4411 matches found
[SECURITY] Fedora 20 Update: wireshark-1.10.9-1.fc20
Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...
RedHat Update for kernel RHSA-2014:0981-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : kernel (RHSA-2014:0981)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0981 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the way the...
JVN#94791545: FuelPHP vulnerable to remote code execution
FuelPHP is a PHP web framework for creating web applications. FuelPHP applications contain an issue in the RequestCurl class, which may result in arbitrary code execution. Impact When specially crafted input is processed, arbitrary files may be deleted or arbitrary code may be executed on the...
Tinba Banker Trojan Source Code Posted
The source code for Tinba, known as the smallest banker Trojan in circulation, has been posted on an underground forum. Researchers say that the files turned out to be the source code for version one of Tinba, which was identified in 2012, and is the original, privately sold version of the...
ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit
No description provided by source. ?/ File: shoutbox.php Affects: ShoutPro 1.5.2 may affect earlier versions Date: 17th April 2007 Issue Description: =========================================================================== ShoutPro 1.5.2 fails to fully sanitize user input $shout that it writes...
EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
No description provided by source. $Id: emcappextenderkeyworks.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Nokia Electronic Documentation 5.0 Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8626/info Nokia Electronic Documentation NED has been reported prone to a cross-site scripting vulnerability. The issue has been conjectured to present itself due to a lack of sufficient sanitization performed on user...
Microsoft Windows Help program (WinHlp32.exe) Crash PoC
No description provided by source. !/usr/bin/perl Title : Microsoft Windows Help programWinHlp32.exememory corruption Version : 5.1.2600 Date : 2012-10-24 Vendor : http://www.microsoft.com Crash : http://img69.imageshack.us/img69/7652/helpview.jpg Impact : Med/High Contact : coolkaveh at...
Tolis Group BRU 17.0 - Local Root Exploit (1)
No description provided by source. source: http://www.securityfocus.com/bid/8215/info It has been reported that BRU may not properly parse commandline arguments, potentially leading to at least two vectors of exploitation. It may be possible for local attackers to conduct format string-based...
Nokia Electronic Documentation 5.0 Directory Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8624/info Nokia Electronic Documentation NED is prone to a vulnerability that may enable remote attackers to list directory contents. This issue may be exploited by appending a dot . to a request for a NED page...
Python 2.2/2.3 Documentation Server Error Page Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7353/info It has been reported that the Python Documentation Server is vulnerable to a cross-site scripting problem in error pages. Because of this, an attacker could potentially cause the execution of malicious HTML and...
my-colex 1.4.2 (ab/xss/sql) Multiple Vulnerabilities
No description provided by source. || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH! --...
Collabtive 0.65 - Multiple Vulnerabilities
No description provided by source. ANATOLIA SECURITY ADVISORY ------------------------------------ ADVISORY INFO + Title: Collabtive Multiple Vulnerabilities + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-003.txt + Advisory ID: 2010-003 + Version: 0.65 + Date: 12/10/2010 + Impact...
mailwatch <= 1.0.4 (docs.php doc) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl mailwatch = 1.0.4 Local File Inclusion Vulnerability Script site:...
Nokia Electronic Documentation 5.0 Connection Redirection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8625/info A vulnerability has been discovered in Nokia Electronic Documentation NED that may allow an attacker to redirect connections to a third party system. The problem likely occurs due to the NED server failing to...
Sony Network Camera SNC-P5 1.0 - ActiveX viewer Heap Overflow PoC
No description provided by source. !-- Sony Network Camera SNC-P5 v1.0 ActiveX viewer Heap Overflow PoC Camera info http://bssc.sel.sony.com/BroadcastandBusiness/DisplayModel?id=79540 SNC-P5 External API documentation...
CVE-2014-3868
creationtimestamp| type| source ---|---|--- 2014-06-24 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/39223...
YASAT - Yet Another Stupid Audit Tool
YASAT Yet Another Stupid Audit Tool is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies only sed, grep and cut Second goal is to document each test with maximum information and links to official documentation. It do many tests for checking...
openSUSE Security Update : puppet (openSUSE-SU-2011:1288-1)
Puppet's certificate authority issued Puppet agent certificates capable of impersonating the Puppet master. Compromised or rogue puppet agents could therefore use their certificates for MITM attacks CVE-2011-3872. Note: If you've set the 'certdnsnames' option in your master's puppet.conf file...