CVE-2011-0543

CVE-2011-0543 affects fusermount in Fuse (versions 2.8.5 and earlier) where, if util-linux does not support the --no-canonicalize option, a local attacker could bypass access restrictions and unmount arbitrary directories via a symlink attack. This describes a local, privilege-safe concern with p...

CVE-2011-0543

Certain legacy functionality in fusermount in fuse 2.8.5 and earlier, when util-linux does not support the --no-canonicalize option, allows local users to bypass intended access restrictions and unmount arbitrary directories via a symlink attack...

INSECT Pro 2.7 - Penetration testing tool download

INSECT Pro 2.7 - Penetration testing tool download INSECT Pro 2.7 - Ultimate is here! This penetration security auditing and testing software solutionis designed to allow organizations of all sizes mitigate, monitor and manage the latest security threats vulnerabilities and implement active...

How to manually test hotadd functionality

Purpose This article documents the procedure for manually performing hotadd to test whether a Veeam Backup Proxy can attach a VM's base disks. Solution Requirements and Limitations Before testing, review Virtual Appliance HOTADD Requirements and Limitations Review KB1054:Appliance Mode Hotadd...

CVE-2011-2358

Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension...

Design/Logic Flaw

Google Chrome before 13.0.782.107 does not ensure that developer-mode NPAPI extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension...

CVE-2011-2791

The International Components for Unicode ICU functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write...

Design/Logic Flaw

Google Chrome before 13.0.782.107 does not ensure that extension installations are confirmed by a browser dialog, which makes it easier for remote attackers to modify the product's functionality via a Trojan horse extension...

Debian Security Advisory DSA 2276-2 (asterisk)

The remote host is missing an update to asterisk announced via advisory DSA 2276-2. OpenVAS Vulnerability Test $Id: deb22762.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2276-2 asterisk Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Donar Player 2.8.0 Denial Of Service

Title : Donar Player 2.8.0 Denial of Service Software link : http://www.donarzone.com/downloads/donar-player-setup-free.exe , http://www.donarzone.com/donar-player Version : 2.8.0 Tested on : Windows XP SP3 English Date : 3/07/2011 Author : X-h4ck Website : http://www.pirate.al , PirateAL Crew...

Buffer overflow

Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXECCMD functionality...

Design/Logic Flaw

Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted remote attackers to cause a denial of service application crash via a crafted web page...

CVE-2011-2611

CVE-2011-2611 affects Opera browser prior to 11.50, with an unspecified vulnerability in the printing functionality that could be triggered by a crafted web page to cause application crash (DoS). Multiple vendor advisories confirm the issue and note that Opera 11.50 fixes address it. Remediation ...

XSS и AoF уязвимости в Drupal

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Abuse of Functionality уязвимостях в Drupal. XSS WASC-08: При добавлении или изменении данных в любых внутренних формах добавление/изменение поста и т.д. можно провести persistent XSS атаку. XSS код выполнится при посещении...

CVE-2011-2041

The Start Before Logon SBL functionality in Cisco AnyConnect Secure Mobility Client formerly AnyConnect VPN Client before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556...

Code injection

The Start Before Logon SBL functionality in Cisco AnyConnect Secure Mobility Client formerly AnyConnect VPN Client before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556...

Nmap NSE net: snmp-sysdescr

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2011-1922

daemon/worker.c in Unbound 1.x before 1.4.10, when debugging functionality and the interface-automatic option are enabled, allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted DNS request that triggers improper error handling...

FreeBSD : mod_pubcookie -- Empty Authentication Security Advisory (1ca8228f-858d-11e0-a76c-000743057ca2)

Nathan Dors, Pubcookie Project reports : An Abuse of Functionality vulnerability in the Pubcookie authentication process was found. This vulnerability allows an attacker to appear as if he or she were authenticated using an empty userid when such a userid isn't expected. Unauthorized access to we...

What is Zeus - Technical paper Zeus by SophosLabs !

What is Zeus - Technical paper Zeus by SophosLabs ! Zeus or Zbot is one of the most notorious and widely-spread information stealing Trojans in existence. Zeus is primarily targeted at financial data theft; its effectiveness has lead to the loss of millions worldwide. The spectrum of those...