4108 matches found
[SECURITY] Fedora 17 Update: drupal6-og-2.3-1.fc17
Enable users to create and manage their own 'groups'...
FBI Warns Top Firms Of Anonymous Protest Hacks on May 25
The FBI Cyber Division has sent a warning to some of the world’s top corporations about a coordinated campaign of denial of service attacks and hacking, scheduled for Friday, May 25. Apple Computer, McDonald’s, ExxonMobil, Hewlett-Packard, Bank of China and Walmart are among the firms singled out...
DSA-2480-1 request-tracker3.8 - several
Bulletin has no description...
Fedora Update for drupal6-og FEDORA-2012-7293
Check for the Version of drupal6-og OpenVAS Vulnerability Test Fedora Update for drupal6-og FEDORA-2012-7293 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
USN-1438-1: Nova vulnerability
Dan Prince discovered that Nova did not enforce quotas for security groups and rules added to security groups. An authenticated user could exploit this to cause a denial of service...
SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 6163 / 6164 / 6172)
The SUSE Linux Enterprise 11 SP2 kernel has been updated to 3.0.26, which fixes a lot of bugs and security issues. The following security issues have been fixed : - A locking problem in transparent hugepage support could be used by local attackers to potentially crash the host, or via kvm a...
CVE-2012-2100
The ext4fillflexinfo function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem...
osCmax Shop CMS 2.5.1 Cross Site Scripting
Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...
BBC: Pastebin to Police Hacker-Posts
Pastebin.com could soon find itself on the wrong side of some of its most reliable traffic generators, namely, Anonymous, what’s left of LulzSec, and other hackers now that the site’s owner, Jeroen Vader, said he plans on hiring more staff to patrol the text-sharing site for “sensitive...
WordPress Deans With Pwwangs Code Shell Upload
Exploit Title: WordPress deans with pwwangs code plugin for wordpress FCKeditor Remote File Upload Author: T0x!c Date : 28/03/2012 Facebook Page: www.facebook.com/DzTem E-mail: [email protected] Category:: webapps Google Dork: inurl:"plugins/deans-fckeditor-with-pwwangs-code-plugin-for-wordpress...
NSA Director Says Agency Should Not Monitor Private Networks
The hysteria in Washington regarding the comprehensive infiltration of U.S. government and civilian networks by China has gotten to the point now that the director of the National Security Agency is saying in open Congressional hearings that his agency, the U.S. Cyber Command and others should be...
SA-CONTRIB-2012-053 - Organic Groups - Access Bypass
CVE: CVE-2012-2081 Organic groups OG enables users to create and manage their own 'groups'. Each group can have subscribers, and maintains a group home page where subscribers communicate amongst themselves. The module's Views integration does not filter out information from display groups to whic...
VMWare Enumerate User Accounts
This module will log into the Web API of VMWare and try to enumerate all the user accounts. If the VMware instance is connected to one or more domains, it will try to enumerate domain users as well. This module requires Metasploit: https://metasploit.com/download Current source:...
SA-CONTRIB-2012-021 - Organic Groups Vocab Access Bypass
CVE: CVE-2012-1644 This module enables you to have a specific vocabulary per organic group. The module doesn't sufficiently check access to vocabularies while allowing a group admin to edit the vocabularies. This vulnerability is mitigated by the fact that an attacker must have a role with the...
Indian and Bangladeshi Hackers destroying Cyber Space of Each Other
Indian and Bangladeshi Hackers destroying Cyber Space of Each Other They Call it "Cyber war" - but In actual they are destroying Cyber Space of their own Country by Defacing Sites for a matter that can't be solved by Ministry like this. The cyber attacks was started two days back from both sides...
United States Census Bureau Hacked and Vulnerability Exposed
United States Census Bureau Hacked and Vulnerability Exposed A Group of Hackers from r00tw0rm found SQL injection Vulnerability on United States Census Bureau,0x3a,user\,0x3a,database\,4,5,groupconcat\tablename+from+informationschema.tables--+ and Hackers successfully exploit the Database and...
BeWelcome Cross Site Scripting
Exploit Title: BeWelcome Cross Site Scripting Date: 10.02.2012 Author: Sony Software Link: http://www.bewelcome.org Web Browser : Mozilla Firefox Blog : http://st2tea.blogspot.com PoC: http://st2tea.blogspot.com/2012/02/bw-rox-cross-site-scripting.html...
Pastebin Downed By Second DDoS Attack This Week
For the second time this week, Pastebin.com on Thursday found itself hit by a distributed denial-of-service DDoS attack. The site was previously taken offline for a portion of the day on Tuesday, though no motives or culprits for that attack have been named yet. A post to the service’s Twitter...
DEBIAN-CVE-2011-4615
Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...
CVE-2011-4615
Multiple cross-site scripting XSS vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter aka host groups name to 1 hostgroups.php and 2 usergrps.php, the update action to 3 hosts.php and 4 scripts.php, and 5 maintenance.php...