Lucene search
+L

5160 matches found

Packet Storm
Packet Storm
added 2013/03/27 12:0 a.m.51 views

AWS XMS 2.5 Path Traversal

Advisory ID: HTB23147 Product: AWS XMS Vendor: http://www.aws-dms.com Vulnerable Versions: 2.5 and probably prior Tested Version: 2.5 Vendor Notification: March 6, 2013 Vendor Patch: March 16, 2013 Public Disclosure: March 27, 2013 Vulnerability Type: Path Traversal CWE-22 CVE Reference:...

0.1AI score0.10008EPSS
Exploits4
Fedora
Fedora
added 2013/03/22 9:17 p.m.10 views

[SECURITY] Fedora 17 Update: euca2ools-2.1.3-1.fc17

Euca2ools are command line tools used to interact with Eucalyptus, a service overlay designed to be interface-compatible with Amazon Web Services AWS, as well as AWS itself...

2.3AI score
Exploits0
Fedora
Fedora
added 2013/03/22 9:13 p.m.10 views

[SECURITY] Fedora 18 Update: euca2ools-2.1.3-1.fc18

Euca2ools are command line tools used to interact with Eucalyptus, a service overlay designed to be interface-compatible with Amazon Web Services AWS, as well as AWS itself...

2.3AI score
Exploits0
htbridge
htbridge
added 2013/03/06 12:0 a.m.41 views

Path Traversal in AWS XMS

High-Tech Bridge Security Research Lab discovered path traversal vulnerability in AWS XMS, which can be exploited to read contents of arbitrary files. 1 Path Traversal in AWS XMS: CVE-2013-2474 The vulnerability exists due to insufficient filtration of "what" HTTP GET parameter passed to...

5CVSS1.6AI score0.10008EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.24 views

RHEL 6 : jboss-ec2-eap (RHSA-2012:1376)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2012:1376 advisory. jboss-ec2-eap provides JBoss Operations Network JBoss ON scripts for JBoss Enterprise Application Platform running on the Amazon Web Services AWS...

2.1CVSS5.5AI score0.00353EPSS
Exploits0References5
seebug.org
seebug.org
added 2012/08/07 12:0 a.m.16 views

PHP PDO内存访问冲突拒绝服务漏洞

BUGTRAQ ID: 54777 PHP是一种HTML内嵌式的语言,PHP与微软的ASP颇有几分相似,都是一种在服务器端执行的嵌入HTML文档的脚本语言,语言的风格有类似于C语言,现在被很多的网站编程人员广泛的运用。 PHP 5.4.3及其他版本在实现上存在远程拒绝服务漏洞,攻击者可利用此漏洞造成Web服务器崩溃,拒绝服务合法用户。 0 PHP 5.3.x PHP 5.2.x 厂商补丁: PHP --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php.net ?php try $db = new...

6.9AI score
Exploits0
Metasploit
Metasploit
added 2012/07/02 12:23 a.m.56 views

Windows Gather Unattended Answer File Enumeration

This module will check the file system for a copy of unattend.xml and/or autounattend.xml found in Windows Vista, or newer Windows systems. And then extract sensitive information such as usernames and decoded passwords. Also checks for '.vmimport' files that could have been created by the AWS EC2...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2012/04/27 8:30 p.m.9 views

Accidentally invented - Dos attack using Google Spreadsheets

Panos Ipeirotis, a computer scientists working at New York University,attack on his Amazon web service using Google Spreadsheets and Panos Ipeirotis checked his Amazon Web Services bill last week - its was $1,177.76 ! He had accidentally invented a brand new type of internet attack, thanks to an...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2012/04/02 6:2 a.m.17 views

Cloudworm - Candidate MS12-020 - POC

Cloudworm - Candidate MS12-020 - POC How secure are cloud servers? In technical circles, people are aware of the cloud variables and that cloud service providers offload the virtual machine security onto the customer as much as possible. Technical people know this. Not all cloud customers fall...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2012/02/14 12:0 a.m.35 views

AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AdaCore Security Advisory ========================= SA-2012-L119-003 Hash collisions in AWS Problem: Impacted versions of AWS store key/value pairs from submitted form data in hash tables using a hash function that has predictable collisions. As a...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2012/02/14 12:0 a.m.36 views

apr / aws libraries DoS

resources consumption because of collisions in a hash function...

5CVSS1.8AI score0.43346EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2012/02/08 9:55 p.m.13 views

CVE-2012-1035

AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...

5CVSS6.6AI score0.01552EPSS
Exploits0References4
Prion
Prion
added 2012/02/08 9:55 p.m.15 views

Code injection

AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...

5CVSS7.2AI score0.01552EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2012/02/08 9:0 p.m.51 views

CVE-2012-1035

AdaCore Ada Web Services (AWS) before 2.10.2 is affected by a denial-of-service vulnerability where hash values for form parameters can be triggered to collide predictably, leading to CPU exhaustion under crafted input. The issue stems from how AWS computes hashes for form parameters and can be e...

5CVSS6.8AI score0.01552EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2012/02/08 9:0 p.m.21 views

CVE-2012-1035

AdaCore Ada Web Services AWS before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...

6.6AI score0.01552EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2011/04/21 3:42 p.m.10 views

Amazon Web Service Down, No Timeline for Remedy

Amazon Web Service’s AWS Elastic Compute Cloud EC2, based in Northern Virginia, went offline early this morning, taking with it a number of popular sites including, news aggregator Reddit and question and answer site and TechCrunch darling, Quora.The Web hosting firm’s Relational Database Service...

1.1AI score
Exploits0References5
The Hacker News
The Hacker News
added 2011/01/13 1:34 a.m.5 views

Amazon Cloud Can Be Used to Hack Into Networks !

A Germany-based security researcher says he can hack into protected networks using software that runs on Amazon's cloud-based computers, according to a Reuters report. Thomas Roth, a computer security consultant based in Cologne, Germany, says he has "figured out a quick and inexpensive way to...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2010/11/05 2:9 a.m.10 views

Fedora 14 Introduces libjpegturbo for Faster Image Processing

Fedora 14, known as "Laughlin," officially launched on Tuesday, offering numerous new features aimed at enhancing the user experience for this open-source desktop operating system. Usability Focus In recent releases, Fedora, sponsored by Red Hat, has concentrated on improving usability. According...

6.6AI score
Exploits0
Prion
Prion
added 2009/10/22 4:0 p.m.16 views

Directory traversal

Directory traversal vulnerability in awstmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to upload arbitrary files, and execute arbitrary code, via directory traversal sequences in requests to T...

10CVSS8AI score0.12871EPSS
Exploits1References2Affected Software1
securityvulns
securityvulns
added 2004/10/06 12:0 a.m.22 views

[SA12732] AWS MySQLguest Script Insertion Vulnerability

TITLE: AWS MySQLguest Script Insertion Vulnerability SECUNIA ADVISORY ID: SA12732 VERIFY ADVISORY: http://secunia.com/advisories/12732/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: MySQLguest http://secunia.com/product/4008/ DESCRIPTION: BliZZard has...

0.5AI score
Exploits0
Rows per page
Query Builder