what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Webpower UPS 5.53 Denial Of Service
Posted Jul 3, 2023
Authored by Yehia Elghaly

Webpower UPS version 5.53 suffers from an HTTP denial of service vulnerability. This product stop being supported nearly 10 years ago.

tags | exploit, web, denial of service
SHA-256 | f469bceea0605105d3cbe67c57d08944f6c39dfa4a407ca86cbb376fc34668be

Related Files

Red Hat Security Advisory 2012-1140-01
Posted Aug 3, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1140-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. A denial of service flaw was found in the way the dhcpd daemon handled zero-length client identifiers. A remote attacker could use this flaw to send a specially-crafted request to dhcpd, possibly causing it to enter an infinite loop and consume an excessive amount of CPU time. Upstream acknowledges Markus Hietava of the Codenomicon CROSS project as the original reporter of this issue.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2012-3571
SHA-256 | 8b07e2dc453135e1290fae4b34fd3618aeea3cedff85d00f592a71055720c29b
Mandriva Linux Security Advisory 2012-113
Posted Jul 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-113 - arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon. The updated packages have been patched to correct this issue.

tags | advisory, root, vulnerability
systems | linux, redhat, debian, fedora, mandriva
advisories | CVE-2012-2653
SHA-256 | 54724c7b111ef27734b56d1a5f8971d757f7fe257860c3945fd53521709f1a18
Forensic Analysis Of iPhone Backups
Posted Jul 12, 2012
Authored by Satish Bommisetty

This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups.

tags | paper
systems | apple, iphone
SHA-256 | 91d87e6d4d62c26dfb2d234b849782b8cc383017bef870f2d1f7066ccb41ab9f
Gentoo Linux Security Advisory 201207-10
Posted Jul 10, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201207-10 - Multiple vulnerabilities have been found in CUPS, some of which may allow execution of arbitrary code or local privilege escalation. Versions less than 1.4.8-r1 are affected.

tags | advisory, arbitrary, local, vulnerability
systems | linux, gentoo
advisories | CVE-2009-3553, CVE-2010-0302, CVE-2010-0393, CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2432, CVE-2010-2941, CVE-2011-3170
SHA-256 | ac1a9fddc193fe58d21d0ca7c54126b91d2ff39c64167361020f526fdbf282f1
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20120622
Posted Jun 23, 2012
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: Tor was updated to 0.2.2.37, BusyBox to 1.20.1, and the kernel to 3.4.2 plus Gentoo's hardened-patches-3.4.2-2.extras. The MIPS port also incorporated these changes, but for this architecture the kernel was kept at vanilla 3.2.5.
tags | tool, x86, kernel, peer2peer
systems | linux
SHA-256 | 9897b37f6a6a7380f2b1a3104f85aedcea9b84b5400594a0944e88925eada2e7
Red Hat Security Advisory 2012-0813-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0813-04 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way the 389 Directory Server daemon handled access control instructions using certificate groups. If an LDAP user that had a certificate group defined attempted to bind to the directory server, it would cause ns-slapd to enter an infinite loop and consume an excessive amount of CPU time.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-0833
SHA-256 | 129a838e37c542da05a23067eaf70559fd31bab9c8b1fd61e86531f3baa4cc2c
Secunia Security Advisory 49591
Posted Jun 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Hupsi Fancybox plugin for e107, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 6cfc82c0fad5255ca4a775def21abbb0284c94f969f78bb4c9e74c278071bb04
Secunia Security Advisory 49583
Posted Jun 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Hupsi Share plugin for e107, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 8e5af64f12f009a6bc1b98e4e9576c9bfcec55804ea4f0c0eda69328d00cb3b2
Secunia Security Advisory 49584
Posted Jun 20, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Hupsis Media Gallery plugin for e107, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 0f534606c652b216373d194d699760fa24a172649e214b3231608827d0479546
e107 Hupsi Share 1.00 Shell Upload
Posted Jun 19, 2012
Authored by Sammy FORGIT

e107 Hupsi Share plugin version 1.00 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 01edcafd988a763a0655922e61b5d35515bc3ba601616b9aca3fb8f4ed687449
e107 Hupsi Media Gallery 1.0 Shell Upload
Posted Jun 19, 2012
Authored by Sammy FORGIT

e107 Hupsi Media Gallery plugin version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | cf798872e71c9fa0094aa28aab7cb5fe4bb92f07513ffad6e92a20748e2682d9
e107 Hupsi Fancybox 1.0.4 Shell Upload
Posted Jun 19, 2012
Authored by Sammy FORGIT

e107 Hupsi Fancybox plugin version 1.0.4 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 727a4c7d0667d51fdc6d9063229dfbd1e7e1bb30b5ff957fb971eb33023c1113
Debian Security Advisory 2496-1
Posted Jun 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2496-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.63, which includes additional changes, such as performance improvements and corrections for data loss defects.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-0583, CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2122
SHA-256 | eeffa758dc44f2f16c05876571d07e28555ef3fe9f2e29262843debe172cee70
TOR Virtual Network Tunneling Tool 0.2.2.37
Posted Jun 14, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release introduces a workaround for a critical renegotiation bug in OpenSSL 1.0.1 (20% of the Tor network can't talk to itself currently).
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | ae2c1fb52babd9e92264ac7c4486d3e941be6deb91b8a590965848fbbcbd9e88
Ubuntu Security Notice USN-1466-2
Posted Jun 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1466-2 - USN 1466-1 fixed a vulnerability in Nova. The upstream patch introduced a regression when a security group granted full access and therefore the network protocol was left unset, causing an error in processing. This update fixes the issue. Various other issues were also addressed.

