what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 47 of 47 RSS Feed

Files Date: 2011-11-30 to 2011-11-30

Secunia Security Advisory 47014
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in OrangeHRM, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | eb219852c3aefcdc5db063c355fbff898ceda0e80deb44275b83bd4b359a5b34
Secunia Security Advisory 46981
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ExpressionEngine, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 056ede08de3dc44886959e15aeceabba7608b018483061de3952f26855693840
Secunia Security Advisory 46999
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Netcool/Reporter, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 31759ac076e7a3be02e0d8c383713947484c5cd21714307f93a72b1f93a2d608
Secunia Security Advisory 47001
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Hastymail2, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 3598771b86a5881e30b50640c13c044e6ae7f0cff36a61f1de4fe01c0b5de4c6
Secunia Security Advisory 47002
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Manx, which can be exploited by malicious people to conduct HTTP response splitting and cross-site scripting attacks and compromise a vulnerable system.

tags | advisory, web, vulnerability, xss
SHA-256 | 3773ddd68a60a69e018cd4f8b0d76bdea3eeef9749a015d0c89f4f41650526a9
Secunia Security Advisory 46941
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in HP Network Node Manager i, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 97b559a67b9599709c41548f98ae43ac3f1b9cb9c76ac015050604c9eccfd864
Final Draft 8 Stack Buffer Overflow
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

Final Draft version 8 suffers from a file format stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory, a proof of concept and a Metasploit module.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | ac3e47d5874fd1d4daad7534970506cf6afc9f213d1d90f20086b45e813dcbbd
Hacking Hollywood Presentation Slides
Posted Nov 30, 2011
Authored by Nick Freeman | Site security-assessment.com

These are the slides from the Hacking Hollywood presentation given at Ruxcon 2011. It documents vulnerabilities that the researcher discovered in various pieces of software in use by large Hollywood studios. Be sure to check out the related files for this presentation as there are multiple proof of concept exploits and advisories.

tags | paper, vulnerability, proof of concept
SHA-256 | 011cfd9dd1552c8137cc5620c4e38a3b1986aa931e278523ef781e70dd75adf5
Ubuntu Security Notice USN-1285-1
Posted Nov 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1285-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2011-2183, CVE-2011-2491, CVE-2011-2494, CVE-2011-2495, CVE-2011-2517, CVE-2011-2905, CVE-2011-2909
SHA-256 | 6758df4905be75681d391dbdf0a22a6c0d585b02d7ae0b95ce6c9f405177ab7d
Certificate Authority Transparency And Auditability
Posted Nov 30, 2011
Authored by Ben Laurie, Adam Langley

Whitepaper called Certificate Authority Transparency and Auditability. The goal of this paper is to make it impossible (or at least very difficult) for a Certificate Authority (CA) to issue a certificate for a domain without the knowledge of the owner of that domain. A secondary goal is to protect users as much as possible from mis-issued certificates.

tags | paper
SHA-256 | baa285ffbc1c0f086a22438517cd8c203c13124a4eb655414ea8a04b440b3651
Red Hat Security Advisory 2011-1496-01
Posted Nov 30, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1496-01 - A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. Users of bind are advised to upgrade to these updated packages, which resolve this issue. After installing the update, the BIND daemon will be restarted automatically.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-4313
SHA-256 | 01c14c945ffcae4533481835e75743d048c84069db1e3acf5a44f0949b46b159
Schok Creative SQL Injection
Posted Nov 30, 2011
Authored by nGa Sa Lu

Sites created by Schok Creative suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7dc0055c5274ec7437bf95c76e36a43b0359c3cbaf719121cde6e20ed1e6a1f9
Red Hat Security Advisory 2011-1479-01
Posted Nov 30, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1479-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Using PCI passthrough without interrupt remapping support allowed Xen hypervisor guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1162, CVE-2011-1898, CVE-2011-2203, CVE-2011-2494, CVE-2011-3363, CVE-2011-4110
SHA-256 | ed68520a6ee2920e3e52edf771936c03f68718a31b6a9055d5cb9d1c38a033e1
3S CoDeSys 3.4 SP4 Patch 2 Overflows / NULL Pointers
Posted Nov 30, 2011
Authored by Luigi Auriemma | Site aluigi.org

3S CoDeSys versions 3.4 SP4 Patch 2 and below suffer from integer overflow, stack overflow, folder creation and multiple NULL pointer vulnerabilities.

tags | exploit, overflow, vulnerability
systems | linux
SHA-256 | 9f18a5df23671b7b00bdf05e10758b4e56ae625a309b1451df702bc5cf7e4932
ELSEVIER Call For Papers
Posted Nov 30, 2011
Site ees.elsevier.com

This is a Call For Papers for a special issue of Elsevier called "Botnet Activity: Analysis, Detection and Shutdown".

tags | paper
SHA-256 | 9e5e819ce3f960b6d5ddfe8af658c90c1cd78e77afda587dd786dc5ecf3d9012
Video Girls BiZ Video Chat Script Cross Site Scripting / SQL Injection
Posted Nov 30, 2011
Authored by Eyup CELIK

Video Girls BiZ Video Chat script suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | f08affdc5afc926fe3dc84284f7bab1c69b9a826f7b4c5b18d73b619062ce184
Go Null Yourself E-Zine Issue 06
Posted Nov 30, 2011
Authored by gny | Site gonullyourself.org

Go Null Yourself E-zine Issue 6 - Topics in this issue include Floating Point Numbers Suck, How Skynet Works, Defeating NX/DEP With return-to-libc and ROP, and more.

tags | magazine
SHA-256 | 9738a7cab2a945caf04b2be29f7f4be491056cae4ee3b27e48909f9a0e3eb88c
ExpressionEngine 2.2.2 / CodeIgniter 2.0.3 Cross Site Scripting
Posted Nov 30, 2011
Authored by Dr. Marian Ventuneac

ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2011-4025
SHA-256 | fdab17029ae48b80689e4ddd515edc23100d07a8f55741743dc18b289e5b7a22
Ajax Script Cross Site Scripting / SQL Injection
Posted Nov 30, 2011
Authored by Eyup CELIK

Ajax Script suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 4b9b807cf31978b23900da02089db7c0593e9b3d9d8818e73b8619fa6d5324e1
Toshiba.com / Compaq.com Cross Site Scripting
Posted Nov 30, 2011
Authored by Sony

Toshiba.com and Compaq.com suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d20994a6ef3ff7ce5d7076c9ff08e0cb8eff2bb0a686c23fd54a38d799d17bc5
ModenaCam SQL Injection / Cross Site Scripting
Posted Nov 30, 2011
Authored by Eyup CELIK

ModenaCam, the Adult Turnkey Flash Live Chat Software script, suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
systems | linux
SHA-256 | effbed27188e2b0a4ceac3cf54c68aac13e6f3a4b929f812bc21ab058843771d
Oxide M0N0X1D3 Directory Traversal
Posted Nov 30, 2011
Authored by demonalex

Oxide M0N0X1D3 HTTP server suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
SHA-256 | 7694156615ff57d99bddebea6200de1b9b25ddfeddd5b34a34bdac2063c47cf7
Page 2 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close