ClipShare 4.1.1 - Multiples Vulnerabilities

Exploit Title: ClipShare 4.1.1 - Multiples Vulnerabilites Exploit Author: Esac Vulnerable Software: ClipShare - Video Sharing Community Script 4.1.4 Official site: http://www.clip-share.com Software License: Commercial. all versions are vulnerable: Last Checked: 27 March 2013 Note : to exploit th...

UBUNTU-CVE-2013-0287

The Simple Access Provider in System Security Services Daemon SSSD 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simpledenygroups option, which allows remote authenticated users to bypass intended access restrictions...

sssd: simple access provider flaw prevents intended ACL use when client to an AD provider

The Simple Access Provider in System Security Services Daemon SSSD 1.9.0 through 1.9.4, when the Active Directory provider is used, does not properly enforce the simpledenygroups option, which allows remote authenticated users to bypass intended access restrictions...

Philippines-Malaysia Cyber war over Sabah land dispute

A series of websites defacement has been conducted between Philippines and Malaysia over the dispute in the land of Sabah. Hackers claiming to be part of Anonymous group from Malaysian and Filipino and attacking websites of each other. It was believed that the first online attacks were made by...

Nmap NSE 6.01: smb-enum-groups

Obtains a list of groups from the remote Windows system, as well as a list of the group's users. This works similarly to 'enum.exe' with the '/G' switch. The following MSRPC functions in SAMR are used to find a list of groups and the RIDs of their users. Keep in mind that MSRPC refers to groups a...

Nmap NSE 6.01: smb-enum-groups

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ipa security, bug fix and enhancement update

3.0.0-25.el6 - Filter generated winbind dependencies so the right version of samba can be installed. 905594 3.0.0-24.el6 - Add certmonger condrestart to server post scriptlet 903758 - Make certmonger a pre Requires 903758 - Add selinux-policy to Requirespre to avoid post scriptlet AVCs 903758 - S...

389: denial of service when using certificate groups

The acllashandlegroupentry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions ACIs that use certificate groups, which allows remote authenticated LDAP users with a certificate group to cause a denial of service...

Low: Red Hat Security Advisory: Red Hat Directory Server security and bug fix update

Updated Red Hat Directory Server and related packages that fix one security issue and multiple bugs are now available for Red Hat Directory Server 8.2. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score,...

SA-CONTRIB-2013-015 - Manager Change for Organic Groups - Cross site scripting (XSS)

This module extends Organic Groups to allow the manager of a group to select a new manager for their group ie if they want to leave the group. The autocomplete field for selecting a new manager didn't properly filter usernames. The vulnerability is mitigated by the fact that Drupal's default...

Hacker charged for funding terrorist groups

A hacker 'Cahya Fitrianta' sentenced to eight years in prison by the West Jakarta District Court judges for hacking into many economic websites to steal money and funding that money to terrorist groups. He is also ordered to pay a Rp 500 million $51,000 fine. He is charged with breaking into many...

Hacker charged for funding terrorist groups

A hacker 'Cahya Fitrianta' sentenced to eight years in prison by the West Jakarta District Court judges for hacking into many economic websites to steal money and funding that money to terrorist groups. He is also ordered to pay a Rp 500 million $51,000 fine. He is charged with breaking into many...

VK Social Network Open Redirect

Exploit Title :VK social network URL Redirector Abuse Vendor: www.vk.com Author: Juan Carlos Garca NightSec Blog: http://hackingmadrid.blogspot.com Facebook http://www.facebook.com/pages/ETHICAL-HACKING-Y-OL%C3%89-by-the-Face-WhiteHat/172393869485449?sk=app190322544333196 BREIF DESCRIPTION VK...

OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: th...

JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started

JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...

Attackers Exploit Java, Compromise Reporters Without Borders Site

The Java saga continued when unknown, and apparently well concealed goons exploited recent Java and Internet Explorer zero-days to compromise the website of the French-based, free-press advocacy group, Reporters Without Borders. The attack, which attempted to take advantage of the time-gulf that...

Simatic WinCC Information Harvester

encoding: UTF-8 This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Simatic WinCC info...

[NTFS Permissions Reporter] Display Windows User Access Rights

If you are working as a standalone user on a system running one of the latest flavors of the Microsoft Windows operating system, you do not really have much need to assess and verify user permissions on the system. If a PC is shared by many, and maybe even multiple users with administration right...

Design/Logic Flaw

Unspecified vulnerability in the Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security Groups...

CVE-2012-3218

Unspecified vulnerability in the Human Resources component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Security Groups...