1252 matches found
soapbox 0.3.1 <= Local Root Exploit
Exploit for linux platform in category local exploits ----------------------------------- soapbox 0.3.1 Description: "Soapbox allows to restrict processes to write only to those places you want. Read-access however is still based on file-permissions. By preloading the Soapbox library, you can run...
WANGKONGBAO CNS-1000 / CNS-1100 Directory Traversal
Exploit Title: WANGKONGBAO CNS-1000 and 1100 Network Security Platform UTM Directory Traversal Date: 7/2/2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.wangkongbao.com/products.html Version: CNS-1000 and 1100 The issue is in the /src/acloglogin.php langid and lang parameters...
Privilege escalation through Mozilla Updater and Windows Updater Service — Mozilla
Security researcher James Forshaw of Context Information Security found two issues with the Mozilla updater and the Mozilla updater service introduced in Firefox 12 for Windows. The first issue allows Mozilla's updater to load a local DLL file in a privileged context. The updater can be called by...
Toenda CMS 1.6.2 Osaka Stable Local File Inclusion
============TOENDA CMS 1.6.2 OSAKA "STABLE" MULTIPLE VULNERABILITIES============ Vulnerable Software: toendaCMS1.6.2OsakaStable Developed by: http://www.toendacms.org/index.php/en/open/download.html toenda.com http://www.toendacms.org/index.php/en/open/download.html Downloaded from:...
USN-1213-1: Thunderbird vulnerabilities
Benjamin Smedberg, Bob Clary, Jesse Ruderman, and Josh Aas discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2995, CVE-2011-2996 Boris Zbarsky...
HP Palm webOS security vulnerabilities
Crossite scripting, file system access...
Sqlmap v.0.9 - automatic SQL injection and database takeover tool !
Sqlmap v.0.9 - automatic SQL injection and database takeover tool ! sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for...
Apache Tomcat 6.0.x < 6.0.30 Multiple Vulnerabilities
Binary data 800609.prm...
n.runs-SA-2010.003 - Hewlett Packard LaserJet MFP devices - Directory Traversal in PJL interface
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory Traversal in PJL interface Risk: HIGH Vendor...
HP LaserJet - Directory Traversal in PJL Interface
HP LaserJet - Directory Traversal in PJL Interface n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory...
HP LaserJet - Directory Traversal in PJL Interface
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2010.003 16-Nov-2010 Vendor: Hewlett-Packard, http://www.hp.com Affected Products: Various HP LaserJet MFP devices See HP advisory 3 for the complete list Vulnerability: Directory Traversal in PJL interface Risk: HIGH Vendor...
CVE-2010-4107
The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers...
Update : Havij v1.13 automated SQL Injection tool - New version
Update : Havij v1.13 automated SQL Injection tool - New version "Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. It can take advantage of a vulnerable web application. By using this software user can perform...
Windows NTLM Weak Nonce Vulnerability
Exploit for windows platform in category remote exploits ===================================== Windows NTLM Weak Nonce Vulnerability ===================================== Title: Windows SMB NTLM Authentication Weak Nonce Vulnerability Advisory ID: OCHOA-2010-0209 Advisory URL:...
Iomega Home Media Network Hard Drive 2.038 < 2.061 - File-system Access
----------------------------- Advisory ----------------------------- Unauthenticated File-system Access in iomega Home Media Network Hard Drive ----------------------------- Affected products ----------------------------- iomega Home Media Network Hard Drive Firmware versions 2.038 - 2.061...
Iomega Home Media Network Hard Drive v.2.038-2.061 File-system Access
Exploit for hardware platform in category remote exploits =========================================================================================== Unauthenticated File-system Access in Iomega Home Media Network Hard Drive v. 2.038 - 2.061...
iOmega Home Media Network Drive Arbitrary Access
----------------------------- Advisory ----------------------------- Unauthenticated File-system Access in iomega Home Media Network Hard Drive ----------------------------- Affected products ----------------------------- iomega Home Media Network Hard Drive Firmware versions 2.038 - 2.061...
Allowing all file system access even when
Description This flaw caused all smbd processes to inherit CAPDACOVERRIDE capabilities, allowing all file system access to be allowed even when permissions should have denied access. Please note this security problem does not affect any platform that does not support capabilities and platforms...
WinACE RAR and TAR Directory Traversal (CVE-2006-0981)
WinACE Archiver is an application that can compress to and decompress from various archive formats. The compression mainly supports ACE, LZA, MS-CAB, ZIP archive formats, however the decompression support includes a wider range of compression formats including TAR, RAR, and others. There exists a...
RedHat Security Advisory RHSA-2009:1585
The remote host is missing updates announced in advisory RHSA-2009:1585. Samba is a suite of programs used by machines to share files, printers, and other information. These samba3x packages provide Samba 3.3, which is a Technology Preview for Red Hat Enterprise Linux 5. These packages cannot be...