what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Quest KACE System Management Appliance 8.0 (Build 8.0.318) XSS / Traversal / Code Execution / SQL Injection
Posted May 31, 2018
Authored by Core Security Technologies, Leandro Barragan, Guido Leo | Site coresecurity.com

Quest KACE System Management Appliance version 8.0 (Build 8.0.318) suffers from code execution, cross site scripting, path traversal, remote SQL injection, and various other vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
advisories | CVE-2018-11132, CVE-2018-11133, CVE-2018-11134, CVE-2018-11135, CVE-2018-11136, CVE-2018-11137, CVE-2018-11138, CVE-2018-11139, CVE-2018-11140, CVE-2018-11141, CVE-2018-11142
SHA-256 | fd18c79b0364edc307ae0073788f224ea5fd016ba9223e6018267eb9911d3f41

Related Files

Juniper Secure Access Cross Site Scripting
Posted Mar 6, 2010
Authored by Logica

Juniper Secure Access suffers from a cross site scripting vulnerability. SA Appliances running Juniper IVE OS 6.0 or higher are affected.

tags | advisory, xss
systems | juniper
SHA-256 | 0882671fc019f10145475cd894b03e06c77f59799dbbcde50b40394c2be3d4ee
Secunia Security Advisory 38618
Posted Feb 24, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA (Adaptive Security Appliance) 5500 Series, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | aee38327eded88417c9e80ba663350c88067ed2c4685575b94410b847e9f8560
Cisco Security Advisory 20100217-asa
Posted Feb 18, 2010
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances are affected by TCP connection exhaustion, Session Initiation Protocol (SIP) Inspection, Skinny Client Control Protocol (SCCP) Inspection, and other denial of service vulnerabilities.

tags | advisory, denial of service, tcp, vulnerability, protocol
systems | cisco
advisories | CVE-2010-0149, CVE-2010-0150, CVE-2010-0151, CVE-2010-0565, CVE-2010-0566, CVE-2010-0567, CVE-2010-0568
SHA-256 | 61078e6abcd2646842e506c59e2a188e999ff08e7355cfbcc617974b109d9c1b
Secunia Security Advisory 38522
Posted Feb 15, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Accellion File Transfer Appliance, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 117a6611bb69a41208ff7a42b9c141f3f003489f9644b4f1ae2f6331a3db3240
Secunia Security Advisory 38538
Posted Feb 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Accellion File Transfer Appliance, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 749a40fdfd338995be33c648e94bdc538d325114a9a8a480b5dad065280d8a5d
Cisco Security Advisory 20100210-ironport
Posted Feb 10, 2010
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IronPort Encryption Appliance devices contain two vulnerabilities that allow remote, unauthenticated access to any file on the device and one vulnerability that allows remote, unauthenticated users to execute arbitrary code with elevated privileges. There are workarounds available to mitigate these vulnerabilities.

tags | advisory, remote, arbitrary, vulnerability
systems | cisco
advisories | CVE-2010-0143, CVE-2010-0144, CVE-2010-0145
SHA-256 | f55041eba86b197e802f1e3fb48e213d4b2d5aaf87e4bb30235478c5e4e0f139
Core Security Technologies Advisory 2010.0104
Posted Feb 6, 2010
Authored by Core Security Technologies, Adrian Manrique, Aureliano Calvo | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: a cross-site request forgery which allows an external remote attacker to make a command injection that can be used to execute arbitrary code using the webserver user. As a result, an attacker can remove the firewall and load a kernel module, allowing root access to the appliance. It also can be used as a non-persistent XSS.

tags | exploit, remote, arbitrary, kernel, root, csrf
advisories | CVE-2010-0368, CVE-2010-0369
SHA-256 | 503f2b9ce130e8c9fd7df36be1f7004846c5609f67a25cc3666a370cdbd97a49
Core Security Technologies Advisory 2010.0106
Posted Feb 2, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - The Cisco Secure Desktop web application does not sufficiently verify if a well-formed request was provided by the user who submitted the POST request, resulting in a cross-site scripting vulnerability. In order to be able to successfully make the attack, the Secure Desktop application on the Cisco Appliance must be turned on.

tags | exploit, web, xss
systems | cisco
advisories | CVE-2010-0440
SHA-256 | f8c48a5475b2b0502d92201a787561418f197b00968eea66badd89e44af41aab
Google.com Hostname / URL Enumerator
Posted Dec 1, 2009
Authored by Andrew Horton | Site morningstarsecurity.com

This tool enumerates hostnames and URLs from Google. It features antibot avoidance, search within a country, custom search appliance, output either hostnames or URLs, and custom search depth. Written in Bash for Linux.

tags | tool, scanner, bash
systems | linux, unix
SHA-256 | aeaa5ee7e1288ae22a7fb24145c07239602f4b84fa6f4237e6090bab65dd8be2
Juniper SSL-VPN IVE JuniperSetupDLL.dll ActiveX Control Buffer Overflow
Posted Nov 26, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack overflow in the JuniperSetupDLL.dll library which is called by the JuniperSetup.ocx ActiveX control, as part of the Juniper SSL-VPN (IVE) appliance. By specifying an overly long string to the ProductName object parameter, the stack is overwritten.

tags | exploit, overflow, activex
systems | juniper
advisories | CVE-2006-2086
SHA-256 | 26f61dc73b61764daa3a06c44ab90c018a5f7c37d9a49f838a2c3b1e07f7ce49
Google Appliance ProxyStyleSheet Command Execution
Posted Oct 30, 2009
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits a feature in the Saxon XSLT parser used by the Google Search Appliance. This feature allows for arbitrary java methods to be called. Google released a patch and advisory to their client base in August of 2005 (GA-2005-08-m). The target appliance must be able to connect back to your machine for this exploit to work.

