[Firebind Reflector v0.53] Portable Network Path Scanning Tool

Firebind Reflector is a portable network path scanning tool that can profile firewall and other network device rules for port blocking, such as perform egresss/exfiltration testing. Reflector has a client side and listener server-side like Netcat and Ncat, except Reflector can dynamically be told...

Collabtive 1.0 XSS / Shell Upload / Privilege Escalation

============================================= - Release date: July 22th, 2013 - Discovered by: Enrico Cinquini - Severity: High ============================================= I. VULNERABILITY ------------------------- Collabtive multiple vulnerabilities. II. INTRODUCTION -------------------------...

[SECURITY] Fedora 17 Update: kdesdk-4.10.4-1.fc17

A metapackage/collection of applications and tools used by developers, incl uding: cervisia: a CVS frontend kate: advanced text editor kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays designer's UI files lokalize: computer-aided...

[SECURITY] Fedora 18 Update: kdesdk-4.10.4-1.fc18

A metapackage/collection of applications and tools used by developers, incl uding: cervisia: a CVS frontend kate: advanced text editor kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays designer's UI files lokalize: computer-aided...

Fedora Update for mongodb FEDORA-2013-4531

Check for the Version of mongodb OpenVAS Vulnerability Test Fedora Update for mongodb FEDORA-2013-4531 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 18 Update: mongodb-2.2.3-4.fc18

Mongo from "humongous" is a high-performance, open source, schema-free document-oriented database. MongoDB is written in C++ and offers the follow ing features: Collection oriented storage: easy storage of object/JSON-style data Dynamic queries Full index support, including on inner objects and...

Cisco Wireless LAN Controller multiple security vulnerabilities

DoS via IP packet processing in IPS, DoS via SIP packet, SNMP unauthorized access, HTTP Profiling code execution...

CVE-2013-1104

The HTTP Profiling functionality on Cisco Wireless LAN Controller WLC devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636...

Design/Logic Flaw

The HTTP Profiling functionality on Cisco Wireless LAN Controller WLC devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636...

CVE-2013-1104

The CVE-2013-1104 issue affects Cisco Wireless LAN Controllers (WLC) with software 7.3.101.0, where HTTP Profiling allows remote authenticated users to execute arbitrary code by sending a crafted HTTP User-Agent header (Remote Code Execution). Multiple public references confirm the HTTP Profiling...

CVE-2013-1104

The HTTP Profiling functionality on Cisco Wireless LAN Controller WLC devices with software 7.3.101.0 allows remote authenticated users to execute arbitrary code via a crafted HTTP User-Agent header, aka Bug ID CSCuc15636...

CentOS Update for mysql CESA-2013:0121 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Scientific Linux Security Update : mysql on SL5.x i386/x86_64 (20130108)

It was found that the fix for the CVE-2009-4030 issue, a flaw in the way MySQL checked the paths used as arguments for the DATA DIRECTORY and INDEX DIRECTORY directives when the 'datadir' option was configured with a relative path, was incorrectly removed when the mysql packages in Scientific Lin...

Low: Red Hat Security Advisory: mysql security and bug fix update

Updated mysql packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

webgrind 1.0 - file Local File Inclusion

webgrind 1.0 - file Local File Inclusion webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in...

Ubuntu 10.04 LTS / 10.10 / 11.04 : thunderbird vulnerabilities (USN-1254-1)

It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Thunderbird 3.1. An attacker could potentially exploit a user who had installed an add-on that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the...

MozillaFirefox secuirty update (critical)

MozillaFirefox was updated to version 8 bnc728520 to fix the following security issues: MFSA 2011-47/CVE-2011-3648 bmo690225 Potential XSS against sites using Shift-JIS MFSA 2011-48/CVE-2011-3651/CVE-2011-3652/CVE-2011-3654 Miscellaneous memory safety hazards MFSA 2011-49/CVE-2011-3650 bmo674776...

USN-1251-1: Firefox and Xulrunner vulnerabilities

It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Firefox 3.6. An attacker could potentially exploit Firefox when an add-on was installed that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the Mozill...

Debian DSA-2342-1 : iceape - several vulnerabilities

Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of SeaMonkey : - CVE-2011-3647 'mozbugra4' discovered a privilege escalation vulnerability in addon handling. - CVE-2011-3648 Yosuke Hasegawa discovered that incorrect handling of Shift-JIS encodings could...

Thunderbird 3.1 < 3.1.16 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 3.1 is earlier than 3.1.16. Such versions are potentially affected by the following security issues : - There is an error within the JSSubScriptLoader that incorrectly unwraps 'XPCNativeWrappers'. By tricking a user into installing a malicious plug-in, an...