Android WiFi-Direct - Denial of Service

Android WiFi-Direct - Denial of Service Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Android WiFi-Direct Denial of Service 1. Advisory Information Title: Android WiFi-Direct Denial of Service Advisory ID: CORE-2015-0002 Advisory URL:...

ManageEngine ServiceDesk Plus 9.0 Privilege Escalation Vulnerability

ManageEngine ServiceDesk Plus version 9.0 prior to build 9031 suffers from a remote privilege escalation vulnerability due to improper access controls. Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability Product: ServiceDesk Plus http://www.manageengine.com/ Affected...

CSNC-2014-004 neuroML - Multiple Vulnerabilities

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: neuroML Version: =v1.8.1 Confirmed: v1.8.1 Vendor: neuroML.org CSNC ID: CSNC-2014-004 CVD ID: none Subject: Multiple Vulnerabilities Risk: High Effect: Remotely exploitable Author: Philipp Promeuschel...

krfb -- Multiple security issues in bundled libvncserver

Martin Sandsmark reports: krfb 4.14 and earlier embeds libvncserver which has had several security issues. Several remotely exploitable security issues have been uncovered in libvncserver, some of which might allow a remote authenticated user code execution or application crashes...

SuSE 11.3 Security Update : openjdk (SAT Patch Number 9543)

This Critical Patch Update contains 20 new security fixes for Oracle Java SE. All of these vulnerabilities could have been remotely exploitable without authentication, i.e., could be exploited over a network without the need for a username and password. %NASLMINLEVEL 70300 C Tenable Network...

BSD/OS 3.1/4.0.1,FreeBSD 3.0/3.1/3.2,RedHat Linux <= 6.0 amd Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/614/info There is a remotely exploitable buffer overflow condition in the amd daemon under several operating systems. Amd is a daemon that automatically mounts filesystems whenever a file or directory within that filesyst...

Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely...

Muhammad A. Muquit wwwcount 2.3 Count.cgi Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/128/info Wwwcount count.cgi is a very popular CGI program used to track website usage. In particular, it enumerates the number of hits on given webpages and increments them on a 'counter'. In October of 1997 two remotely...

Novell Client 3.0/3.0.1 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/700/info Novell client versions 3.0 and 3.01 for Windows platforms are vulnerable to a remotely exploitable vulnerability which could cause a denial of service. The client opens a listening tcp socket on port 427, to whic...

Vivotek IP Cameras Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com Vivotek IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: Vivotek IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0301 Advisory URL:...

Xpient Cash Drawer Operation Vulnerability

No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Xpient Cash Drawer Operation Vulnerability 1. Advisory Information Title: Xpient Cash Drawer Operation Vulnerability Advisory ID: CORE-2013-0517 Advisory URL:...

Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability

No description provided by source. ============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product:...

West Street Software LocalWEB HTTP Server 1.2 - Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1423/info LocalWEB is a freeware HTTP server for the Windows suite of operating systems. Certain versions of this software are vulnerable to a remotely exploitable buffer overflow attack. This attack can instrumented by...

Mercur 5.0 - IMAP SP3 SELECT Buffer Overflow

No description provided by source. $Id: mercurimapselectoverflow.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

PHP 3.0/4.0 Error Logging Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The vulnerability...

Valve Software Half-Life 1.1 Client Connection Routine Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8299/info Half-Life Client has been reported prone to a remotely exploitable buffer overflow condition. The issue presents itself in the client connection routine, used by the client to negotiate a connection to the...

MVDSV 0.165 b/0.171 Quake Server Download Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9218/info The mvdsv Quake Server implementation is prone to a remotely exploitable buffer overrun vulnerability. This could permit execution of arbitrary code in the context of the server...

net2ftp <= 0.97 Cross-Site Scripting/Request Forgery Vulnerabilities

No description provided by source. =cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =net2ftp = 0.97 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: net2ftp = 0.97 Cross-Site Scripting/Request Forgery Advisory ID:...

openSUSE Security Update : exim (openSUSE-SU-2012:1404-1)

This update fixes a remotely exploitable overflow in DKIM handling. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-738. The text description of this plugin is C SUSE LLC...

New OpenSSL MITM Flaw Affects All Clients, Some Server Versions

There is a new, remotely exploitable vulnerability in OpenSSL that could enable an attacker to intercept and decrypt traffic between vulnerable clients and servers. The flaw affects all versions of the OpenSSL client and versions 1.0.1 and 1.0.2-beta1 of the server software. The new vulnerability...