Lucene search
K

35 matches found

ThreatPost
ThreatPost
added 2013/08/19 8:0 a.m.6 views

New Jigsaw Hacking Tool Spotted in Attacks

If you’ve run an internal phishing exercise, chances are you may have used Jigsaw, an open source penetration testing tool that enables security teams to automatically generate email address combinations from a minimal amount of public information. As with other open source security and networkin...

7AI score
Exploits0References3
Ubuntu
Ubuntu
added 2012/12/06 1:18 a.m.62 views

USN-1656-1: Libxml2 vulnerability

It was discovered that libxml2 had a heap-based buffer underflow when parsing entities. If a user or automated system were tricked into processing a specially crafted XML document, applications linked against libxml2 could be made to crash or possibly execute arbitrary code...

6.8CVSS8.8AI score0.04382EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2010/10/20 12:0 a.m.49 views

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS / 10.10 : poppler vulnerabilities (USN-1005-1)

It was discovered that poppler contained multiple security issues when parsing malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the progra...

7.5CVSS7AI score0.03597EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2010/10/06 12:0 a.m.25 views

Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : libgdiplus vulnerability (USN-993-1)

Stefan Cornelius discovered that libgdiplus incorrectly handled certain image files. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program...

6.8CVSS6.1AI score0.01914EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2010/06/08 12:0 a.m.35 views

iDevSpot Text Ads 2.08 SQL Injection

Title:idevspot Text ads 2.08 sqli vulnerability Author: Sid3^effects Published: 2010-06-06 price:$147 email:[email protected] vendor: idevspot url : http://www.idevspot.com/TextAds2.php google dork : Powered by TextAds 2.08 ooooo .oooooo. oooooo oooooo oooo 888' d8P' Y8b 888. 888. .8' 888 888 88...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/03/11 12:0 a.m.27 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 / 9.10 : dpkg vulnerability (USN-909-1)

William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of...

5.8CVSS5.4AI score0.02007EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2009/11/12 12:17 p.m.10 views

Gumblar: New Generation of Self-Building Botnets

We’ve been looking at the infrastructure of the Gumblar malware and found some curious facts on how Gumblar operates which we would like to share to make hosting owners aware of the Gumblar threat. Analysis of some infected websites showed that the only way to inject the infection of Gumblar was ...

0.7AI score
Exploits0References3
OpenVAS
OpenVAS
added 2009/04/06 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-746-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.03721EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/10/24 12:0 a.m.21 views

Patchlink Detection

The remote host has a patch management software installed on it. Description : This script uses Windows credentials to detect whether the remote host is running Patchlink and extracts the version number if so. Patchlink is a fully Internet-based, automated, cross-platform, security patch manageme...

7AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2008/02/01 12:0 a.m.29 views

GLSA-200801-20 : libxml2: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200801-20 libxml2: Denial of Service Brad Fitzpatrick reported that the xmlCurrentChar function does not properly handle some UTF-8 multibyte encodings. Impact : A remote attacker could entice a user to open a specially crafted XM...

5CVSS8.2AI score0.02566EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/08/13 12:0 a.m.41 views

GLSA-200708-03 : libarchive (formerly named as bsdtar): Multiple PaX Extension Header Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-03 libarchive formerly named as bsdtar: Multiple PaX Extension Header Vulnerabilities CPNI, CERT-FI, Tim Kientzle, and Colin Percival reported a buffer overflow CVE-2007-3641, an infinite loop CVE-2007-3644, and a NULL...

9.3CVSS7.5AI score0.07432EPSS
Exploits0References4
myhack58
myhack58
added 2007/02/27 12:0 a.m.10 views

Move easy latest use method-vulnerability warning-the black bar safety net

Approximate method: 1. Register for a das. asp user name will be the system to automatically build a user name for the name of the directory 2. Pass pictures of horses Mainly use the 0 3 for. asp directory support, 0 3. asp directory of the characteristics caused. Official also the existence of...

1.3AI score
Exploits0
securityvulns
securityvulns
added 2005/10/19 12:0 a.m.50 views

[USN-210-1] netpbm vulnerability

=========================================================== Ubuntu Security Notice USN-210-1 October 18, 2005 netpbm-free vulnerability CAN-2005-2978 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 Warty Warthog Ubunt...

7.5CVSS0.2AI score0.04873EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/08/01 12:0 a.m.20 views

FreeBSD : gnupg -- OpenPGP symmetric encryption vulnerability (8375a73f-01bf-11da-bc08-0001020eed82)

Serge Mister and Robert Zuccherato reports that the OpenPGP protocol is vulnerable to a cryptographic attack when using symmetric encryption in an automated way. David Shaw reports about the impact : This attack, while very significant from a cryptographic point of view, is not generally effectiv...

5CVSS5.5AI score0.02946EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2005/02/08 12:0 a.m.31 views

gnupg -- OpenPGP symmetric encryption vulnerability

Serge Mister and Robert Zuccherato reports that the OpenPGP protocol is vulnerable to a cryptographic attack when using symmetric encryption in an automated way. David Shaw reports about the impact: This attack, while very significant from a cryptographic point of view, is not generally effective...

5CVSS6.2AI score0.02946EPSS
Exploits0References3
Rows per page
Query Builder