Lucene search
K

2293 matches found

UbuntuCve
UbuntuCve
added 2011/11/04 9:55 p.m.29 views

CVE-2011-3171

Directory traversal vulnerability in pure-FTPd 1.0.22 and possibly other versions, when running on SUSE Linux Enterprise Server and possibly other operating systems, when the Netware OES remote server feature is enabled, allows local users to overwrite arbitrary files via unknown vectors...

3.6CVSS6AI score0.00585EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2011/10/24 12:0 a.m.27 views

SuSE 10 Security Update : pure-ftpd (ZYPP Patch Number 7723)

The OES Netware add-ons in pure-ftpd had a security problem and some bugs, which are fixed by this update. A local attacker could overwrite local files when the OES remote server feature of pure-ftpd is enabled due to a directory traversal. CVE-2011-3171 Additionally the following bugs have been...

3.6CVSS5.5AI score0.00585EPSS
Exploits0References2
Nmap
Nmap
added 2011/10/20 2:32 a.m.699 views

http-put NSE Script

Uploads a local file to a remote web server using the HTTP PUT method. You must specify the filename and URL path with NSE arguments. Script Arguments http-put.file - The full path to the local file that should be uploaded to the server http-put.url - The remote directory and filename to store...

10CVSS9.2AI score0.99448EPSS
Exploits33
ThreatPost
ThreatPost
added 2011/10/19 3:48 p.m.13 views

Mass Injection Attack Targets ASP.NET Sites

There is yet another large-scale injection attack going on right now, with nearly 200,000 pages affected so far. The compromised pages are serving visitors with malicious code that sends them off to a remote server for installation of malware. The attack is the latest in a series of similar...

1.8AI score
Exploits0References4
securityvulns
securityvulns
added 2011/09/16 12:0 a.m.43 views

Advisory for MS11-035 / ZDI-11-167

Luigi Auriemma Application: Microsoft WINS service http://www.microsoft.com Versions: = 5.2.3790.4520 Platforms: Windows Bug: arbitrary memory corruption Exploitation: remote, versus server Date: found 21 Oct 2010 patched 10 May 2011 advisory 13 Sep 2011 Author: Luigi Auriemma e-mail:...

7.2AI score
Exploits0
OpenVAS
OpenVAS
added 2011/08/03 12:0 a.m.24 views

Debian: Security Advisory (DSA-2276-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.04612EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2011/08/02 8:36 p.m.9 views

CA security finds Android Trojan which records phone calls

CA security finds Android Trojan which records phone calls A new Android Trojan is capable of recording phone conversations, according to a CA security researcher. The trojan is triggered when the Android device places or receives a phone call. It saves the audio file and related information to t...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2011/08/02 8:36 p.m.4 views

CA security finds Android Trojan which records phone calls

CA security finds Android Trojan which records phone calls A new Android Trojan is capable of recording phone conversations, according to a CA security researcher. The trojan is triggered when the Android device places or receives a phone call. It saves the audio file and related information to t...

7AI score
Exploits0
OSV
OSV
added 2011/07/10 12:0 a.m.23 views

DSA-2276-1 asterisk - multiple issues

Bulletin has no description...

5CVSS6AI score0.04612EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/06/09 12:0 a.m.18 views

Fedora 13 : rdesktop-1.6.0-10.fc13 (2011-7694)

This update fixes a security issue in rdesktop 1.6.0. A directory traversal flaw was found in the way rdesktop shared a local path with a remote server. If a user connects to a malicious server with rdesktop, the server could use this flaw to cause rdesktop to read and write to arbitrary, local...

4.3CVSS5.3AI score0.01094EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2011/06/01 2:45 p.m.6 views

DroidDream Returns, Dozens of Apps Pulled From Android Market

Researchers have identified a second large batch of apps in the Android Market that have been infected with the DroidDream malware, estimating that upwards of 30,000 users have downloaded at least one of the more than 30 infected apps. Google has removed the apps from the market. There are at lea...

0.3AI score
Exploits0References4
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.11 views

Nmap NSE net: smb-enum-processes

Pulls a list of processes from the remote server over SMB. This will determine all running processes, their process IDs, and their parent processes. It is done by querying the remote registry service, which is disabled by default on Vista; on all other Windows versions, it requires Administrator...

Exploits0
Tenable Nessus
Tenable Nessus
added 2011/05/19 12:0 a.m.28 views

Anonymous SMTP Authentication Enabled

This SMTP service allows anonymous authentication. Any remote user may connect and authenticate without providing a password or unique credentials. This may effectively turn the remote server into an open mail relay. C Tenable Network Security, Inc. include"compat.inc"; if description...

5.5AI score
Exploits0References4
The Hacker News
The Hacker News
added 2011/05/08 6:33 a.m.11 views

EgY SpIdEr ShElL : Shell strongest in the history the hacker !

Sites get hacked every day. The bad guys often install a toolkit to control remote servers effectively. Here is one called EgY SpIdEr ShElL: When logging in, you get a quick overview of the machine with what services are running, as well as some hardware specs.: The toolkit provides you with...

7.3AI score
Exploits0
Packet Storm
Packet Storm
added 2011/05/05 12:0 a.m.40 views

SPlayer 3.7 Buffer Overflow

!/usr/bin/python Exploit Title: SPlayer Software Link: http://www.splayer.org/index.en.html Versions: URL ctrl+u ... 3. Input the server URL and Click OK ... 4. Boom!/calc ... Method 2: 1. Execute this script ... 2. Launch SPlayer and click Open ctrl+o ... 3. Browse to any playlist file m3u, pls ...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2011/05/04 12:0 a.m.15 views

SPlayer 3.7 (build 2055) - Remote Buffer Overflow

SPlayer 3.7 build 2055 - Remote Buffer Overflow !/usr/bin/python Exploit Title: SPlayer Software Link: http://www.splayer.org/index.en.html Versions: URL ctrl+u ... 3. Input the server URL and Click OK ... 4. Boom!/calc ... Method 2: 1. Execute this script ... 2. Launch SPlayer and click Open...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/05/04 12:0 a.m.35 views

SPlayer 3.7 (build 2055) - Remote Buffer Overflow

!/usr/bin/python Exploit Title: SPlayer Software Link: http://www.splayer.org/index.en.html Versions: URL ctrl+u ... 3. Input the server URL and Click OK ... 4. Boom!/calc ... Method 2: 1. Execute this script ... 2. Launch SPlayer and click Open ctrl+o ... 3. Browse to any playlist file m3u, pls ...

7.4AI score
Exploits0
OSV
OSV
added 2011/03/30 10:55 p.m.3 views

CVE-2011-1097

rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service heap memory corruption and application crash or possibly execute arbitrary code via malformed data...

7.9AI score
Exploits0References19
Exploit DB
Exploit DB
added 2011/03/09 12:0 a.m.25 views

WebKit 1.2.x - Local Webpage Cross Domain Information Disclosure

source: https://www.securityfocus.com/bid/46816/info WebKit is prone to a cross-domain scripting vulnerability because it fails to properly enforce the same-origin policy. Successfully exploiting this issue will allow attackers to send the content of arbitrary files from the user's system to a...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/03/03 12:0 a.m.51 views

Apache Derby 'BUILTIN' Authentication Insecure Password Hashing

According to its self-reported version number, the installation of Apache Derby running on the remote server performs a transformation on passwords that removes half the bits from most of the characters before hashing. This leads to a large number of hash collisions, letting passwords be easily...

2.1CVSS8.1AI score0.01479EPSS
Exploits0References4
Rows per page
Query Builder