exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

CyberArk Credential Provider Race Condition / Authorization Bypass
Posted Sep 2, 2021
Authored by Klayton Monroe | Site korelogic.com

CyberArk's Credential Provider loopback communications on TCP port 18923 are encrypted with key material that has extremely low entropy. In all currently-known use cases, the effective key space is less than 2^16. For an attacker who understands the key derivation scheme and encryption mechanics, knowledge of the source port and access to the payloads of a given client-server exchange are sufficient to reduce effective key space to one. In cases where the source port is not known, the encrypted payloads will be unable to withstand a brute force attack. Additionally, the user identification mechanism used by CyberArk's Credential Provider is vulnerable to a race condition where an unauthorized/unprivileged user can submit one or more encrypted query requests. If the race is won, the attacker will be able to retrieve sensitive information including passwords and password metadata. Versions prior to 12.1 are affected.

tags | exploit, tcp
advisories | CVE-2021-31797
SHA-256 | 7dede6bcc7b3021a2a5c5df1eb3c7bc0663ae7d954677866d63352936b9f568a

Related Files

Red Hat Security Advisory 2011-1803-01
Posted Dec 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1803-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 5 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2011-4314
SHA-256 | 97cbda5681b0a2f9517ac6e2b360fc13566cedf9c930fe582aa0c009ddcbc7c1
Red Hat Security Advisory 2011-1802-01
Posted Dec 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1802-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2011-4314
SHA-256 | e7e971cb4ef33aa445c1ac0717358f794b992204c1c2b1a2807d6c97874142ac
Red Hat Security Advisory 2011-1533-04
Posted Dec 6, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1533-04 - Red Hat Identity Management is a centralized authentication, identity management and authorization solution for both traditional and cloud based enterprise environments. It integrates components of the Red Hat Directory Server, MIT Kerberos, Red Hat Certificate System, NTP and DNS. It provides web browser and command-line interfaces. Its administration tools allow an administrator to quickly install, set up, and administer a group of domain controllers to meet the authentication and identity management requirements of large scale Linux and UNIX deployments. A Cross-Site Request Forgery flaw was found in Red Hat Identity Management. If a remote attacker could trick a user, who was logged into the management web interface, into visiting a specially-crafted URL, the attacker could perform Red Hat Identity Management configuration changes with the privileges of the logged in user.

tags | advisory, remote, web, csrf
systems | linux, redhat, unix
advisories | CVE-2011-3636
SHA-256 | 0e823f1a2ae89e3334938c90bcec4ce2eb598bf36bbbf703ea7582c3e523706c
Debian Security Advisory 2354-1
Posted Dec 1, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2354-1 - Petr Sklenar and Tomas Hoger discovered that missing input sanitising in the GIF decoder inside the Cups printing system could lead to denial of service or potentially arbitrary code execution through crafted GIF files.

tags | advisory, denial of service, arbitrary, code execution
systems | linux, debian
advisories | CVE-2011-2896, CVE-2011-3170
SHA-256 | 7f113952be28c42d62a36b7f9cc4415e144cd6c8fe1716bd4b204297ff211d6a
WordPress Skysa Official 1.01 / 1.02 / 1.03 Cross Site Scripting
Posted Nov 28, 2011
Authored by Am!r | Site irist.ir

The WordPress Skysa-Official plugin versions 1.01 through 1.03 suffer from a cross site scripting vulnerability. The vendor fixed this quickly once made aware of the issue and version 1.04 fixes the problem.

tags | exploit, xss
SHA-256 | 464c62bd3947966cc2dce2717ecb16dc3b25093627fc4012ce57db68fcd2c705
Debian Security Advisory 2344-1
Posted Nov 12, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2344-1 - It was discovered that the Piston framework can deserializes untrusted YAML and Pickle data, leading to remote code execution.