tags | advisory, protocol
systems | linux, ubuntu
SHA-256 | 5ba7f801cc2b55389b0f97d9acd045ded22ab0d3710b40c08a2926988c09156d
Secunia Security Advisory 49397
Posted Jun 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in the Organic Groups module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 0728b73dc9af749f80ba09cb2015c77d09ec5f32c36b9c2797de28aeb2eb322b
TOR Virtual Network Tunneling Tool 0.2.2.36
Posted Jun 7, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, and fixes several crash bugs. Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many known flaws, and nobody should be using them. You should upgrade. If you're using a Linux or BSD distribution and its packages are obsolete, stop using those packages and upgrade anyway.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-4576
SHA-256 | 0e57e6e7dbc98aaa1b458ba745dac9fb19ed3ef59e4251d98de02068723148db
Drupal Organic Groups 6.x Cross Site Scripting / Access Bypass
Posted Jun 6, 2012
Authored by Ezra Barnett Gildesgame, Fox | Site drupal.org

Drupal Organic Groups third party module version 6.x suffers from access bypass and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | b56a43fd6cb4f6b56f362161245de3105f1a148e93042618473ddbf92210cccc
Ubuntu Security Notice USN-1466-1
Posted Jun 6, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1466-1 - It was discovered that, when defining security groups in Nova using the EC2 or OS APIs, specifying the network protocol (e.g. 'TCP') in the incorrect case would cause the security group to not be applied correctly. An attacker could use this to bypass Nova security group restrictions.

tags | advisory, tcp, protocol
systems | linux, ubuntu
advisories | CVE-2012-2654
SHA-256 | aaa802033fd02ad4127bca32ff6245611c268e7f7d2b90b51e38b75b80cefe1e
Mandriva Linux Security Advisory 2012-087
Posted Jun 5, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-087 - Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-power outage) via a long string containing non-printable characters. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-2944
SHA-256 | 59c537bfb95b209de0cd8108e1c6f0a217ece674644b5d8578659d35b090558d
Debian Security Advisory 2484-1
Posted Jun 5, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2484-1 - Sebastian Pohle discovered that upsd, the server of Network UPS Tools (NUT) is vulnerable to a remote denial of service attack.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2012-2944
SHA-256 | a8c18bcd6cdb3120bb6a2c46ff0b56eebbc9ed923c3823a6005c5873e2a7cbaf
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20120601
Posted Jun 2, 2012
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: This release incorporates major changes from upstream to all components of tor-ramdisk. Tor was updated to 0.2.2.36, libevent to 2.0.18, OpenSSH to 6.0p1, BusyBox to 1.20.0, and uclibc to 0.9.33.2, and the kernel was updated to 3.2.11 plus Gentoo's hardened-patches-3.2.11-1.extras. The MIPS port also incorporated these changes, but for this architecture libevent was updated to 2.0.19 and the kernel to 3.2.5.
tags | tool, x86, kernel, peer2peer
systems | linux
SHA-256 | 2f1ba76561161a4b1b0a817d76cb62c817dd94f5aeb98806a1a2cb79ca795bb4
Ubuntu Security Notice USN-1456-1
Posted Jun 1, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1456-1 - Sebastian Pohle discovered that Nut did not properly validate its input when receiving data over the network. If upsd was configured to allow connections over the network, a remote attacker could exploit this to cause a denial of service (application crash).

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-2944
SHA-256 | 91052e6c1a5d4aac3c32ed0275f0fd401d0df77fe0140283ea7d0f16a3827acc
Debian Security Advisory 2483-1
Posted Jun 1, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2483-1 - An authentication bypass issue was discovered by the Codenomicon CROSS project in strongSwan, an IPsec-based VPN solution. When using RSA-based setups, a missing check in the gmp plugin could allow an attacker presenting a forged signature to successfully authenticate against a strongSwan responder.

tags | advisory
systems | linux, debian
advisories | CVE-2012-2388
SHA-256 | 7609f91a664792688a1457f9e5c23da2922dfbaaf34996f4ab7c713b94406d26
Secunia Security Advisory 49348
Posted May 31, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Network UPS Tools, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 994fa949fa6b52a0e14620ceb29e647a98a2a325499cdb9ce95b5e54bd44fe8d
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close