PYSEC-2012-38

Directory traversal vulnerability in virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2 and Essex 2012.1, when used over libvirt-based hypervisors, allows remote authenticated users to write arbitrary files to the disk image via a .. dot dot in the path attribute of a file element...

PT-2012-1502 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0 Description: The issue allows local users with root privileges to modify arbitrary kernel memory locations by writing to the /sys/kernel/debug/acpi/custom method file. This is due to an incomplete fix for a...

Fedora 16 : hostapd-0.7.3-9.fc16 (2012-9206)

Remove hostapd-specific runtime state directory Fixup typo in pid file path in hostapd.service Fixup typo in configuration file path in hostapd.service Tighten-up default permissions for hostapd.conf CVE-2012-2389 Add BuildRequires for systemd-units Fixup typo in configuration file path in...

WordPress Wp-Gpx-Map 1.1.21 Shell Upload

Exploit Title: Wordpress wp-gpx-map version 1.1.21 Arbitrary File Upload Google Dork: inurl:wp-content/plugins/wp-gpx-maps/ Date: 11/05/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://www.darwinner.it/ Software Link: http://downloads.wordpress.org/plugin/wp-gpx-maps.1.1.21.zip Version...

S40 0.4.2 CMS Directory Traversal Vulnerability

This module exploits a directory traversal vulnerability found in S40 CMS. The flaw is due to the 'page' function not properly handling the $pid parameter, which allows a malicious user to load an arbitrary file path. This module requires Metasploit: https://metasploit.com/download Current source...

Debian DSA-2451-1 : puppet - several vulnerabilities

Several vulnerabilities have been discovered in Puppet, a centralized configuration management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-1906 Puppet is using predictable temporary file names when downloading Mac OS X package files. Thi...

Simple Posting System 1.0 Final Local File Inclusion

Exploit Title: Simple Posting System Multiple Google Dork: inurl:sps.php?old= or inurl:sps.php " Date: 14/03/2012 Author: n0tch aka andmuchmore Software Link: http://realize.be/files/sps.tar.gz Version: 1.0 Final Tested on: Windows 7 / LinuxUbuntu +-- LFI --+...

util-linux: umount may fail to remove /etc/mtab~ lock file

mount in util-linux 2.19 and earlier does not remove the /etc/mtab lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors...

RadhikaGB Local File Inclusion

Exploit Title: RadhikaGB final version Local File Inclusion Date: 16/02/2012 Author: T0x!c Software Link: http://softacme.com/radhikagb/download/ Version: RadhikaGB final version Tested on: Windows XP ::::::::::::::::::::::::: =================Exploit================= -= vuln c0de =-...

RHEL 4 : php (RHSA-2012:0071)

The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0071 advisory. - php: buffer over-read in Exif extension CVE-2011-0708 - php: Crash by converting serial day numbers SDN into Julian calendar CVE-2011-1466...

php: file path injection vulnerability in RFC1867 file upload filename

The rfc1867posthandler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request...

http-put NSE Script

Uploads a local file to a remote web server using the HTTP PUT method. You must specify the filename and URL path with NSE arguments. Script Arguments http-put.file - The full path to the local file that should be uploaded to the server http-put.url - The remote directory and filename to store...

CVE-2011-3821

xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajaxcore/pluginlayer/xajaxScriptPlugin.inc.php and certain other files...

Fedora 16 : maniadrive-1.2-32.fc16 / php-5.3.8-1.fc16 / php-eaccelerator-0.9.6.1-9.fc16 (2011-11464)

Security Enhancements and Fixes : - Updated cryptblowfish to 1.2. CVE-2011-2483 - Fixed crash in errorlog. Reported by Mateusz Kocielski - Fixed buffer overflow on overlog salt in crypt. - Fixed bug 54939 File path injection vulnerability in RFC1867 File upload filename. Reported by Krzysztof...

[slackware-security] php (SSA:2011-237-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security php SSA:2011-237-01 New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...

php -- multiple vulnerabilities

PHP development team reports: Security Enhancements and Fixes in PHP 5.3.7: Updated cryptblowfish to 1.2. CVE-2011-2483 Fixed crash in errorlog. Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt. Fixed bug 54939 File path injection vulnerability in RFC1867 File upload...

CentOS Update for perl CESA-2010:0458 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Google Chrome < 13.0.782.107 Multiple Vulnerabilities

Binary data 5998.pasl...

MyNews 1.6.5 Shell Upload

============================================================================================ o MyNews Abritary File Upload Vulnerability Software : MyNews 1.6.5 Vendor : http://www.planetluc.com/ Author : NoGe Contact : nogedotcodeatgmaildotcom Home : http://evilc0de.blogspot.com/...

Tech-ex CMS website system 0day releases-vulnerability warning-the black bar safety net

Keywords: Powered By KesionCMS V5. 5 inurl:User/UserReg. asp Step one: access to/user/userreg. asp registered user Step two: access/KSeditor/selectupfiles. asp, check the auto-naming options, upload named as X. asp;X. jpg files Step three: access the Upload file path xm. asp;xm.jpg...