tags | advisory, remote, code execution
systems | linux, debian
advisories | CVE-2011-4103
SHA-256 | 033975c3139e31efe4ff8206eb96eefc354fa2755ad953e26c9cbcb77cabd27e
Mandriva Linux Security Advisory 2011-171
Posted Nov 12, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-171 - GNOME NetworkManager before version 0.8.6 does not properly enforce the auth_admin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors. Incomplete blacklist vulnerability in the svEscape function in settings/plugins/ifcfg-rh/shvar.c in the ifcfg-rh plug-in for GNOME NetworkManager 0.9.1, 0.9.0, 0.8.1, and possibly other versions, when PolicyKit is configured to allow users to create new connections, allows local users to execute arbitrary commands via a newline character in the name for a new network connection, which is not properly handled when writing to the ifcfg file.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2011-2176, CVE-2011-3364
SHA-256 | b0497990b7cd3f0be96a104f99d44c5413f36998cce68cf0d2fd1763c43b2bbc
Secunia Security Advisory 46758
Posted Nov 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin Klein Keane has discovered two vulnerabilities in the String Overrides module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 2685ade96ba835c61328a0157016299ee7a5002209b7d1a5b879fc975deab448
HP Security Bulletin HPSBUX02715 SSRT100623 2
Posted Oct 28, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02715 SSRT100623 2 - A potential vulnerability has been identified in HP-UX Containers, formerly HP-UX Secure Resource Partitions (SRP), when used in conjunction with patch PHKL_42310. The vulnerability could lead to a local unauthorized access and increased privileges. Revision 2 of this advisory.

tags | advisory, local
systems | hpux
advisories | CVE-2011-3164
SHA-256 | ae2b19b706a5c426cd8fd892f1641e0f33ba70f0d1c0d9b9b4d0174dc8d21f08
Secunia Security Advisory 46348
Posted Oct 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Geeklog, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | b36b99ade9937e31d7ca82bc87cf34c7f67c945d2b2fac7f271d65332cecb121
Ubuntu Security Notice USN-1218-1
Posted Sep 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1218-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
SHA-256 | 7ce613f6fb82e60467fe2db0120524df0114dd4f622231bc1bba67151a5b6582
iDefense Security Advisory 09.26.11 - Novell Groupwise Memory Corruption
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a memory corruption vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs weekly. Specifically, by using a negative integer for the BYWEEKNO property, it is possible to trigger a write operation beyond the bounds of an allocated heap buffer. This can lead to the corruption of memory, and the execution of arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2662
SHA-256 | c3a21b221a5ca43b424d4c87ecdc5132c8fd5e83be4966ed52bb847af74da8e6
Ubuntu Security Notice USN-1216-1
Posted Sep 27, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1216-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
SHA-256 | 632b7c41843d8b08abd09aa566debae12f62d2202a245defc954e205b756668d
Ubuntu Security Notice USN-1197-6
Posted Sep 23, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-6 - USN-1197-1 and USN-1197-3 addressed an issue in Firefox and Xulrunner pertaining to the Dutch Certificate Authority DigiNotar mis-issuing fraudulent certificates. This update provides an update for Qt that blacklists the known fraudulent certificates. USN-1197-1 It was discovered that Dutch Certificate Authority DigiNotar had mis-issued multiple fraudulent certificates. These certificates could allow an attacker to perform a "man in the middle" (MITM) attack which would make the user believe their connection is secure, but is actually being monitored. For the protection of its users, Mozilla has removed the DigiNotar certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor.

tags | advisory
systems | linux, ubuntu
SHA-256 | ffcdd5bd50bb293ea8bfd41f16c5b291b1012994e0b0446df4dcd98cdd52ba28
Nightwing 0.7.8
Posted Sep 22, 2011
Authored by Gustavo Lindberg, Julio C. Puigpinos, Martin A. Campff, Sebastián D. Criado | Site nightwing.lugro-mesh.org.ar

Nightwing allows the creation of quickly deployed wireless networks without the need to make complicated configurations. With the implementation of a Mesh technology called B.A.T.M.A.N, Nightwing allows the extension of wireless networks with a simple way of adding devices that works with minimal human intervention. It has public and private connection interfaces, and the ability to filter content using OpenDNS. It is designed with security in mind, and has low hardware requirements.