tags | exploit, java, arbitrary
advisories | CVE-2005-3757
SHA-256 | bf415a1e9059ceeb4db8cc79d59e0eb830bd3d5f48ed7a59110d0560f2a5540e
Barracuda IMG.PL Remote Command Execution
Posted Oct 30, 2009
Authored by Nicolas Gregoire

This Metasploit module exploits an arbitrary command execution vulnerability in the Barracuda Spam Firewall appliance. Versions prior to 3.1.18 are vulnerable.

tags | exploit, arbitrary
advisories | CVE-2005-2847
SHA-256 | 98f68f02962b87f0c2a1221f7accf276203796571faa6c22c97dc9329849ad36
ContentKeeper Web Remote Command Execution
Posted Oct 28, 2009
Authored by patrick | Site metasploit.com

This Metasploit module exploits the ContentKeeper Web Appliance. Versions prior to 125.10 are affected. This module exploits a combination of weaknesses to enable remote command execution as the Apache user. Following exploitation it is possible to abuse an insecure PATH call to 'ps' etc in setuid 'benetool' to escalate to root.

tags | exploit, remote, web, root
SHA-256 | 629ee439ef17eb790dc0b4ecfd87cba6375f929234dd537ad09b296c1e24dcec
Riorey RIOS Hardocded Password
Posted Oct 8, 2009
Authored by Marek Kroemeke

Riorey DDoS mitigation appliances suffer from a very poor design vulnerability where they have a hardcoded root login and password for automation. Fail!

tags | exploit, root
SHA-256 | 29c26502b9e544b424841c7d7e3ccd28614e8629e9e6f9e8c76dac87a75fd345
Secunia Security Advisory 36966
Posted Oct 6, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - McAfee has acknowledged some vulnerabilities in McAfee Email and Web Security Appliance, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service, vulnerability
SHA-256 | d6c65a8d5aa42aa37e58a22d3ef3f1d52e72dff32f45f835c79fd1066183308a
Secunia Security Advisory 36574
Posted Sep 3, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in McAfee Email and Web Security Appliance, which can be exploited to disclose potentially sensitive information.

tags | advisory, web
SHA-256 | 384280c30f4c3758a6ed1d38505b71c2b79e06f2a1322f7e108b2641b38375b8
Secunia Security Advisory 35511
Posted Jul 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities and a security issue have been reported in Cisco Adaptive Security Appliance (ASA), which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks.

tags | advisory, spoof, vulnerability, xss
systems | cisco
SHA-256 | 15a3b50fe3731703bcd415e0c3b07c6411728f5fe6ac2dc4cc8772b7edf92d45
Cisco ASA/PIX TCP Fragments
Posted Apr 11, 2009
Authored by Daniel Clemens

Cisco ASA/PIX appliances fail to properly check fragmented TCP packets.

tags | exploit, tcp
systems | cisco
SHA-256 | cf31e2d808f52215c9aa9a83ebaf0678772e6f5065c0f50988aaf86c9f3745b9
Secunia Security Advisory 34607
Posted Apr 9, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | 80d410969c691878a709a75d5ea8afc9ece8597cb3f362f5fdd4812a529beb88
Cisco Security Advisory 20090408-asa
Posted Apr 8, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. These range from multiple denial of service issues to authentication and ACL bypass vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2009-1155, CVE-2009-1156, CVE-2009-1157, CVE-2009-1158, CVE-2009-1159, CVE-2009-1160
SHA-256 | 8ba8fbb9a40990200213b3b75a88bdf11eeb7d566fb1de495c5a0756ba1115fd
Secunia Security Advisory 33891
Posted Feb 12, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - david.vorel has reported a vulnerability in Trend Micro InterScan Web Security Suite and Trend Micro InterScan Web Security Virtual Appliance, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, web
SHA-256 | 1812723500b3c21417fcfae1d842739342aa0f9171fca401a25eef2313d30332
HP Security Bulletin 2008-01.87
Posted Dec 30, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

tags | advisory, vulnerability
advisories | CVE-2008-4844
SHA-256 | 6bad1825bd45ef8bf1e89e87f023e29b3ea29e67cfd0f9625ddb382f30bb8dc8
HP Security Bulletin 2008-01.83
Posted Dec 30, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

tags | advisory, vulnerability
advisories | CVE-2008-3704, CVE-2008-4252, CVE-2008-4253, CVE-2008-4254, CVE-2008-4255, CVE-2008-4256, CVE-2008-2249, CVE-2008-3465, CVE-2008-4024, CVE-2008-4025, CVE-2008-4026, CVE-2008-4027, CVE-2008-4028, CVE-2008-4030, CVE-2008-4031, CVE-2008-4837, CVE-2008-4258, CVE-2008-4259
SHA-256 | 060a4c69b772c5dbbe93812a8abd274eb7234e26034b2a9e635c88b055b0e945
HP Security Bulletin 2008-01.64
Posted Nov 19, 2008
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.

tags | advisory, vulnerability
advisories | CVE-2008-4250, CVE-2008-4037, CVE-2007-0099, CVE-2008-4029, CVE-2008-4033
SHA-256 | abfe5378aa1c420b5a843819d5ee86801f09ce9f74415f92a8ad6c7fa7640eb6
Secunia Security Advisory 32391
Posted Oct 23, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | b131567d596e133b91b1b1de979c62fd6315dd03f708cb833c81f8c0283020ca
Page 4 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close