BMC Remedy and ITAM versions 7.1.00 and 9.1.02.003 suffer from multiple information disclosure vulnerabilities.
f91d23df9bc0097fffb3bf5213fe0b8005c3a4f47d501ca62b6106eeb36a9b3a
Xitami version 2.5b4 remote denial of service exploit.
b351dc9e48a6aed313bf19e6e490bc5237d5dac13546a53e1865579f3eca6b32
Xitami version 2.5 remote denial of service exploit.
9cfd6521e63af7bec8aa11d85bcd2bc1d7ebfd7d243fd44b6ff495053f2c4fa2
Ubuntu Security Notice 4675-1 - Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL.
ff5ce8003f2e61e5233d4e6f3e0558bb7911837b0c1febff0441e908956334bd
Debian Linux Security Advisory 4820-1 - Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon.
aa4dcfbb55beed6cfd5dd0c5473f61da086f94bac322f0b535a9d8136898b814
Xitami Web Server version 2.5 remote SEH buffer overflow exploit with egghunter.
9266efca799b47f871561d9abe7318234f5774a03d813b9cbf03d84871e49824
Debian Linux Security Advisory 3478-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt11 library could be leaked via a side-channel attack.
261750c746fe589baf3fabde57e9825cb9d6cc220c4d09d214ff68a6bd5eda72
Ubuntu Security Notice 2896-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys.
675eb78b537992ffb286496ea0c991eedfce2ffb721ea85ad463ea0773973994
Debian Linux Security Advisory 3474-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that the ECDH secret decryption keys in applications using the libgcrypt20 library could be leaked via a side-channel attack.
4b3c6cec624729feb1385097c768b19210a88ed628f32462d7b492304d08587f
Ubuntu Security Notice 2555-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. Various other issues were also addressed.
792642a0875ba38ffc370521446151efc3f78fb089ed47720138b797c6d3ce23
Ubuntu Security Notice 2554-1 - Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that GnuPG was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. Various other issues were also addressed.
acd1c36d18e0b5be95a85b1785f915c0f1383d9bbab5c56b752b2a664eb94d1f
Debian Linux Security Advisory 3073-1 - Daniel Genkin, Itamar Pipman and Eran Tromer discovered that Elgamal encryption subkeys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side-channel attack.
8fffc402af38bdb41e678130858ef5a67a02942cf952d7c89fbe50b5cae2713c
Secunia Security Advisory - Two vulnerabilities have been discovered in the Vitamin plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
1e6925f6212da54846413366e7e3b4d07d6ebfec345eb2ac14ed9d043180c5dd
Vitaminedz suffers from a remote blind SQL injection vulnerability.
b6e3107bd47facb38e4641043cac3190a5677f7807ed93479482b8529cb9bbf9
Xitami Web Server version 2.5b4 remote buffer overflow exploit with egghunter shellcode.
73db261ddf9325903ce5ef0bdf12b3e24b054fe1f3131430c8e164a3ee276687
iMatix Xitami versions 5.0a0 and below suffer from a NULL pointer vulnerability.
ed4eb779232d0541e6a573825d43e2d1a268a434b65a1704fa33716fe9783002
Xitami Web Server version 2.5b4 remote buffer overflow exploit that spawns a shell.
d74f1c9cc0694320046e368dd4c524292f1aa8c23e024ab073a7ec3cae132bc9
Xitami version 5.0a0 remote denial of service exploit.
11fd43d97a67c4cc99f55bc801ac2855980b31e3f58d6e5d0f0a8cd7102d847b
This Metasploit module exploits a stack overflow in the IntelliTamper. By sending an overly long string to the "defer" script, an attacker may be able to execute arbitrary code.
5a7d05045fcaafffeec567421bc387b0c5e71f7d8dcecd67bd46ed81f239decd
IntelliTamper versions 2.07 and 2.08 local buffer overflow exploit.
0ff0d088ab189c61e1aabfbc31ccc84186fcf64aaa2b72080e0fbc2512e37aa7
This Metasploit module exploits a stack overflow in the iMatix Corporation Xitami Web Server. If a malicious user sends an If-Modified-Since header containing an overly long string, it may be possible to execute a payload remotely. Due to size constraints, this module uses the Egghunter technique. You may wish to adjust WfsDelay appropriately.
8670dc144729b546f2f7c3e942e7920a361bac99f06359655848174beb3c468d
Secunia Security Advisory - Jonathan Salwan has discovered a vulnerability in Xitami, which can be exploited by malicious people to cause a DoS (Denial of Service).
041845e4be2967c8da72558fe9fde7476b2e9be943dc3d70ac6173f9582a4db8
Xitami HTTP Server versions 5.0 and below remote denial of service exploit.
35cb32d7e8deb076c7ece655c1ebee2fc47db30abc7a63c579587e00b7a55c23
Intellitamper version 2.07 .txt file local buffer overflow proof of concept exploit.
39c5e9df6141e257f0b5dbe381cacacfd9ebcfd7ad247b3892b5f1166d8a54dd
IntelliTamper versions 2.07 and 2.08 Language Catalog SEH overflow exploit.
bb4fc74610b73533bc64a6dd2b224001fc3c046a0a09dd1c3ef84a7a1104cc63
IntelliTamper versions 2.07 and 2.08 local stack overflow exploit that spawns calc.exe.
4845fc96b4b28c47b21be8ec74ff558ed0d123f289d416f6315ca3aa8b003567