Changes: This release allows you to make the Private AP optional, as well as the configuration for this new feature in nw_conf and the Web Admin Interface. Marking in the Traffic Shaping script has changed. Special characters are allowed in passwords in the Web Admin Interface. The layout of the Web Admin interface has changed. You can reboot uhttpd thru the Web Admin interface. The page is refreshed in some browsers after the config is applied. Wireless mode selection has been added to the config page.
tags | tool, wireless
systems | linux
SHA-256 | 7a5bae353ed79b4d770caa71fc5747857d3d8342bec117dc2b58c8ac24009d11
Secunia Security Advisory 45550
Posted Sep 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Krystian Kloskowski (h07) has discovered a vulnerability in DivX Plus Web Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory, web
SHA-256 | 9fc1576932d2bcbef32a79b168aa0ad5e50f797f8363e59674a84e8e2b814220
Ubuntu Security Notice USN-1208-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1208-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
SHA-256 | c72d25c5c02bfb1b3dd8b578a0fff242bb575640e763f8cf25379ff8a0fc30ba
Ubuntu Security Notice USN-1203-1
Posted Sep 14, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1203-1 - Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. Alex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2010-4076, CVE-2010-4077, CVE-2010-4251, CVE-2010-4805, CVE-2011-1020, CVE-2011-1493, CVE-2011-1577, CVE-2011-2213, CVE-2011-2484, CVE-2011-2492, CVE-2011-2700, CVE-2011-2723, CVE-2011-2918
SHA-256 | 286bb941d7141b756b5c455e3e57f8e085d01c33d50b9139d9d2c90312850771
Secunia Security Advisory 45573
Posted Aug 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in MarkLogic Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | e43d3528289079947fda94471f06a7e367f77a1447b0842327231ea670638975
Secunia Security Advisory 45483
Posted Aug 4, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in NC LinkList, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | c5aed6bd1a0348c3065a601d480fc651b2082366c39ca596c0399ee0d3463866
MC LinkList 1.3 Cross Site Scripting
Posted Aug 2, 2011
Authored by Izam

MC LinkList version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 194edb048e10601bd4c9699a255c55ae73d21849cc46f428fc9a8e1a8194b00e
Red Hat Security Advisory 2011-0953-01
Posted Jul 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0953-01 - system-config-firewall is a graphical user interface for basic firewall setup. It was found that system-config-firewall used the Python pickle module in an insecure way when sending data to the privileged back-end mechanism. A local user authorized to configure firewall rules using system-config-firewall could use this flaw to execute arbitrary code with root privileges, by sending a specially-crafted serialized object.

tags | advisory, arbitrary, local, root, python
systems | linux, redhat
advisories | CVE-2011-2520
SHA-256 | d43cab56990df504c8d18a2da4efe970de2893378a7b5c762ebdc293c1c325b1
Red Hat Security Advisory 2011-0945-01
Posted Jul 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0945-01 - The Enterprise Web Platform is for mid-size workloads, focusing on light and rich Java applications. Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform. This JBoss Enterprise Web Platform 5.1.1 release for Red Hat Enterprise Linux 4, 5, and 6 serves as a replacement for JBoss Enterprise Web Platform 5.1.0. These updated packages include the bug fixes detailed in the release notes, which are linked to from the References section of this erratum. Various other issues were also addressed.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2011-2196
SHA-256 | 7ef34b7679adcee69bc6985dc3438111903c5e38238a9eda677420f559eddbb6
Apple Mac OS X ImageIO TIFF Integer Overflow
Posted Jul 5, 2011
Authored by Dominic Chell | Site ngssoftware.com

A heap overflow is caused by a signedness vulnerability within copyImageBlockSetTiff(). The crash occurs within any application using the framework, including Preview, QuickLook, Safari and Mail.

tags | advisory, overflow
SHA-256 | 147af24c2d70bdedd1b38ad38463143eddc00aaf8190e135935aa9b337388a4a
Secunia Security Advisory 45053
Posted Jul 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin Klein Keane has discovered two vulnerabilities in AeroMail, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
SHA-256 | d563fb2f8a31b8a45bd08f8377e93a8fad1028d28e219ad698233075ccbee59b
Page 2 of 4
Back1234Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close