Debian Security Advisory DSA 2276-2 (asterisk)

The remote host is missing an update to asterisk announced via advisory DSA 2276-2. OpenVAS Vulnerability Test $Id: deb22762.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2276-2 asterisk Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Donar Player 2.8.0 Denial Of Service

Title : Donar Player 2.8.0 Denial of Service Software link : http://www.donarzone.com/downloads/donar-player-setup-free.exe , http://www.donarzone.com/donar-player Version : 2.8.0 Tested on : Windows XP SP3 English Date : 3/07/2011 Author : X-h4ck Website : http://www.pirate.al , PirateAL Crew...

Buffer overflow

Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXECCMD functionality...

Design/Logic Flaw

Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted remote attackers to cause a denial of service application crash via a crafted web page...

CVE-2011-2611

CVE-2011-2611 affects Opera browser prior to 11.50, with an unspecified vulnerability in the printing functionality that could be triggered by a crafted web page to cause application crash (DoS). Multiple vendor advisories confirm the issue and note that Opera 11.50 fixes address it. Remediation ...

XSS и AoF уязвимости в Drupal

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Abuse of Functionality уязвимостях в Drupal. XSS WASC-08: При добавлении или изменении данных в любых внутренних формах добавление/изменение поста и т.д. можно провести persistent XSS атаку. XSS код выполнится при посещении...

CVE-2011-2041

The Start Before Logon SBL functionality in Cisco AnyConnect Secure Mobility Client formerly AnyConnect VPN Client before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556...

Code injection

The Start Before Logon SBL functionality in Cisco AnyConnect Secure Mobility Client formerly AnyConnect VPN Client before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556...

Nmap NSE net: snmp-sysdescr

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2011-1922

daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted DNS request that triggers improper error handling...

FreeBSD : mod_pubcookie -- Empty Authentication Security Advisory (1ca8228f-858d-11e0-a76c-000743057ca2)

Nathan Dors, Pubcookie Project reports : An Abuse of Functionality vulnerability in the Pubcookie authentication process was found. This vulnerability allows an attacker to appear as if he or she were authenticated using an empty userid when such a userid isn't expected. Unauthorized access to we...

What is Zeus - Technical paper Zeus by SophosLabs !

What is Zeus - Technical paper Zeus by SophosLabs ! Zeus or Zbot is one of the most notorious and widely-spread information stealing Trojans in existence. Zeus is primarily targeted at financial data theft; its effectiveness has lead to the loss of millions worldwide. The spectrum of those...

Easy Contact 0.1.2 WordPress Plugin Cross Site Scripting

Hello list! I want to warn you about Insufficient Anti-automation, Abuse of Functionality and Cross-Site Scripting vulnerabilities in plugin Easy Contact for WordPress. ------------------------- Affected products: ------------------------- Vulnerable are Easy Contact 0.1.2 and previous versions...

Уязвимости в Easy Contact для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation, Abuse of Functionality и Cross-Site Scripting уязвимостях в плагине Easy Contact для WordPress. Insufficient Anti-automation WASC-21: Отсутствие капчи на странице контактов позволяет слать автоматизированные сообщения...

Cetera eCommerce 15.0 SQL Injection / Disclosure

Hello list! I want to warn you about SQL Injection, Full path disclosure, Abuse of Functionality and Insufficient Anti-automation vulnerabilities in Cetera eCommerce. It's engine for online shops. ------------------------- Affected products: ------------------------- Vulnerable are Cetera eCommer...

CVE-2011-1850

Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center IMC 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action...

CVE-2011-1850

Stack-based buffer overflow in the logging functionality in dbman.exe in HP Intelligent Management Center IMC 5.0 before E0101L02 allows remote attackers to execute arbitrary code via vectors related to a received action...

SMS Trojan Found in Several Android Apps

Google has removed a group of mobile phone applications from its Android Market after it was discovered that the applications contained code that could be used to send SMS Short Message Service spam. Google’s action came after a security firm in Taiwan published a security alert about the apps on...

Уязвимости в Silverstripe CMS

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Brute Force, Insufficient Anti-automation и Abuse of Functionality уязвимостях в Silverstripe CMS. Brute Force WASC-11: http://site/Security/login Insufficient Anti-automation WASC-21: http://site/contact-us/ http://site/Security/lostpassword В...

Уязвимости в теме Magazeen для WordPress и Dotclear

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме Magazeen для WordPress и Dotclear. Подобно уязвимостям во многих темах для WordPress, Drupal, ExpressionEngine и Joomla, также уязвимой...