CMSLogik 1.2.1 Multiple Persistent XSS Vulnerabilities

Summary CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This combination allows for greater security, extensive flexibility, and ease of use. You can use CMSLogik for almost any niche that your project might fall into. Description CMSLogik...

CMSLogik 1.2.1 (user param) User Enumeration Weakness

Summary CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This combination allows for greater security, extensive flexibility, and ease of use. You can use CMSLogik for almost any niche that your project might fall into. Description The...

CMSLogik 1.2.1 (upload_file_ajax()) Shell Upload Exploit

Summary CMSLogik is built on a solid & lightweight framework called CodeIgniter, and design powered by Bootstrap. This combination allows for greater security, extensive flexibility, and ease of use. You can use CMSLogik for almost any niche that your project might fall into. Description The...

Candlepin: bootstrap RPM deploys CA certificate file with mode 666

modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions 666 for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file...

Fedora Update for xulrunner FEDORA-2013-3696

Check for the Version of xulrunner OpenVAS Vulnerability Test Fedora Update for xulrunner FEDORA-2013-3696 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

CVE-2012-6116

modules/certs/manifests/config.pp in katello-configure before 1.3.3.pulpv2 in Katello uses weak permissions 666 for the Candlepin bootstrap RPM, which allows local users to modify the Candlepin CA certificate by writing to this file...

rhev: vds_installer is prone to MITM when downloading 2nd stage installer

The vdsinstaller in Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vdsbootstrap.py, which prevents SSL certificates from being validated and allows remote attackers to execute arbitrary Python code via...

rhev: vds_installer is prone to MITM when downloading 2nd stage installer

The vdsinstaller in Red Hat Enterprise Virtualization Manager RHEV-M before 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vdsbootstrap.py, which prevents SSL certificates from being validated and allows remote attackers to execute arbitrary Python code via...

UBUNTU-CVE-2012-2922

The requestpath function in includes/bootstrap.inc in Drupal 7.14 and earlier allows remote attackers to obtain sensitive information via the q parameter to index.php, which reveals the installation path in an error message...

Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require...

Juniper Junos PIM rpd Crafted Boot Message Remote DoS (PSN-2011-07-296)

According to its self-reported version number, the remote Juniper router is running a version of Junos with a denial of service vulnerability. Sending a specially crafted bootstrap message to the PIM router can cause the rpd routing daemon to crash. A remote, unauthenticated attacker could exploi...

DEBIAN-CVE-2011-2749

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service daemon exit via a crafted BOOTP packet...

dhcp: denial of service flaws

The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service daemon exit via a crafted BOOTP packet...

LifeType 1.2.8 Remote File Inclusion Vulnerability

/=============================================================================================================================================== | | o LifeType 1.2.8 Remote File Inclusion Vulnerability | | Software : LifeType 1.2.8 | Vendor : http://lifetype.net/ | Author : Cru3l.b0y | Contact :...

CMS little 0.0.1 - 'template' Local File Inclusion

====================================================================== CMS little index.php template Local File Inclusion Vulnerability ====================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground...

IBM OS/400 BrSmRcvAndCheck()远程溢出漏洞

BUGTRAQ ID: 29660 IBM OS/400是IBM网络服务器上所运行的操作系统。 IBM OS/400在modem端口上执行诊断时，IBM OS/400中由BrSmIntWrap所调用的BrSmRcvAndCheck函数未经长度检查便执行了memcpy操作。如果远程攻击者提交了超长参数的话，就可能触发缓冲区溢出，导致初始程序加载（IPL）bootstrap进程终止。 IBM OS/400 V6R1M0 IBM OS/400 V5R4M5 IBM OS/400 V5R4M0 IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

IBM OS/400 'BrSmRcvAndCheck()'缓冲区溢出漏洞

BUGTRAQ ID: 29660 IBM OS/400是一款AS/400机器上的操作系统。 IBM OS/400 'BrSmRcvAndCheck'存在缓冲区溢出，本地攻击者可以利用漏洞对服务进行拒绝服务攻击。 问题是由于memcpy时对长度缺少检查，攻击者可以利用此问题是IPL bootstrap进程停止。 IBM OS/400 V6R1M0 IBM OS/400 V5R4M5 IBM OS/400 V5R4M0 可参考如下安全公告获得补丁信息：...

Acronis PXE Server 2.0.0.1076 Directory Traversal / NULL Pointer Vulns

Exploit for unknown platform in category remote exploits ====================================================================== Acronis PXE Server 2.0.0.1076 Directory Traversal / NULL Pointer Vulns ====================================================================== Luigi Auriemma Application:...

Wireshark corrupts the stack when inspecting BOOTP traffic

Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service crash via crafted DHCP-over-DOCSIS packets...

DEBIAN-CVE-2007-3393

Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service crash via crafted DHCP-over-DOCSIS packets...