ZyWALL USG Appliance - Multiple Vulnerabilities

Advisory: Authentication Bypass in Configuration Import and Export of ZyXEL ZyWALL USG Appliances Unauthenticated users with access to the management web interface of certain ZyXEL ZyWALL USG appliances can download and upload configuration files, that are applied automatically. Details =======...

Ubuntu: Security Advisory (USN-1109-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Red Hat Network RHN Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service failed yum operations via vectors related to configuration and package group comps.xml files for channels...

KastBook 0.4 Exploit

Exploit for php platform in category web applications / / / / / / / /// / // //// / // /// / / / / / // / // / / // / / / / / / / / / / / / / /// / // / / /// / /...

DSA-2198-1 tex-common - insufficient input sanitizing

Bulletin has no description...

Check Point Endpoint Security Server Information Disclosure

Check Point Endpoint Security Server or Integrity Server appears to be running on the remote system. The installed version exposes certain private directories, which contain sensitive information such as SSL private keys, configuration files, and certain application binaries. An unauthenticated,...

R7-0038: Check Point Endpoint Security Server Information Disclosure

R7-0038: Check Point Endpoint Security Server Information Disclosure February 7, 2011 -- Vulnerability Details: The Check Point Endpoint Security Server and Integrity Server products inadvertently expose a number of private directories through the web interface. These directories include the SSL...

Ubuntu Update for exim4 vulnerabilities USN-1060-1

Ubuntu Update for Linux kernel vulnerabilities USN-1060-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10601.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for exim4 vulnerabilities USN-1060-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Check Point Endpoint Security Server Information Disclosure

R7-0038: Check Point Endpoint Security Server Information Disclosure February 7, 2011 -- Vulnerability Details: The Check Point Endpoint Security Server and Integrity Server products inadvertently expose a number of private directories through the web interface. These directories include the SSL...

SuSE 11.1 Security Update : supportutils (SAT Patch Number 3468)

The supportconfig script did not disguise passwords in the config files it collected. CVE-2010-3912 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, In...

CVE-2010-3912

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors...

Design/Logic Flaw

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors...

CVE-2010-3912

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors...

Analysis of PHP programs in the directory traversal vulnerability-vulnerability warning-the black bar safety net

| The depths of winter and the eve of Directory traversalvulnerabilityboth at home and abroad have many different names,for example, can also be called information leakagevulnerability,non-authorized files contains avulnerability. The name though,but they have a common Genesis,is in the program n...

Ubuntu Update for imagemagick vulnerability USN-1028-1

Ubuntu Update for Linux kernel vulnerabilities USN-1028-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10281.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for imagemagick vulnerability USN-1028-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Metasploit 3.5.1 adds Cisco device exploitation !

Metasploit now enables security professionals to exploit Cisco devices, performs passive reconnaissance through traffic analysis, provides more exploits and evaluates an organization's password security by brute forcing an ever increasing range of services. This latest release adds stealth...

Exim alternate configuration privilege escalation vulnerability

Overview A vulnerability in the way that the Exim mail server handles configuration files may allow a local attacker to gain escalated privileges on an affected system. Description Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to t...

[SECURITY] Fedora 12 Update: openldap-2.4.19-6.fc12

OpenLDAP is an open source suite of LDAP Lightweight Directory Access Protocol applications and development tools. LDAP is a set of protocols for accessing directory services usually phone book style information, but other information is possible over the Internet, similar to the way DNS Domain...

Maian Gallery v2 Local File Download Vulnerability

Exploit for php platform in category web applications ================================================== Maian Gallery v2 Local File Download Vulnerability ================================================== !/usr/bin/python This vulnerability uses filegetcontents so we have some limitations, we...

Maian Gallery 2 - Local File Download

!/usr/bin/python This vulnerability uses filegetcontents so we have some limitations, we cant execute PHP and we cant read files that the web server will interpret such as PHP, conf etc tested on: Ubuntu Linux 2.6.32 with php v5.3.2 registerglobals = Off PRIVATE 0DAY - code by mrme Vulnerability...