exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2012-01-13

Secunia Security Advisory 47122
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a weakness in HP PKI ActiveX control, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, activex
SHA-256 | ca79902a496720c54c8d371eff1416a450cbf56cf7f93599f1ae157f4f7a18e6
Secunia Security Advisory 47527
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in w-CMS, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss
SHA-256 | 2a32f5151363e7cc7dc4f7989b731f919105c94a7e9dad0b8f12a54aeadbd61f
Secunia Security Advisory 47507
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Blue Coat has acknowledged multiple weaknesses, security issues and vulnerabilities in Blue Coat IntelligenceCenter, which can be exploited by malicious, local users to disclose sensitive information and bypass certain security restrictions, by malicious users to disclose sensitive information, bypass certain security restrictions, manipulate certain data, gain escalated privileges, cause a DoS (Denial of Service), and compromise a vulnerable system, and by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, spoof, vulnerability, xss
SHA-256 | 37346eb2b70fc348afadcdfd6e2f0347ef6aa220a8480858bf8f402f63e394d6
Secunia Security Advisory 47522
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Rational License Key Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 253417d4c931a847a1a0f958f5ce13b5ccdc30615a85465b8f613dfadcbce559
Secunia Security Advisory 47524
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Telelogic License Server and IBM Rational License Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 2079ac0d1657d52c2aa7c16665ff6905dbee58d463251762666ac92ea62cae5b
Secunia Security Advisory 45852
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 9c0822785fc67e26efb8775672c06e58ca4ae2f270e9aa218b6cb388af81f732
Secunia Security Advisory 47539
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for php53 and php. This fixes two vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).

tags | advisory, denial of service, php, vulnerability
systems | linux, redhat
SHA-256 | b293b423d770ae9f831d89508981279fc240fcbecb7ea6c33ebfe9ed2fcc795b
Secunia Security Advisory 47440
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in @Mail Server, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
SHA-256 | 0fc17f46e4b0c1ecc6fa9740106360a782cdc01018c6f6348a10b6f7972a348b
Secunia Security Advisory 47542
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-maverick. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
SHA-256 | 6ae66286353f3902f17748e2ad71c960871bf5d64fcc72290898d790c11a30c7
Secunia Security Advisory 47568
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes one vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
SHA-256 | 4b5995520da2fcce4b427eb23f816128c4cb8116fac5d3f29ba1bd15dc3f8638
Secunia Security Advisory 47573
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes one weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, ubuntu
SHA-256 | d24f833ce9e21adf4422a1921d10f9dcb4d4bad2b3eb588121f71e67a8da11ca
Secunia Security Advisory 47570
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-ti-omap4. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | 8fb83759fd36becb038f2a5a5cc35ecc0226d5cfbfba1e9068392b494a59bd2d
Secunia Security Advisory 47518
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 900ad96f4fa3d8ce8257e61f01a60109e22dd3241a17da9c8a4e3dc645a696e3
Secunia Security Advisory 47562
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple MailEnable products, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | ecbdad318cb59152f13e745103a49a85205552eac17a80cb7927542d38030cd5
Secunia Security Advisory 47529
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Count Per Day plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.

tags | advisory, vulnerability, xss
SHA-256 | 4d8ae5c250045774aa66bd6c2affbfa409998da7ea0877aca963ab5e14bfffa7
Secunia Security Advisory 47572
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 2c833458d64b54fa4421270d388ee9b4a01c2fc297d2c179bbf8b8477be83ac9
Secunia Security Advisory 47546
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the HD Video Share component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | c5bb91a125bc018c3abd83725eaa9a934e36f7bab4607782759cb71fc57838a1
Zero Day Initiative Advisory 12-016
Posted Jan 13, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-016 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Diagnostics server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the HP Diagnostics server handles incoming packets with 0x00000000 as the first 32-bit value. The magentservice.exe process listens on port 23472 by default. It will eventually take that first dword, decrease it by one and use it as a size value to copy data into a stack buffer. The resulting stack-based buffer overflow can result in remote code execution under the system user.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-4789
SHA-256 | f89cf1cca7956e3476a79653108a775954c6207b163d593dad96b7179e74c5f5
Zero Day Initiative Advisory 12-015
Posted Jan 13, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-015 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP MSA 2000 G3. Authentication is not required to exploit this vulnerability. The specific flaws exists within the web interface listening on TCP port 80. There exists a directory traversal flaw that can allow a remote attacker to view any file on the system by simply specifying it in the default URI. Additionally, the password file contains a default login that can be used to authenticate to the device. This can be leveraged by a remote attacker to perform any tasks an administrator is able to.

