what you don't know can hurt you
Showing 76 - 100 of 100 RSS Feed

Files

PHP Login And User Management 4.1.0 Shell Upload
Posted May 24, 2018
Authored by Reginald Dodd

PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
advisories | CVE-2018-11392
MD5 | bd0631b0840255f200ab219736fbbaaa

Related Files

Sagan Log Monitor 0.2.1
Posted Apr 6, 2012
Authored by Champ Clark III | Site sagan.softwink.com

Sagan is multi-threaded, real-time system- and event-log monitoring software, but with a twist. Sagan uses a "Snort" like rule set for detecting nefarious events happening on your network and/or computer systems. If Sagan detects a "bad thing" happening, it can do a number of things with that information. Sagan can also correlate the events with your Intrusion Detection/Intrusion Prevention (IDS/IPS) system and basically acts like an SIEM (Security Information and Log Management) system.

Changes: Several bug fixes and code clean up.
tags | tool, sniffer
systems | unix
MD5 | 8c6bbc874d1dba024e5d32ac06693a10
Red Hat Security Advisory 2012-0451-01
Posted Apr 3, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0451-01 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-0060, CVE-2012-0061, CVE-2012-0815
MD5 | e1ebdafc731a17c30fafb41f24928280
Red Hat Security Advisory 2012-0441-01
Posted Apr 3, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0441-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.2.0. It includes various bug fixes and enhancements. The following security issues are also fixed with this release: It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, remote, xxe
systems | linux, redhat
advisories | CVE-2011-4314, CVE-2012-0818
MD5 | a89039a4a91c060565a037962444f37e
Debian Security Advisory 2445-1
Posted Apr 1, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2445-1 - Several remote vulnerabilities have been discovered in the TYPO3 web content management framework.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2012-1606, CVE-2012-1607, CVE-2012-1608
MD5 | bfa6fa633f848b4dec65292a864df2fa
Red Hat Security Advisory 2012-0436-01
Posted Mar 29, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0436-01 - Red Hat Network Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. It was found that a remote attacker could upload packages to an RHN Satellite server's NULL organization without any authorization or authentication. Although an attacker cannot put packages into an arbitrary channel and have client systems download them, they could use the flaw to consume all the free space in the partition used to store synced packages. With no free space, Satellite would be unable to download updates and new packages, preventing client systems from obtaining them.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2012-1145
MD5 | 7bc2c38df6bd4b0e21e1eb8854ab2072
GNU Privacy Guard 2.0.19
Posted Mar 29, 2012
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: A space-separated fingerprint is now accepted as a user ID, to ease copying and pasting. The longest key ID available is now used by default. Support for the original HKP keyserver has been dropped. The trustdb is now rebuilt after changing the option "--min-cert-level". The option "--cert-digest-algo" is now honored when creating a cert. Detection of JPEG files has been improved.
tags | tool, encryption
MD5 | 6a8589381ca1b0c1a921e9955f42b016
Cisco Security Advisory 20120328-ssh
Posted Mar 29, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Secure Shell (SSH) server implementation in Cisco IOS Software and Cisco IOS XE Software contains a denial of service (DoS) vulnerability in the SSH version 2 (SSHv2) feature. An unauthenticated, remote attacker could exploit this vulnerability by attempting a reverse SSH login with a crafted username. Successful exploitation of this vulnerability could allow an attacker to create a DoS condition by causing the device to reload. Repeated exploits could create a sustained DoS condition. The SSH server in Cisco IOS Software and Cisco IOS XE Software is an optional service, but its use is highly recommended as a security best practice for the management of Cisco IOS devices. Devices that are not configured to accept SSHv2 connections are not affected by this vulnerability. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, denial of service, shell
systems | cisco, osx
advisories | CVE-2012-0386
MD5 | a91d87508705fbbed4ab6cf5e057b000
Red Hat Security Advisory 2012-0427-01
Posted Mar 28, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0427-01 - libtasn1 is a library developed for ASN.1 structures management that includes DER encoding and decoding. A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input that, when parsed by an application that uses libtasn1, could cause the application to crash.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-1569
MD5 | a43eef1826a4d7960f6d2deaa0d89c9c
Red Hat Security Advisory 2012-0428-01
Posted Mar 28, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0428-01 - The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security. GnuTLS includes libtasn1, a library developed for ASN.1 structures management that includes DER encoding and decoding. A flaw was found in the way GnuTLS decrypted malformed TLS records. This could cause a TLS/SSL client or server to crash when processing a specially-crafted TLS record from a remote TLS/SSL connection peer.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2011-4128, CVE-2012-1569, CVE-2012-1573
MD5 | 765c01a1a7095fb564e5f4803e7ab78e
Tim Hendriks Content Management System SQL Injection
Posted Mar 24, 2012
Authored by Ali.Erroor

Tim Hendriks Content Management System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b1469614cf5e15cffbf8a0116aada2d1
Secunia Security Advisory 48501
Posted Mar 21, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Novell ZENworks Configuration Management, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 0e6df2764fa0dc9f6eb20889bca5564d
Red Hat Security Advisory 2012-0406-01
Posted Mar 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0406-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss ON 3.0.1 release serves as a replacement for JBoss ON 3.0.0, and includes several bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4858, CVE-2012-0032, CVE-2012-0052, CVE-2012-0062, CVE-2012-1100
MD5 | 49bfdbc1a1d92ef191256aebb4c2425b
LANDesk Lenovo ThinkManagement Suite 9.0.3 File Deletion
Posted Mar 20, 2012
Authored by rgod | Site retrogod.altervista.org

