQL-Ledger, which can be exploited by malicious users to disclose sensitive information, manipulate certain data, and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 882ad86f863ebf84ff299af59404a063623ceb45d812d3497c8f7c837dc857ed
SQL-Ledger 2.8.33 Local File Inclusion
Posted Apr 15, 2011
Authored by bitform

SQL-Ledger versions 2.8.33 and below suffer from a post-authentication local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d496bd5127052681237e5a8a52806489423cb1aec3e9d326887a4e4dbc8804b1
Secunia Security Advisory 39690
Posted May 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in Knowledgeroot Knowledgebase, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 4a3f17b9c71416cd9d02cc9f612c9cf08ff15047b3b86f3f09d42d43c0823233
Secunia Security Advisory 38304
Posted Jan 29, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in LedgerSMB, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious users to conduct SQL injection attacks or bypass certain security restrictions.

tags | advisory, vulnerability, sql injection, csrf
SHA-256 | 597e279a83f4947a3dce5f574a463ad120e35e708ac96c42a9cad078476d58fc
SQL-Ledger Cross Site Request Forgery / Local File Inclusion / SQL Injection
Posted Jan 26, 2010
Authored by Chris Travers

SQL-Ledger has been patched to address cross site request forgery, local file inclusion, no secure flag on cookie, default administrator password and remote SQL injection vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion, csrf
advisories | CVE-2009-3580, CVE-2009-3582, CVE-2009-3583, CVE-2009-4402, CVE-2009-3584
SHA-256 | 285bfdfd6459c517b7d7fdad4e66f894515d9a97b2c09fb44c8c4036cdd19c20
Secunia Security Advisory 37877
Posted Dec 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alexander Klink has reported some vulnerabilities in SQL-Ledger, which can be exploited by malicious people to conduct cross-site request forgery attacks and by malicious users to conduct script insertion and SQL injection attacks, or bypass certain security restrictions.

tags | advisory, vulnerability, sql injection, csrf
SHA-256 | d4c003e38d3a0115a0cc0833fd7b098f524d48ddd7590d1a60b957d59299a22e
SQL-Ledger XSS / XSRF / SQL Injection / LFI
Posted Dec 22, 2009
Authored by Alexander Klink

SQL-Ledger suffers from cross site scripting, cross site request forgery, local file inclusion, SQL injection, and various other security vulnerabilities.

tags | exploit, local, vulnerability, xss, sql injection, file inclusion, csrf
advisories | CVE-2009-3580, CVE-2009-3581, CVE-2009-3582, CVE-2009-3583, CVE-2009-3584
SHA-256 | 3829bdb05149d1bc7598b7a78e6ebb24bc4dda65fe6aa1226850034c3332a707
Secunia Security Advisory 31843
Posted Sep 11, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in LedgerSMB, which can be exploited by malicious users to conduct SQL injection attacks and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, sql injection
SHA-256 | 76902667716363b96aa38145a41b62fcbcb27fb5cc6504ac02f347e3aa7572ce
ledgersmb1215-sql.txt
Posted Sep 11, 2008
Authored by Chris Murtagh, Seneca Cunningham

LedgerSMB versions below 1.2.15 suffer from resource exhaustion and SQL injection vulnerabilities.

tags | advisory, vulnerability, sql injection
SHA-256 | f91654fa49ad54ba3de6a606be0531eadae8156cfd640392ec62c9142e9d9e6d
Secunia Security Advisory 27171
Posted Oct 15, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in SQL-Ledger, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 591aa67bd412a383f98da7f1d61e365ca3cbe2ad6a89f8df2093eec23157af71
Secunia Security Advisory 27174
Posted Oct 12, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Knowledgeroot Knowledgebase, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 7bfd5f5974ddc6715dbae13a92f3b09be3d8ac938525e84d5c7277ea23aff4ca
Secunia Security Advisory 27159
Posted Oct 11, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in LedgerSMB, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | afd3e2458d2fe8922d7259386758d3bd36de88a66b7d38701dadbbb797eb64a1
ledgersmb-sql.txt
Posted Oct 10, 2007
Authored by Chris Travers

LedgerSMB versions 1.0.0 through 1.2.7 and SQL-Ledger version 2.x are susceptible to SQL injection vulnerabilities.

tags | advisory, vulnerability, sql injection
SHA-256 | eda42bf7f295bb93c14358c74c7fcb4333fb8f63d7b699a043b52c7b3368a891
Secunia Security Advisory 26121
Posted Jul 20, 2007
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in LedgerSMB, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 26df226a9f54b84138410faac52ae4462c13bd4cf62ac382d1909ca5c7d4ce06
ledgersmb-bypass.txt
Posted Jul 19, 2007
Authored by Chris Travers

LedgerSMB versions 1.2.0 through 1.2.6 suffer from an authentication bypass.

tags | advisory, bypass
SHA-256 | 095c2dbf209d876105110d06020263404fc91e57fbd9e2597f5c50ee7e4d301b
Page 1 of 2
Back12Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close