CVE-2011-2465

Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is enabled and the Response Policy Zone RPZ contains DNAME or certain CNAME records, allows remote attackers to cause a denial of service named daemon crash via an unspecified query...

ManageEngine ServiceDesk Plus Detection

The remote web server hosts ManageEngine ServiceDesk Plus, a web-based help desk management application written in Java. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid55444; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/03/15...

CVE-2011-1907

ISC BIND 9.8.x before 9.8.0-P1, when Response Policy Zones RPZ RRset replacement is enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit via an RRSIG query...

Low: Red Hat Security Advisory: fence security, bug fix, and enhancement update

An updated fence package that fixes multiple security issues, several bugs, and adds two enhancements is now available for Red Hat Cluster Suite 4. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which...

Design/Logic Flaw

Smarty before 3.0.0, when security is enabled, does not prevent access to the 1 dynamic and 2 private object members of an assigned object, which has unspecified impact and remote attack vectors...

CVE-2010-4071

Cross-site scripting XSS vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail...

Threatpost's Five Security Trends to Watch in 2011

2010 ended with dire predictions about a new age of Internet enabled hacker-activism, but the big story in 2011 will be the explosion in IP enabled, loosely secured, Internet connected stuff. It’s the time of year when all of us gaze into the crystal ball and think of what the next 12 months has ...

IP Forwarding Enabled

The remote host has IP forwarding enabled. An attacker can exploit this to route packets through the host and potentially bypass some firewalls / routers / NAC filtering. Unless the remote host is a router, it is recommended that you disable IP forwarding. TRUSTED...

chCounter <= 3.1.3 SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================== chCounter = 3.1.3 SQL Injection Vulnerability ============================================== !/usr/bin/python Exploit Title: chCounter = 3.1.3 SQLInjection Date: 2010/11/18 Author: Matias...

chCounter 3.1.3 - SQL Injection

chCounter 3.1.3 - SQL Injection !/usr/bin/python Exploit Title: chCounter = 3.1.3 SQLInjection Date: 2010/11/18 Author: Matias [email protected]. Software Link: http://chcounter.org/chCounter3/getfile.php?id=5 Version: 3.1.3 Tested on: Ubuntu Server 10.04 with apache...

Low: Red Hat Security Advisory: nss security update

Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fr...

CVE-2010-3765

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...

Reverse Shell Applet

Added: 10/10/2010 Background This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server. Proble...

Reverse Shell Applet

Added: 10/10/2010 Background This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server. Proble...

PT-2010-1168 · Microsoft +1 · Windows Server 2003 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP1 and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2 Microsoft Windows 7 Description: The issue arises from the Print Spooler service's failure ...

Read the Screensaver-Configuration (enabled and lock) on GNOME and KDE

Read the Screensaver-Configuration enabled and lock on GNOME and KDE. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malware Rises With Smartphone Adoption

Researchers are closely watching the rise of malware on Internet-enabled mobile devices. New mobile malware boasts a broad range of functionality, including the capability to download other malicious files, detect internet connections or establish new ones, undertake URL redirection and carry out...

Vulnerability in core server (CVE-2010-1169)

A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled...

CVE-2010-1921

Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 annuaire.class.php, 2 droit.class.php, 3 collectivite.class.php, 4 profil.class.php, 5...

Apple Mac OS X multiple security vulnerabilities

Code execution on Internet Enabled Disk Image files. Multiple vulnerabilities in ImageIO,...