531 matches found
Fedora 16 : asterisk-1.8.12.2-1.fc16 (2012-8692)
The Asterisk Development Team has announced the release of Asterisk 1.8.12.2. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 1.8.12.2 resolves an issue reported by the community and would have not been possible...
CVE-2012-2948
chanskinny.c in the Skinny aka SCCP channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash by closing a...
CVE-2012-2947
chaniax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service daemon crash by placing a call on...
Design/Logic Flaw
chaniax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service daemon crash by placing a call on...
CVE-2012-2947
chaniax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service daemon crash by placing a call on...
CVE-2012-2947
chaniax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1, when a certain mohinterpret setting is enabled, allows remote attackers to cause a denial of service daemon crash by placing a call on...
CVE-2012-2948
chanskinny.c in the Skinny aka SCCP channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x before 1.8.12.1 and 10.x before 10.4.1 allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash by closing a...
AST-2012-007: Remote crash vulnerability in IAX2 channel driver.
Asterisk Project Security Advisory - AST-2012-007 Product Asterisk Summary Remote crash vulnerability in IAX2 channel driver. Nature of Advisory Remote crash Susceptibility Established calls Severity Moderate Exploits Known No Reported On March 21, 2012 Reported By mgrobecker Posted On May 29, 20...
国内优秀的JAVA(JSP)内容网站管理系统.FCK上传漏洞
简要描述: 国内优秀的JAVAJSP内容网站管理系统.FCK上传漏洞 详细说明: 漏洞地址: www.域名/thirdparty/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector=connectors/jsp/connector.jsp 漏洞证明: 使用JEECMS系统的网站FCK漏洞地址: 1、中国物流信息中心:http://www.clic.org.cn/...
Microsoft Service Cross Site Scripting
Title: ====== Microsoft Service - Persistent Web Vulnerabilities Date: ===== 2012-04-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=433 http://www.vulnerability-lab.com/getcontent.php?id=439 MSRC ID: 12209nj VL-ID: ===== 433 Introduction: ============= Official...
Microsoft Partner Service - Persistent Web Vulnerability
Document Title: =============== Microsoft Partner Service - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=433 http://www.vulnerability-lab.com/getcontent.php?id=439 MSRC ID: 12209nj Release Date: ============= 2012-04-13...
HITB MagazineVolume 1, Issue 5 Download !
Contents of HITB Magazine Issue 005: Linux Security: Investigating Kernel Return Codes with the Linux Audit System Network Security: Secure Shell Attack Measurement and Mitigation and ARP Spoofing Attacks & Methods for Detection and Prevention: Exploiting Web Virtual Hosting –Malware Infections...
Local Training Center, Hacker University, 8 in the USA Participate in Global Launch of Certified Ethical Hacker version 7
450 Global Training Centers Nominated, 25 Selected Worldwide, 8 in the USA, 1 in St. Louis February 2, 2011 St. Louis, MO – Hacker University is pleased to announce it has been asked by EC-Council, the leading international certification body in information security, to participate in the Global...
Cerberus FTP server 3.0.6 - Denial of Service
Cerberus FTP server 3.0.6 - Denial of Service Application: Cerberus FTP 3.0.6 Platforms: Windows XP Professional SP2 Windows Vista SP1 crash: YES Exploitation: Remote DoS Date: 2009-09-30 Author: Francis Provencher Protek Research Lab's 1 Introduction 2 Technical details 3 The Code ==============...
NotFTP Detection
This host is running NotFTP, a Web-based HTTP-FTP gateway written in PHP. OpenVAS Vulnerability Test $Id: notftpdetect.nasl 5737 2017-03-27 14:18:12Z cfi $ NotFTP Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is free software; you can redistribu...
NotFTP Detection
This host is running NotFTP, a Web-based HTTP-FTP gateway written in PHP. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Unfixed XSS vulnerability at www.linuxcertified.com
Security researcher Uber0n, has submitted on 12/05/2008 a cross-site-scripting XSS vulnerability affecting www.linuxcertified.com, which at the time of submission ranked 350077 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/06/2008. It is...
zyxel-xss.txt
Affected Software/Device: Zyxel ZYWall 100 Vulnerability: Cross Site Scripting Risk: Low Description: The ZyWALL 100 is designed to act as a secure gateway via xDSL/Cable modems or broadband routers for small to medium size companies. The ZyWALL 100 features an ICSA certified firewall, IPSec VPN...
MySQL MaxDB cons.exe command injection
Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...
MySQL MaxDB cons.exe command injection
Added: 01/16/2008 CVE: CVE-2008-0244 BID: 27206 OSVDB: 40210 Background MaxDB is a SAP-certified open-source database developed by MySQL. Problem The MaxDB server handles the execsdbinfo command by invoking the cons.exe program through a system call without sufficiently checking the arguments for...