Moderate: Red Hat Security Advisory: pam security update

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

RedHat Update for pam RHSA-2010:0819-01

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2010:0819-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

RedHat Update for pam RHSA-2010:0819-01

Check for the Version of pam OpenVAS Vulnerability Test RedHat Update for pam RHSA-2010:0819-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora Update for pam FEDORA-2010-17112

Check for the Version of pam OpenVAS Vulnerability Test Fedora Update for pam FEDORA-2010-17112 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Fedora 12 : proftpd-1.3.3c-1.fc12 (2010-17220)

This is an update to the current upstream maintenance release, which addresses two security issues that can be exploited by malicious users to manipulate certain data and compromise a vulnerable system. - A logic error in the code for processing user input containing the Telnet IAC Interpret As...

Injecting Fake Updates: Evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...

Metasploit Web Crawler

This auxiliary module is a modular web crawler, to be used in conjunction with wmap someday or standalone. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Web Crawler. Author: Efrain Torres et at metasploit.com 2010...

[SECURITY] Fedora 13 Update: pam-1.1.1-6.fc13

PAM Pluggable Authentication Modules is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication...

CVE-2010-4155

Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the 1 rssfeedURL parameter to manual/caferss/example.php and the sumb parameter to 2 modules/news/archive.php, 3 modules/news/topics.php, and 4...

[SECURITY] Fedora 14 Update: perl-libwww-perl-5.837-2.fc14

The libwww-perl collection is a set of Perl modules which provides a simple and consistent application programming interface to the World-Wide Web. The ma in focus of the library is to provide classes and functions that allow you to write WWW clients. The library also contain modules that are of...

pam security update

CentOS Errata and Security Advisory CESA-2010:0819 Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base score...

Moderate: Red Hat Security Advisory: pam security update

Updated pam packages that fix three security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

pam: pam_env and pam_mail accessing users' file with root privileges

The 1 pamenv and 2 pammail modules in Linux-PAM aka pam before 1.1.2 use root privileges during read access to files and directories that belong to arbitrary user accounts, which might allow local users to obtain sensitive information by leveraging this filesystem activity, as demonstrated by a...

PT-2010-1042 · Linux +1 · Linux-Pam +1

Name of the Vulnerable Software and Affected Versions: Linux-PAM versions prior to 1.1.2 Red Hat Enterprise Linux pam-devel version 1.1.1 Red Hat Enterprise Linux pam-debuginfo version 1.1.1 Red Hat Enterprise Linux pam version 1.1.1 Description: The issue concerns multiple vulnerabilities in the...

Dolphin 7.0.3 <= (6) Modules LFI Vulnerabilities

Exploit for php platform in category web applications ================================================ Dolphin 7.0.3 Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 0 1 1 0 I'm KnocKout member...

Dolphin 7.0.3 <= (poll) Modules LFI Vulnerability

Exploit for php platform in category web applications ================================================= Dolphin 7.0.3 Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 0 1 1 0 I'm KnocKout membe...

USN-959-2: PAM vulnerability

USN-959-1 fixed vulnerabilities in PAM. This update provides the corresponding updates for Ubuntu 10.10. Original advisory details: Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploi...

VSR Advisories: Linux RDS Protocol Local Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Linux RDS Protocol Local Privilege Escalation Release Date: 2010-10-19 Application: Linux Kernel Versions:...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the 1 Add Pages, 2 Add Global Content, 3 Edit Global Content, 4 Add Article, 5 Add Category, 6 Add Field Definition, or 7 Add Shortcut...

Novell Messenger Server 2.0 - Accept-Language Overflow (Metasploit)

$Id: novellmessengeracceptlang.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...