dict-info NSE Script

Connects to a dictionary server using the DICT protocol, runs the SHOW SERVER command, and displays the result. The DICT protocol is defined in RFC 2229 and is a protocol which allows a client to query a dictionary server for definitions from a set of natural language dictionary databases. The SH...

Parallels PLESK 9.x - Insecure Permissions

Exploit Title: PLESK 9.x insecure directory permission admin password revealed Date: 25/04/2012 Author: Nicolas Krassas , twitter.com/dinosn Software Link: www.parallels.com/plesk/ Version: 9.x Tested on: ubuntu / centos During backup procedures, PLESK panel is keeping a detailed log of the proce...

Parallels PLESK 9.x Insecure Permissions

Exploit Title: PLESK 9.x insecure directory permission admin password revealed Date: 25/04/2012 Author: Nicolas Krassas , twitter.com/dinosn Software Link: www.parallels.com/plesk/ Version: 9.x Tested on: ubuntu / centos During backup procedures, PLESK panel is keeping a detailed log of the proce...

[SECURITY] Fedora 17 Update: python-sqlalchemy0.5-0.5.8-9.fc17

SQLAlchemy is an Object Relational Mappper ORM that provides a flexible, high-level interface to SQL databases. Database and domain concepts are decoupled, allowing both sides maximum flexibility and power. SQLAlchemy provides a powerful mapping layer that can work as automatically or as manu all...

Fedora Update for python-sqlalchemy0.5 FEDORA-2012-3412

Check for the Version of python-sqlalchemy0.5 OpenVAS Vulnerability Test Fedora Update for python-sqlalchemy0.5 FEDORA-2012-3412 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

[SECURITY] Fedora 16 Update: python-sqlalchemy0.5-0.5.8-9.fc16

SQLAlchemy is an Object Relational Mappper ORM that provides a flexible, high-level interface to SQL databases. Database and domain concepts are decoupled, allowing both sides maximum flexibility and power. SQLAlchemy provides a powerful mapping layer that can work as automatically or as manu all...

broadcast-versant-locate NSE Script

Discovers Versant object databases using the broadcast srvloc protocol. Example Usage nmap --script broadcast-versant-locate Script Output Pre-scan script results: | broadcast-versant-locate: | vod://192.168.200.222:5019 Requires srvloc table local srvloc = require "srvloc" local table = require...

RHEL 6 : python-sqlalchemy (RHSA-2012:0369)

An updated python-sqlalchemy package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

WordPress <= 3.3.1 Multiple Vulnerabilities

Exploit for php platform in category web applications Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version affected: 3.3.1 and prior Product description:...

How to Manually Back Up Veeam Configuration Databases

Purpose This article documents methods to back up Microsoft SQL and PostgreSQL databases. This article also documents how to locate the configuration database for Veeam Backup & Replication / Veeam Cloud Connect Enterprise Manager Veeam Service Provider Console. For information about Veeam ONE,...

[USN-1289-1] colord vulnerability

========================================================================== Ubuntu Security Notice USN-1289-1 December 07, 2011 colord vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu 11.10 : colord vulnerability (USN-1289-1)

It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered. Note that Tenable Network...

USN-1289-1: colord vulnerability

It was discovered that colord incorrectly handled certain SQL queries. A local attacker could exploit this to modify arbitrary sqlite databases. On Ubuntu, colord runs as its own user by default, so standard file permissions would limit which databases could be altered...

International Foreign Government E-Mails Hacked by TeaMp0isoN

International Foreign Government E-Mails Hacked by TeaMp0isoN TeaMp0isoN group of hackers claim to hack more than 150 Email Id's of International Foreign Governments. They Release the Email List with Password on Pastebin note. Hex000101 Hacker, A member of TeaMp0isoN team got these Login...

Occupy Wall Street : Anonymous Hackers Publish Law Enforcement Data

Occupy Wall Street : Anonymous Hackers Publish Law Enforcement Data Anonymous, the Internet "hactivist" group, today, apparently in support of the Occupy Wall Street protest movement, hacked into several different police databases and leaked sensitive personal data, among them passwords, names,...

Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server Advisory ID: cisco-sa-20110824-cucm-cups Revision 1.0 For Public Release 2011 August 24 1600 UTC GMT...

British police issue warning to Anonymous, Lulzsec and other internet hacktivists

British police issue warning to Anonymous, Lulzsec and other internet hacktivists The Metropolitan Police have taken the unusual step of using Twitter to send a message to anyone considering supporting internet attacks against companies and governments.A message posted on the Met Police's officia...

77 Law Enforcement websites hit in mass attack by #Antisec Anonymous

77 Law Enforcement websites hit in mass attack by Antisec Anonymous Because of FBI's actions against Anonymous and Lulzsec including several arrests, Now AntiSec supporters have targeted 77 law enforcement domains and walked away with everything on them. 77 domains were hosted on the same server...

Blizzard's Mobile Server Database Exposed by Warv0x (AKA Kaihoe)

Blizzard's Mobile Server Database Exposed by Warv0x AKA Kaihoe Warv0x AKA Kaihoe Hacker today expose the Database structure of one of the biggest Company "Blizzard Mobile". The exposed data can be seen on a pastebin link. DATABASES EXPOSED LIST : admin egw glpi informationschema lost+found...

Nmap NSE net: couchdb-databases

Gets database tables from a CouchDB database. For more info about the CouchDB HTTP API, see http://wiki.apache.org/couchdb/HTTPdatabaseAPI. SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll be pipelined ie, sent in a single request. This can be set low to make...