Lucene search
K

545 matches found

0day.today
0day.today
added 2014/05/17 12:0 a.m.27 views

Nagios Plugins <= 2.0.1 check_dhcp Arbitrary Option File Read

Exploit for linux platform in category local exploits I. VULNERABILITY ------------------------- checkdhcp - Nagios Plugins = 2.0.1 Arbitrary Option File Read II. BACKGROUND ------------------------- "Nagios is an open source computer system monitoring, network monitoring and infrastructure...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2013/06/10 12:0 a.m.39 views

Weathermap 0.97C Local File Inclusion

============================================= WEBERA ALERT ADVISORY 01 - Discovered by: Anthony Dubuissez - Severity: high - CVE Request - 03/06/2013 - CVE Assign - 03/06/2013 - CVE Number - CVE-2013-3739 - Vendor notification - 03/06/2013 - Vendor reply - No reply - Public disclosure - 10/06/201...

5CVSS6.6AI score0.03679EPSS
Exploits4
OpenVAS
OpenVAS
added 2013/05/06 12:0 a.m.23 views

D-Link DSL-320B Multiple Security Vulnerabilities (May 2013) - Active Check

D-Link DSL-320B devices are prone multiple security vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only nb: Running against all DS...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2013/04/13 10:31 p.m.19 views

[Panoptic] Automates the process of search and retrieval of content for common log and config files through LFI vulnerability

Panoptic is an open source penetration testing tool that automates the process of search and retrieval of content for common log and config files through LFI vulnerability. Official introductionary post can be found here. Also, you can find a sample run here. Help Menu Usage: panoptic.py --url...

7.2AI score
Exploits0References3
CERT
CERT
added 2013/01/11 12:0 a.m.30 views

TP-LINK TL-WR841N wireless router local file inclusion vulnerability

Overview The TP-LINK TL-WR841N wireless router contains a local file inclusion vulnerability which could allow an attacker to download critical configuration files off the device. Description CWE-829: Inclusion of Functionality from Untrusted Control SphereThe TP-LINK TL-WR841N wireless router...

4.3CVSS6.3AI score0.03544EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2012/08/20 12:0 a.m.23 views

Fedora 17 : redeclipse-1.2-12.fc17 (2012-11582)

A flaw was found in the way Red Eclipse handled config files. In cube2-engine games, game maps can be transmitted either from the server to a client, or from client to client. These maps include a config file mapname.cfg in 'cubescript' format, which allows for an attacker to send a malicious...

5.5AI score
Exploits0References2
OSV
OSV
added 2012/06/21 3:55 p.m.1 views

DEBIAN-CVE-2011-2709

libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPIMECHCONF environment variable, as demonstrated using mount.nfs...

6.2CVSS7.2AI score0.0044EPSS
Exploits0References1
Atlassian
Atlassian
added 2012/04/13 10:5 p.m.17 views

Confluence does not respect HTTPS in Server Base URL when 301 redirecting

We have Confluence setup behind an Apache reverse proxy and our Server Base URL is set to "https://confluence...". However, when Confluence sends out a 301, it always sends the Location: http://confluence..., which then gets redirected by Apache to https://confluence... Confluence should respect...

0.4AI score
Exploits0Affected Software1
Prion
Prion
added 2012/04/05 1:25 p.m.14 views

Hardcoded credentials

The session cookie store implementation in Spree 0.2.0 uses a hardcoded config.actioncontrollersession hash value aka secret key, which makes it easier for remote attackers to bypass cryptographic protection mechanisms by leveraging an application that contains this value within the...

5CVSS7AI score0.01244EPSS
Exploits0References2Affected Software1
Metasploit
Metasploit
added 2012/03/31 5:15 a.m.18 views

Linux Gather XChat Enumeration

This module will collect XChat's config files and chat logs from the victim's machine. There are three actions you may choose: CONFIGS, CHATS, and ALL. The CONFIGS option can be used to collect information such as channel settings, channel/server passwords, etc. The CHATS option will simply...

6.8AI score
Exploits0
FreeBSD
FreeBSD
added 2010/12/10 12:0 a.m.36 views

exim -- local privilege escalation

David Woodhouse reports: Secondly a privilege escalation where the trusted 'exim' user is able to tell Exim to use arbitrary config files, in which further $run ... commands will be invoked as root...

7.8CVSS9.4AI score0.17794EPSS
Exploits4References2
Packet Storm
Packet Storm
added 2010/09/08 12:0 a.m.19 views

Month Of Abysssec Undisclosed Bugs - DynPage 1.0

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-7-dynpage-multiple-remote-vulnerabilities/ ''' - Title : DynPage Multiple Remote Vulnerabilities. - Affected Version : = v1.0 - Vendor Site :...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/05/31 12:0 a.m.15 views

QuickTalk 1.2 - Source Code Disclosure

QuickTalk 1.2 - Source Code Disclosure ======================================================================= QuickTalk v1.2 Source code disclosure Multiple Vulnerabilities =======================================================================...

7.6AI score
Exploits0
Atlassian
Atlassian
added 2010/04/22 1:7 a.m.17 views

Anonymise config files in support zip

Files included in the generated zip file could contain private information. This issue addresses that by removing all sensitive information before creating the zip. The severity of this issue is HIGH. Please see http://confluence.atlassian.com/x/ZILmD for other security related issues and...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 1:7 a.m.15 views

Anonymise config files in support zip

Files included in the generated zip file could contain private information. This issue addresses that by removing all sensitive information before creating the zip. The severity of this issue is HIGH. Please see http://confluence.atlassian.com/x/ZILmD for other security related issues and...

0.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2010/04/22 1:7 a.m.23 views

Anonymise config files in support zip

Files included in the generated zip file could contain private information. This issue addresses that by removing all sensitive information before creating the zip. The severity of this issue is HIGH. Please see http://confluence.atlassian.com/x/ZILmD for other security related issues and...

0.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2009/01/15 9:50 a.m.2 views

System: insecure config file permissions

Red Hat Certificate System 7.2 uses world-readable permissions for password.conf and unspecified other configuration files, which allows local users to discover passwords by reading these files...

2.1CVSS5.8AI score0.00243EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.26 views

Gentoo Security Advisory GLSA 200310-04 (Apache)

The remote host is missing updates announced in advisory GLSA 200310-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2008/01/14 12:0 a.m.45 views

Fedora 8 : postgresql-8.2.6-1.fc8 (2008-0478)

Mon Jan 7 2008 Tom Lane 8.2.6-1 - Update to PostgreSQL 8.2.6 to fix CVE-2007-4769, CVE-2007-4772, CVE-2007-6067, CVE-2007-6600, CVE-2007-6601 - Make initscript and pam config files be installed unconditionally; seems new buildroots don't necessarily have those directories in place Note that...

7.2CVSS7.4AI score0.03855EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2007/10/09 12:0 a.m.32 views

Fedora Core 6 : xen-3.0.3-12.fc6 (2007-713)

Fixes a security flaw in pygrub handling of config files and a denial-of-service case in ne2k NIC for QEMU. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as mu...

7.2CVSS8.2AI score0.00633EPSS
Exploits0References4
Rows per page
Query Builder