RuggedCom Devices Backdoor Access

Exploit for hardware platform in category remote exploits Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial...

RuggedCom Device Undocumented Backdoor

Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardened" networking equipment. You'll find...

RuggedCom Devices - Backdoor Access

Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardened" networking equipment. You'll find...

Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities

OVERVIEW Beatz 1.x versions are vulnerable to Cross Site Scripting. 2. BACKGROUND Beatz is a set of powerful Social Networking Script Joomla! 1.5 plugins that allows you to start your own favourite artist band website. Although it is just a Joomla! plugin, it comes with full Joolma! bundle for...

VMware ESXi/ESX patches resolve multiple security issues (VMSA-2010-0007)

The remote ESXi is missing one or more security related Updates from VMSA-2010-0007. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

How The Free Market Fails Privacy-Conscious Consumers

Editor’s Note: This is the first of a two-part podcast with security researcher Chris Soghoian. It’s a truism that the pace of technological change outstrips society’s ability to grasp the impact of that change. For the most part, the consequences of this are benign and the remedies...

PG Social Networking CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: PG Social Networking CSRF Author: Jonturk75 Vendor or Software Link: http://www.socialbiz.pro/social/ Category:: webapps Demo : http://demo.socialbiz.pro/social/admin/ Greetz: Inj3ct0r Exploit DataBase 1337day.com 0day.today...

Flock 2.6.1 Denial Of Service

Exploit Title: Flock 2.6.1 DoS Date: 29/03/2012 Author: r45c4l Email: [email protected] Product url: http://flock.en.softonic.com/ Version: 2.6.1 CVE : :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Produ...

SA-CONTRIB-2012-049 - ShareThis - Multiple Vulnerablies

The XSS issue is CVE: CVE-2012-2076 The CSRF issue is CVE: CVE-2012-2077 The ShareThis module allows you to display social networking tools to users. The administration forms of the module do not properly use the Form API allowing a malicious user to inject unexpected settings, allowing for...

Fedora Update for iproute FEDORA-2012-3008

Check for the Version of iproute OpenVAS Vulnerability Test Fedora Update for iproute FEDORA-2012-3008 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 16 Update: iproute-2.6.39-5.fc16

The iproute package contains networking utilities ip and rtmon, for exampl e which are designed to use the advanced networking capabilities of the Linux 2.4.x and 2.6.x kernel...

[SECURITY] Fedora 15 Update: iproute-2.6.38.1-6.fc15

The iproute package contains networking utilities ip and rtmon, for exampl e which are designed to use the advanced networking capabilities of the Linux 2.4.x and 2.6.x kernel...

IBM Report: Mobile Attacks, Phishing Attacks Mount in 2011

Spam volume is down, there are fewer unpatched software holes and oftware application developers did a better job of writing secure code over the last year. But IBM’s X-Force Trend and Risk Report still found plenty to worry about in 2011, according to a copy of the report released this week...

[SECURITY] Fedora 17 Update: iproute-3.2.0-3.fc17

The iproute package contains networking utilities ip and rtmon, for exampl e which are designed to use the advanced networking capabilities of the Linux 2.4.x and 2.6.x kernel...

OpenJDK: InputStream skip() information leak (Networking/IO, 7000600)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...

OpenJDK: excessive default UDP socket limit under SecurityManager (Networking, 7032417)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.233 and earlier allows remote attackers to affect integrity via unknown vectors related to Networking...

Prediction: Handful of Malicious Networks Will Spawn Most Attacks In 2012

A shadowy web of malicious networks, or “malnets” will be the source of two thirds of online attacks in 2012, according to a report from the security firm Blue Coat. Despite the continued industry focus on specific families and samples of malicious software, Blue Coat researchers say that...

kernel: security and bugfix update. (important)

The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-269...

Researchers Dump Trove of 0Days For Popular Android Applications

Researchers in China published a trove of information on previously unknown zero day vulnerabilities in popular applications for Google’s Android mobile operating system on Wednesday, including mobile browsers and at least one mobile wallet application. The vulnerabilities were found in a wide...

Wi-Fi network scanner: inSSIDer

inSSIDer is the best free Wi-Fi network scanner for Windows 7, Vista and XP The free inSSIDer software utility for Windows, iOS, and Android is one of the most useful and easy-to-interpret wireless networking tools I’ve encountered. InSSIDer displays information about the wireless networks in...