CVE-2012-2451

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be...

Low: Red Hat Security Advisory: sblim-cim-client2 security update

Updated sblim-cim-client2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

CVE-2012-1906

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages...

Puppet uses predictable filenames, allowing arbitrary file overwrite

Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise PE Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages...

Anatomy of a LulzSec Attack 'Singles Out' Web 2.0 Weakness

A new report analyzing a recent attack on a military dating site underscores the need for stronger safeguards on social networks. As part of its Hacker Intelligence Initiative, database and application security provider Imperva deconstructed a March attack by the hacker collective LulzSec on...

CVE-2012-2905

Artiphp CMS 5.5.0 Neo r422 stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request...

CVE-2012-2905

Artiphp CMS 5.5.0 Neo r422 stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request...

CVE-2012-2905

CVE-2012-2905 affects Artiphp CMS 5.5.0 Neo (r422), where database backups are stored with predictable names under the web root due to insufficient access control. This information exposure enables remote attackers to obtain sensitive data via direct requests. The primary impact is confidential d...

Moderate: Red Hat Security Advisory: tomcat5 security and bug fix update

Updated tomcat5 packages that fix multiple security issues and two bugs are now available for JBoss Enterprise Web Server 1.0.2 for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CV...

Artiphp CMS 5.5.0 database backup disclosure Exploit-vulnerability warning-the black bar safety net

? php / Artiphp CMS 5.5.0 Database Backup Disclosure Exploit Author: Artiphp www.2cto.com http://www.artiphp.com Affected version: 5.5.0 Neo r422 Summary: Artiphp is a content management system CMS open and free to create and manage your website. Description: Artiphp stores database backups using...

Artiphp CMS 5.5.0 Database Backup Disclosure

\n\n\n"; die; $godinaarray = array'2012','2011','2010'; $mesecarray = array'12','11','10','09', '08','07','06','05', '04','...

Artiphp CMS 5.5.0 Database Backup Disclosure Exploit

Exploit for php platform in category web applications ?php / Artiphp CMS 5.5.0 Database Backup Disclosure Exploit Vendor: Artiphp Product web page: http://www.artiphp.com Affected version: 5.5.0 Neo r422 Summary: Artiphp is a content management system CMS open and free to create and manage your...

MediaWiki < 1.17.3 / 1.18.2 Multiple Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by multiple security vulnerabilities : - An attacker can block/unblock arbitrary users via cross- site request forgery attack XSRF against an authorized user. CVE-2012-1578 - Unauthorized users can...

RuggedCom Rugged Operating System Vulnerability

RuggedCom Rugged Operating System ROS, used in RuggedCom network infrastructure devices, contains a hard-coded user account with a predictable password. This user account cannot be manually disabled. An attacker who successfully guesses the password may be able to gain complete administrative...

RuggedCom Rugged Operating System (ROS) contains hard-coded user account with predictable password

Overview RuggedCom Rugged Operating System ROS contains a hard-coded user account with a predictable password. Description RuggedCom Rugged Operating System ROS, used in RuggedCom network infrastructure devices, contains a hard-coded user account named "factory" that cannot be disabled. The...

[SECURITY] [DSA 2453-1] gajim security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2453-1 [email protected] http://www.debian.org/security/ Nico Golde April 16, 2012 http://www.debian.org/security/faq -...

Debian DSA-2453-1 : gajim - several vulnerabilities

Several vulnerabilities have been discovered in Gajim, a feature-rich Jabber client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2012-1987 Gajim is not properly sanitizing input before passing it to shell commands. An attacker can use this flaw to...

Ubuntu Update for puppet USN-1419-1

Ubuntu Update for Linux kernel vulnerabilities USN-1419-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN14191.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for puppet USN-1419-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

RedHat Update for tomcat5 RHSA-2012:0474-01

Check for the Version of tomcat5 OpenVAS Vulnerability Test RedHat Update for tomcat5 RHSA-2012:0474-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Ubuntu: Security Advisory (USN-1419-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...