CVE-2010-4071

Cross-site scripting XSS vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichText is enabled, allows remote attackers to inject arbitrary web script or HTML via JavaScript in an HTML e-mail...

Threatpost's Five Security Trends to Watch in 2011

2010 ended with dire predictions about a new age of Internet enabled hacker-activism, but the big story in 2011 will be the explosion in IP enabled, loosely secured, Internet connected stuff. It’s the time of year when all of us gaze into the crystal ball and think of what the next 12 months has ...

IP Forwarding Enabled

The remote host has IP forwarding enabled. An attacker can exploit this to route packets through the host and potentially bypass some firewalls / routers / NAC filtering. Unless the remote host is a router, it is recommended that you disable IP forwarding. TRUSTED...

chCounter <= 3.1.3 SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================== chCounter = 3.1.3 SQL Injection Vulnerability ============================================== !/usr/bin/python Exploit Title: chCounter = 3.1.3 SQLInjection Date: 2010/11/18 Author: Matias...

chCounter 3.1.3 - SQL Injection

chCounter 3.1.3 - SQL Injection !/usr/bin/python Exploit Title: chCounter = 3.1.3 SQLInjection Date: 2010/11/18 Author: Matias [email protected]. Software Link: http://chcounter.org/chCounter3/getfile.php?id=5 Version: 3.1.3 Tested on: Ubuntu Server 10.04 with apache...

Low: Red Hat Security Advisory: nss security update

Updated nss packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fr...

CVE-2010-3765

Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when JavaScript is enabled, allows remote attackers to execute arbitrary code via vectors related to nsCSSFrameConstructor::ContentAppended, the...

Reverse Shell Applet

Added: 10/10/2010 Background This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server. Proble...

Reverse Shell Applet

Added: 10/10/2010 Background This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server. Proble...

PT-2010-1168 · Microsoft +1 · Windows Server 2003 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista SP1 and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2 Microsoft Windows 7 Description: The issue arises from the Print Spooler service's failure ...

Read the Screensaver-Configuration (enabled and lock) on GNOME and KDE

Read the Screensaver-Configuration enabled and lock on GNOME and KDE. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malware Rises With Smartphone Adoption

Researchers are closely watching the rise of malware on Internet-enabled mobile devices. New mobile malware boasts a broad range of functionality, including the capability to download other malicious files, detect internet connections or establish new ones, undertake URL redirection and carry out...

Vulnerability in core server (CVE-2010-1169)

A vulnerability in Safe.pm and PL/Perl can allow an authenticated user to run arbitrary Perl code on the database server if PL/Perl is installed and enabled...

CVE-2010-1921

Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 annuaire.class.php, 2 droit.class.php, 3 collectivite.class.php, 4 profil.class.php, 5...

Apple Mac OS X multiple security vulnerabilities

Code execution on Internet Enabled Disk Image files. Multiple vulnerabilities in ImageIO,...

HP-UX Update for AudFilter rules enabled HPSBUX02514

Check for the Version of AudFilter rules enabled OpenVAS Vulnerability Test HP-UX Update for AudFilter rules enabled HPSBUX02514 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for AudFilter rules enabled HPSBUX02514

Check for the Version of AudFilter rules enabled OpenVAS Vulnerability Test HP-UX Update for AudFilter rules enabled HPSBUX02514 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

HP-UX Update for NFS/ONCplus HPSBUX02509

Check for the Version of NFS/ONCplus OpenVAS Vulnerability Test HP-UX Update for NFS/ONCplus HPSBUX02509 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

HP-UX Update for NFS/ONCplus HPSBUX02509

Check for the Version of NFS/ONCplus OpenVAS Vulnerability Test HP-UX Update for NFS/ONCplus HPSBUX02509 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[security bulletin] HPSBUX02509 SSRT100032 rev.1 - HP-UX Running NFS/ONCplus, NFS Inadvertently Enabled

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02026642 Version: 1 HPSBUX02509 SSRT100032 rev.1 - HP-UX Running NFS/ONCplus, NFS Inadvertently Enabled NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...