what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

Webpower UPS 5.53 Denial Of Service
Posted Jul 3, 2023
Authored by Yehia Elghaly

Webpower UPS version 5.53 suffers from an HTTP denial of service vulnerability. This product stop being supported nearly 10 years ago.

tags | exploit, web, denial of service
SHA-256 | f469bceea0605105d3cbe67c57d08944f6c39dfa4a407ca86cbb376fc34668be

Related Files

Ubuntu Security Notice USN-1450-1
Posted May 24, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1450-1 - It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-2141
SHA-256 | 3b977734c077d0a8b53a81dede80897dca3542072cb2371b9fec6ca89ec6c4ab
Debian Security Advisory 2670-1
Posted May 11, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2670-1 - Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from release announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2011-3122, CVE-2011-3125, CVE-2011-3126, CVE-2011-3127, CVE-2011-3128, CVE-2011-3129, CVE-2011-3130, CVE-2011-4956, CVE-2011-4957, CVE-2012-2399, CVE-2012-2400, CVE-2012-2401, CVE-2012-2402, CVE-2012-2403, CVE-2012-2404
SHA-256 | 0653a473faa390234b73508340d08c8214f4c4547676ce3bc7b489056f6b8a4d
Mandriva Linux Security Advisory 2012-071
Posted May 10, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-071 - This is a bugfix and security advisory that upgrades php to the latest 5.3.13 version for Mandriva Linux Enterprise 5.2 which resolves numerous upstream bugs in php.

tags | advisory, php
systems | linux, mandriva
advisories | CVE-2011-1148, CVE-2011-1657, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3267, CVE-2011-3268, CVE-2011-3379, CVE-2011-2483, CVE-2011-4566, CVE-2011-4885, CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172, CVE-2012-1823, CVE-2012-1823, CVE-2012-2335, CVE-2012-2336
SHA-256 | 028afe71e35b4463baf7313fddbd4720742bc9f50ec0c59daa263f5bc0947ff6
Mandriva Linux Security Advisory 2012-068-1
Posted May 10, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-068 - PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code with the privileges of the web server. It was discovered that the previous fix for the CVE-2012-1823 vulnerability was incomplete. The updated packages provides the latest version which provides a solution to this flaw.

tags | advisory, remote, web, denial of service, arbitrary, cgi, php
systems | linux, mandriva
advisories | CVE-2012-1823, CVE-2012-2335, CVE-2012-2336
SHA-256 | 5f07bbe61bf5a454e33f2bc2bed0f93359504f04f545248be27c70f9cec98327
Ubuntu Security Notice USN-1438-1
Posted May 3, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1438-1 - Dan Prince discovered that Nova did not enforce quotas for security groups and rules added to security groups. An authenticated user could exploit this to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-2101
SHA-256 | 9d1d647e0c275ca0af3a4eff2a0fe1345781c53dd796cd1bca2a97f7cb8cc3e0
Ubuntu Security Notice USN-1428-1
Posted Apr 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1428-1 - It was discovered that the fix for CVE-2012-2110 was incomplete for OpenSSL 0.9.8. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. Ubuntu 11.10 was not affected by this issue. The original upstream fix for CVE-2012-2110 would cause BUF_MEM_grow_clean() to sometimes return the wrong error condition. This update fixes the problem. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2131, CVE-2012-2131
SHA-256 | 2289dbca4426d93d31dbb6364a90c4dd7c450eed99d5564b22b994ee965977e4
Ubuntu Security Notice USN-1427-1
Posted Apr 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1427-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.62 in Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.96. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
SHA-256 | 2040cade899de88f237e5092a7126a65e884ed258ab0efb911d073fec0e0edc5
Secunia Security Advisory 48620
Posted Mar 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Organic groups module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 6e45e4d85aff72214b1d14056f30c736d37df8107049d29a75272b9503077629
Drupal Organic Groups 6.x Access Bypass
Posted Mar 29, 2012
Authored by John F Galvin | Site drupal.org

The Drupal Organic Groups module version 6.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | dbb190a4af2ae746e702f203bad02665c8856d9855a61e43a4847ccb615818d9
Mandriva Linux Security Advisory 2012-036
Posted Mar 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-036 - Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a \%2e\%2e in a URI. The updated packages have been patched to correct this issue.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2011-2524
SHA-256 | 26acc85abfe4b0e0b1049ae10788b907f1be455d4875bed9464a7cabe9e748dd
Debian Security Advisory 2434-1
Posted Mar 20, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2434-1 - Matthew Daley discovered a memory disclosure vulnerability in nginx. In previous versions of this web server, an attacker can receive the content of previously freed memory if an upstream server returned a specially crafted HTTP response, potentially exposing sensitive information.

tags | advisory, web
systems | linux, debian
advisories | CVE-2012-1180
SHA-256 | ca456b31ee8868c762fd70882f56920df02bb00f023f64312e9a4eadf08af45c
Ubuntu Security Notice USN-1397-1
Posted Mar 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1397-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.61 in Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Ubuntu 8.04 LTS has been updated to MySQL 5.0.95. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2007-5925, CVE-2008-3963, CVE-2008-4098, CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019, CVE-2009-4030, CVE-2009-4484, CVE-2010-1621, CVE-2010-1626, CVE-2010-1848, CVE-2010-1849, CVE-2010-1850, CVE-2010-2008, CVE-2010-3677, CVE-2010-3678, CVE-2010-3679, CVE-2010-3680, CVE-2010-3681, CVE-2010-3682, CVE-2010-3683, CVE-2010-3833, CVE-2010-3834, CVE-2010-3835, CVE-2010-3836, CVE-2010-3837, CVE-2010-3838
SHA-256 | dda21a42a15ae22869f978d3746bb4b1626d8469bab9ce1b18636fb138cf0739
Debian Security Advisory 2429-1
Posted Mar 7, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2429-1 - Several security vulnerabilities were discovered in MySQL, a database management system. The vulnerabilities are addressed by upgrading MySQL to a new upstream version, 5.1.61, which includes additional changes, such as performance improvements and corrections for data loss defects.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492
SHA-256 | d4592c5ad8de29f047ece77a2e42b1d38a82d87058cef98da635405e98387e98
darkb0t IRC Python Bot 0.4
Posted Mar 2, 2012
Authored by baltazar

darkb0t is an IRC bot written in Python that is capable of doing reverse DNS lookups, google dork searching, performing link checking on SQL injection, and more.