LANDesk Lenovo ThinkManagement Suite version 9.0.3 suffers from a core server remote arbitrary file deletion vulnerability.

tags | exploit, remote, arbitrary
advisories | CVE-2012-1196
MD5 | 5bd1f53d535b56bdac715abd0ce779c8
Red Hat Security Advisory 2012-0396-01
Posted Mar 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0396-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. A flaw was found in the way LDAP authentication was handled. If the LDAP bind account credentials became invalid, subsequent log in attempts with any password for user accounts created via LDAP were successful. A remote attacker could use this flaw to log into LDAP-based JBoss ON accounts without knowing the correct passwords.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-1100
MD5 | 3e4d1d8f0f8720becbbd9b1a798952da
LANDesk Lenovo ThinkManagement Suite 9.0.3 Code Execution
Posted Mar 19, 2012
Authored by rgod | Site retrogod.altervista.org

LANDesk Lenovo ThinkManagement Suite version 9.0.3 suffers from a core server remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2012-1195
MD5 | 427d81acba32c9ed18437de98ddfe7ec
Secunia Security Advisory 48340
Posted Mar 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ad Management Yoga, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 9271439112108a079fb8f4dd04a66c0c
Aanval Intrusion Detection Tool 7
Posted Mar 12, 2012
Site aanval.com

Aanval is the industry's most comprehensive snort and syslog intrusion detection, correlation and management console. Aanval is designed specifically to scale from small single sensor installations to global enterprise deployments. Aanval is browser based and designed to work on all current variants of UNIX, Linux and Mac OS X.

Changes: No more Adobe Flash! All HTML & Javascript. Network Situational Awareness, device and network configurations, new snort and syslog importing and processing system, event tagging, new charting and graphing system and much, much more.
tags | tool, sniffer
systems | linux, unix, apple, osx
MD5 | f2c0bf183f5846cb1af421a80904000b
Secunia Security Advisory 48299
Posted Mar 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and multiple vulnerabilities have been reported in IBM Maximo Asset Management and IBM Maximo Asset Management Essentials, which can be exploited by malicious users to disclose sensitive information and conduct SQL injection attacks and by malicious people to conduct spoofing attacks, cross-site scripting attacks, cross-site request forgery attacks, and cause a DoS (Denial of Service).

tags | advisory, denial of service, spoof, vulnerability, xss, sql injection, csrf
MD5 | f3555efb09260e5185e3f2a4add25826
Debian Security Advisory 2429-1
Posted Mar 7, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2429-1 - Several security vulnerabilities were discovered in MySQL, a database management system. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.61, which includes additional changes, such as performance improvements and corrections for data loss defects.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492
MD5 | 4b79b8f15eba56b6dbba49f270c8587e
Ubuntu Security Notice USN-1387-1
Posted Mar 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1387-1 - Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local user could exploit this flaw to crash the system. Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2011-1927, CVE-2011-0716, CVE-2011-3353, CVE-2011-3619, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044, CVE-2011-0716, CVE-2011-1927, CVE-2011-3353, CVE-2011-3619, CVE-2011-4622, CVE-2012-0038, CVE-2012-0044
MD5 | b0c9ddd8933c790af07fb3fcdbddec1e
Polycom Web Management Interface Command Injection
Posted Mar 5, 2012
Authored by Heyder Andrade, Joao Paulo Caldas Campello | Site tempest.com.br

The Polycom web management interface on model G3/HDX 8000 HD suffers from a remote command injection vulnerability.

tags | exploit, remote, web
MD5 | 9168599a30269df0cf080fbd1e6eb6bd
Polycom Web Management Interface Directory Traversal
Posted Mar 5, 2012
Authored by Heyder Andrade, Joao Paulo Caldas Campello | Site tempest.com.br

The Polycom web management interface on model G3/HDX 8000 HD suffers from a directory traversal vulnerability.

tags | exploit, web
MD5 | 39fa5254f3d7885d7982bd48771e9a2f
Secunia Security Advisory 47952
Posted Mar 5, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with unknown impact has been reported in Novell ZENworks Configuration Management.

tags | advisory
MD5 | fefe4e0bdb98684a95ba9fd73b39f3a8
Debian Security Advisory 2421-1
Posted Mar 1, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2421-1 - Several security issues have been fixed in Moodle, a course management system for online learning.

tags | advisory
systems | linux, debian
advisories | CVE-2011-4308, CVE-2011-4584, CVE-2011-4585, CVE-2011-4586, CVE-2011-4587, CVE-2011-4588, CVE-2012-0792, CVE-2012-0793, CVE-2012-0794, CVE-2012-0795, CVE-2012-0796
MD5 | a74bc62550a61a96abd86bbdfb4bb423
Ubuntu Security Notice USN-1379-1
Posted Feb 29, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1379-1 - Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local user could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's AppArmor security interface when invalid information was written to it. An unprivileged local user could use this to cause a denial of service on the system. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2011-1927, CVE-2011-0716, CVE-2011-3619, CVE-2011-0716, CVE-2011-1927, CVE-2011-3619
MD5 | ce143cf8b1b8cc8e8cc1bb38636b82a1
Page 4 of 4
Back1234Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    9 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close