7971 matches found
[SECURITY] Fedora 15 Update: rpm-4.9.1.3-1.fc15
The RPM Package Manager RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a...
Mathematica8.0.4 on Linux /tmp/MathLink vulnerability
The problem reported for Mathematica became worse at version 8.0.4, present for the command-line interface "math" also. Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia ---...
Fedora Update for python-paste-script FEDORA-2012-2413
Check for the Version of python-paste-script OpenVAS Vulnerability Test Fedora Update for python-paste-script FEDORA-2012-2413 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/o...
[SECURITY] Fedora 16 Update: sectool-0.9.5-7.fc16
sectool is a security tool that can be used both as a security audit and intrusion detection system. It consists of set of tests, library and command line interface tool. Tests are sorted into groups and security levels. Admins can run certain tests, groups or whole security levels. The library a...
[SECURITY] Fedora 16 Update: python-paste-script-1.7.5-4.fc16
Paster is pluggable command-line frontend, including commands to setup pack age file layouts Built-in features: Creating file layouts for packages. For instance a setuptools-ready file layout. Serving up web applications, with configuration based on paste.deploy...
[SECURITY] Fedora 15 Update: python-paste-script-1.7.5-4.fc15
Paster is pluggable command-line frontend, including commands to setup pack age file layouts Built-in features: Creating file layouts for packages. For instance a setuptools-ready file layout. Serving up web applications, with configuration based on paste.deploy...
Java Runtime Environment (JRE) Detection (Mac OS X SSH Login)
Detects the installed version of Java. The script logs in via ssh, and gets the version via command line option SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Fedora Update for wireshark FEDORA-2011-12399
Check for the Version of wireshark OpenVAS Vulnerability Test Fedora Update for wireshark FEDORA-2011-12399 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...
Several Vulnerabilities in TYPO3 Core
It has been discovered that TYPO3 Core is vulnerable to Cross-Site Scripting, Information Disclosure, Insecure Unserialize Component Type: TYPO3 Core Affected Versions: 4.4.0 up to 4.4.13, 4.5.0 up to 4.5.13, 4.6.0 up to 4.6.6 and development releases of the 4.7 and 6.0 branch. Vulnerability Type...
Google Talk gtalk:// Deprecated Uri Handler Parameter Injection
Exploit for windows platform in category remote exploits Google Talk gtalk:// Deprecated Uri Handler /gaiaserver Parameter Injection Vulnerability tested against: Internet Explorer 8 Microsoft Windows all versions download url of 1.0.0.104: http://www.google.com/talk/install.html download urls of...
Google Talk gtalk:// Deprecated Uri Handler Parameter Injection Vulnerability
No description provided by source. Google Talk gtalk:// Deprecated Uri Handler /gaiaserver Parameter Injection Vulnerability tested against: Internet Explorer 8 Microsoft Windows all versions download url of 1.0.0.104: http://www.google.com/talk/install.html download urls of 1.0.0.105:...
Google Talk - 'gtalk://' Deprecated URI Handler Injection
Google Talk gtalk:// Deprecated Uri Handler /gaiaserver Parameter Injection Vulnerability tested against: Internet Explorer 8 Microsoft Windows all versions download url of 1.0.0.104: http://www.google.com/talk/install.html download urls of 1.0.0.105: http://www.google.com/talk/intl/it/...
HBGary's Greg Hoglund: The Art Of RAT Hunting In the Enterprise
Threatpost spent much of the last year chasing after Greg Hoglund, the founder and CEO of HB Gary. First, it was to get his reaction to the bruising encounter his firm had with the hacking group Anonymous. Then it was an endless series of requests on the aftermath of that hack, including the...
How to Run Scripts With Veeam One Client
Purpose This article provides additional information about running scripts with Veeam ONE Client. Solution Script Configuration Scripts can be configured for the following action types: As an alarm notification action -- select this option if you want to run a custom script when the alarm is...
ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-037 February 22, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - -...
[SECURITY] Fedora 15 Update: postgresql-9.0.7-1.fc15
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, sub-selects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL...
foomatic-filters: User-assisted execution of arbitrary code
Background The foomatic-filters package contains wrapper scripts which are designed to be used with Foomatic. Description The foomatic-rip filter improperly handles command-line arguments, including those issued by FoomaticRIPCommandLine fields in PPD files. Impact A remote attacker could entice ...
The Mole v0.3 Released : Automatic SQL Injection Exploitation Tool
The Mole v0.3 Released : Automatic SQL Injection Exploitation Tool Nasel has just released the new version of The Mole, an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the...
Sun Java Web Start Plugin Command Line Argument Injection (2012)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Sun Java Web...
Sun Java Web Start Plugin Command Line Argument Injection (2012)
Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...