Sqlninja 0.2.6 is now available

Sqlninja 0.2.6 is now available Sqlninja's goal is to exploit SQL injection vulnerabilities on web applications that use Microsoft SQL Server as back end. It is released under the GPLv3.There are a lot of other SQL injection tools out there but sqlninja, instead of extracting the data, focuses on...

Sqlninja 0.2.6 is now available

Sqlninja 0.2.6 is now available Sqlninja's goal is to exploit SQL injection vulnerabilities on web applications that use Microsoft SQL Server as back end. It is released under the GPLv3.There are a lot of other SQL injection tools out there but sqlninja, instead of extracting the data, focuses on...

Oracle Hyperion Enterprise Performance Management arsqls24.dll缓冲区溢出漏洞

Oracle Hyperion Enterprise Performance Management是性能管理软件。 Oracle Hyperion Enterprise Performance Management在实现上存在安全漏洞，可被恶意用户利用控制用户系统。 在解析数据库连接字符串时，arsqls24.dll中存在边界错误。通过诱使用户打开特制的Hyperion Interactive Reporting Studio .oce文件造成栈缓冲区溢出。 Oracle Hyperion Enterprise Performance Management EPM 11.x 厂商补丁：...

Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Buffer Overflow (PoC)

Oracle DataDirect ODBC Drivers - HOST Attribute arsqls24.dll Stack Buffer Overflow PoC g 208.152c: Access violation - code c0000005 first chance First chance exceptions are reported before any exception ha...

Oracle DataDirect ODBC Drivers - HOST Attribute 'arsqls24.dll' Stack Buffer Overflow (PoC)

g 208.152c: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be expected and handled...

Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based

Exploit for windows platform in category dos / poc g 208.152c: Access violation - code c0000005 first chance First chance exceptions are reported before any exception hand...

Apple QuickTime 7.7.1之前版本TKHD 元素处理远程代码执行漏洞

BUGTRAQ ID: 50403 CVE ID: CVE-2011-3251 QuickTime是由苹果电脑所开发的一种多媒体架构，能够处理许多的数字视频、媒体段落、音效、文字、动画、音乐格式，以及交互式全景影像的数项类型。 Apple QuickTime 7.7.1之前版本在处理特制视频文件时存在远程代码执行漏洞，攻击者可利用此漏洞以当前用户权限执行任意代码，导致应用意外终止。此漏洞不影响Mac OS X系统。 Apple QuickTime Player 7.x 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Cisco - file Directory Traversal

Cisco - file Directory Traversal source: https://www.securityfocus.com/bid/50372/info Multiple Cisco products are prone to a directory-traversal vulnerability. Exploiting this issue will allow an attacker to read arbitrary files from locations outside of the application's current directory. This...

Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability

Description Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment. The vulnerability can be exploited over multiple protocols. This issue affects the 'Scripting' sub-component. This vulnerability affects the following supported versions: JDK and JRE 7, 6...

[SECURITY] Fedora 16 Update: kig-4.7.1-2.fc16

Interactive Geometry...

Official websites of 7 major Syrian city hacked by Anonymous for #OpSyria

Official websites of 7 major Syrian city hacked by Anonymous for OpSyria Official websites of 7 major Syrian city hacked by Anonymous hackers as part of hacktivists Anonymous' Operation Syria OpSyria . Anonymous has replaced the home pages of official Syrian websites with an interactive map of...

7-Technologies Interactive Graphical SCADA

Overview ICS-CERT originally released Advisory ICSA-11-353-01P on the US-CERT secure portal on December 19, 2011. This web page release was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of Security Research and Service Institute--Information and...

QR Tags Can Hide Malicious Links, Experts Warn

QR tags have become the next big thing in interactive marketing. But as smart phone users flock to the trendy, postage-stamp sized bar codes, researchers are warning that they could be used to hijack mobile phones by directing them to malicious Web pages. In a post on the mobile security blog...

[SECURITY] Fedora 15 Update: apache-commons-daemon-1.0.7-1.fc15

The scope of this package is to define an API in line with the current Java Platform APIs to support an alternative invocation mechanism which could be used instead of the public static void mainString method. This specification covers the behavior and life cycle of what we define as Java daemons...

[SECURITY] Fedora 16 Update: apache-commons-daemon-1.0.7-1.fc16

The scope of this package is to define an API in line with the current Java Platform APIs to support an alternative invocation mechanism which could be used instead of the public static void mainString method. This specification covers the behavior and life cycle of what we define as Java daemons...

Interactive Graphical SCADA System ODBC Server Buffer Overflow Vulnerability

This host is installed with Interactive Graphical SCADA System and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbigssodbcserverbofvuln.nasl 7044 2017-09-01 11:50:59Z teissa $ Interactive Graphical SCADA System ODBC Server Buffer Overflow Vulnerability Authors: Soora...

7-Technologies Interactive Graphical SCADA System Detection (Windows SMB Login)

SMB login-based detection of the Interactive Graphical SCADA System. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for mapserver FEDORA-2011-9517

Check for the Version of mapserver OpenVAS Vulnerability Test Fedora Update for mapserver FEDORA-2011-9517 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

HP JetDirect Printer PJL Query Execution

Exploit Title: HP JetDirect PJL Query Execution Date: Aug 7, 2011 Author: Myo Soe Software Link: http://www.hp.com Version: All Tested on: HP LaserJet Pxxxx Series $Id: $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the...

CVE-2011-2959

Stack-based buffer overflow in the Open Database Connectivity ODBC service Odbcixv9se.exe in 7-Technologies Interactive Graphical SCADA System IGSS 9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet to TCP port 22202...