tags | advisory, remote, web, arbitrary, tcp
advisories | CVE-2011-4788
SHA-256 | efef31e729581273d43acf86536cbf3cf65886fa8a51dab225bf70b406583cb8
Security Implications Of IPv6 Extensions Headers With Neighbor Discovery Rev 2
Posted Jan 13, 2012
Authored by Fernando Gont | Site ietf.org

IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers. Revision 2 of this document. This revision includes, among other things, a discussion of possible issues with SEND as a result of IPv6 fragmentation.

tags | paper, local
SHA-256 | a8b7a492cc8ab102f8884547a7f042ea0e94a1cdbbad648050eb655bf675f524
MailEnable Webmail Cross Site Scripting
Posted Jan 13, 2012
Authored by Narendra Shinde, Sajjad Pourali, Shahab NamaziKhah

MailEnable Professional and Enterprise versions are prone to cross site scripting vulnerabilities as the user-supplied input received via the "Username" parameter of the "ForgottonPassword.aspx" page is not properly sanitized. Versions 4.2.6 and below, 5.52 and below and 6.02 and below are affected.

tags | exploit, vulnerability, xss
advisories | CVE-2012-0389
SHA-256 | cab4ee58932f48fbb2493be671b4513aaa7da0caa31bfdb2f95731c6adf0d732
Mandriva Linux Security Advisory 2012-004
Posted Jan 13, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-004 - Multiple vulnerabilities has been found and corrected in t1lib. A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input stream. A remote attacker could provide a DVI file, with embedded specially-crafted font file, and trick the local user to open it with an application using the AFM font parser, leading to that particular application crash or, potentially, arbitrary code execution with the privileges of the user running the application. Various other issues were also addressed.

tags | advisory, remote, overflow, arbitrary, local, vulnerability, code execution
systems | linux, mandriva
advisories | CVE-2011-0433, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554
SHA-256 | f9a48e9ae40316e20b4d213e0862b9dee1e34ba82c1cf80d054005a9862897ce
Zero Day Initiative Advisory 12-014
Posted Jan 13, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-014 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor ActiveX control (CLSID: {466576F3-19B6-4FF1-BD48-3E0E1BFB96E9}). By passing an overlong string to the LoadXML() method it is possible to trigger a heap corruption vulnerability. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected machine under the context of the user running the Internet Explorer process.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2011-4787
SHA-256 | 4c0d8147a4cc744a03c4b805f15c9dfd3c1b87e71dd48d95d2810e446ce52c6d
HashCollision PHP Denial Of Service Proof Of Concept 5.0
Posted Jan 13, 2012
Authored by FireFart

HashCollision denial of service proof of concept exploit written in Python. It generates the payload on the fly and sends it to the server.

Changes: Allow definition of max payload size as a parameter.
tags | exploit, denial of service, proof of concept, python
advisories | CVE-2011-4885
SHA-256 | 9ea223d1751dc755d5ba16393c4065f1bda060687cfe5211724fcb29a994c2c5
YABSoft Advanced Image Hosting Script SQL Injection
Posted Jan 13, 2012
Authored by Robert Cooper

YABSoft Advanced Image Hosting Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3489b2d8762d7b2212e2012148ac474b5fa37010d94ac80b6cd32c026b0a8645
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close