Changes: Added new checks.
tags | sql injection, python
SHA-256 | 3954cf4cd814ec3fa6de38a6d8b027fb5301ce2ccf3416fa09a2dc46df79721d
darkb0t IRC Python Bot 0.3
Posted Feb 28, 2012
Authored by baltazar

darkb0t is an IRC bot written in Python that is capable of doing reverse DNS lookups, google dork searching, performing link checking on SQL injection, and more.

Changes: Added new checks.
tags | sql injection, python
SHA-256 | fc4219efe6ae1275b002e2675f490152ed141e4cb8ee0e508199e6134eff932d
darkb0t IRC Python Bot 0.2
Posted Feb 25, 2012
Authored by baltazar

darkb0t is an IRC bot written in Python that is capable of doing reverse DNS lookups, google dork searching, performing link checking on SQL injection, and more.

Changes: Various updates.
tags | sql injection, python
SHA-256 | 11f232250b4e9d7a884955c3fd02803039fc2245b8423c7bd4b655fa1ae31d43
darkb0t IRC Python Bot 0.1
Posted Feb 24, 2012
Authored by baltazar

darkb0t is an IRC bot written in Python that is capable of doing reverse DNS lookups, google dork searching, performing link checking on SQL injection, and more.

tags | sql injection, python
SHA-256 | bd0dc25d87992414149a403dc549ded89a0f0fb3561c895a931c8324a9a959cf
Red Hat Security Advisory 2012-0302-03
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0302-03 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the "lp" user.

tags | advisory, overflow, arbitrary
systems | linux, redhat, unix
advisories | CVE-2011-2896
SHA-256 | f2434d92ff30870a69af386c20081fbeddc541a129b82ec961a7d31841e912d8
Secunia Security Advisory 48020
Posted Feb 17, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in the Organic Groups Vocabulary module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | de7c1fc1271becf15422c29d78a6e0e402f53cce9269e3d750042aa10f9d72bd
Ubuntu Security Notice USN-1364-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1364-1 - A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207, CVE-2012-0038, CVE-2012-0055, CVE-2012-0056, CVE-2012-0207
SHA-256 | e847291e2956e9eeb864470a8ac967e656c915178d520472524b2f9834c84e45
Ubuntu Security Notice USN-1363-1
Posted Feb 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1363-1 - A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual interrupt control is not available a local user could use this to cause a denial of service by starting a timer. A flaw was discovered in the XFS filesystem. If a local user mounts a specially crafted XFS image it could potential execute arbitrary code on the system. Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the extended permission checks needed by cgroups and Linux Security Modules (LSMs). A local user could exploit this to by-pass security policy and access files that should not be accessible. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207, CVE-2011-4622, CVE-2012-0038, CVE-2012-0055, CVE-2012-0207
SHA-256 | 00db81ad81883140a2fb9f8a3cf95426da7934bf25c0269359abe6ac6c16194c
Ubuntu Security Notice USN-1263-2
Posted Jan 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1263-2 - USN-1263-1 fixed vulnerabilities in OpenJDK 6. The upstream patch for the chosen plaintext attack on the block-wise AES encryption algorithm to fail when using certain algorithms. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 632d73fc6be378641a2c7b71828c08584abbea1d6a2f3799cf2b70c494ab9b0e
Secunia Security Advisory 47584
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in McAfee GroupShield, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 876f4bb8ae3bf2f67af7307c58334a25a189210a53cf2affc44a78fef342f852
Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution
Posted Jan 13, 2012
Authored by Benjamin Tobias Franz, Stuart Pearson, Sam Sharps | Site metasploit.com

This bug is triggered when the browser handles a JavaScript 'onLoad' handler in conjunction with an improperly initialized 'window()' JavaScript function. This exploit results in a call to an address lower than the heap. The javascript prompt() places the shellcode near where the call operand points to. The module calls prompt() multiple times in separate iframes to place our return address. The module hides the prompts in a popup window behind the main window and then it will spray the heap a second time with the shellcode and point the return address to the heap. It then uses a fairly high address to make this exploit more reliable. IE will crash when the exploit completes. Also, please note that Internet Explorer must allow popups in order to continue exploitation.

tags | exploit, javascript, shellcode
advisories | CVE-2005-1790
SHA-256 | dfbe6b34adf9a6a1783c641f7329756e98c1bb69d235bba9e36f55dd9ec0f6b0
Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20111225
Posted Dec 27, 2011
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: This release incorporates an important security fix from upstream and an upgrade is recommended. Tor was updated to 0.2.2.35, libevent to 2.0.16, and the kernel to 2.6.32.50 plus Gentoo's hardened-patches-2.6.32-83.extras.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | 36a982d6aa03aaa511252b1130ed6b0d14a80d24eb675d1ca2e4a1ef05fd6b8e
Page 2 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close