PT-2013-2248 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.7.6 Description: The issue concerns the hidp setup hid function in net/bluetooth/hidp/core.c, which does not properly handle the copying of certain name fields. This allows local users to obtain sensitive...

Veeam Backup & Replication - HP San Setup Guide

Challenge Veeam Explorer for SAN Snapshots lets you perform Veeam restores of entire VMs or individual items directly from HP StoreVirtual VSA and LeftHand snapshots. And like Explorer for Exchange, it's included in all editions of Veeam Backup & Replication. Cause This is a how-to guide on...

DEBIAN-CVE-2012-2137

Buffer overflow in virt/kvm/irqcomm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service crash and possibly execute arbitrary code via vectors related to Message Signaled Interrupts MSI, irq routing entries, and an incorrect check by the...

CVE-2012-2137

Buffer overflow in virt/kvm/irqcomm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service crash and possibly execute arbitrary code via vectors related to Message Signaled Interrupts MSI, irq routing entries, and an incorrect check by the...

[SECURITY] Fedora 18 Update: ndjbdns-1.05.5-1.fc18

New djbdns: is a usable fork of djbdns. djbdns' is a Domain Name System originally written by the eminent author of Qmail, Dr D. J. Bernstein. This new version of djbdns is a complete makeover to the original sourcedjbdns-1.05 and is meant to make life a lot more pleasant. The notable changes so...

[SECURITY] Fedora 16 Update: ndjbdns-1.05.5-1.fc16

New djbdns: is a usable fork of djbdns. djbdns' is a Domain Name System originally written by the eminent author of Qmail, Dr D. J. Bernstein. This new version of djbdns is a complete makeover to the original sourcedjbdns-1.05 and is meant to make life a lot more pleasant. The notable changes so...

[SECURITY] Fedora 17 Update: ndjbdns-1.05.5-1.fc17

New djbdns: is a usable fork of djbdns. djbdns' is a Domain Name System originally written by the eminent author of Qmail, Dr D. J. Bernstein. This new version of djbdns is a complete makeover to the original sourcedjbdns-1.05 and is meant to make life a lot more pleasant. The notable changes so...

osTicket 1.7 DPR3 XSS / Disclosure / Redirect / SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

CubeCart 4.x/5.x | Setup Re-installation Privilege Escalation Vulnerability

OVERVIEW CubeCart 4.x and 5.x versions are vulnerable to Setup Re-installation Privilege Escalation. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup...

[SECURITY] Fedora 16 Update: pki-core-9.0.25-1.fc16

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D || ABOUT "CERTIFICATE SYSTEM" || =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D Certificate System CS is an enterprise software system...

[SECURITY] Fedora 17 Update: pki-core-9.0.25-1.fc17

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D || ABOUT "CERTIFICATE SYSTEM" || =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D Certificate System CS is an enterprise software system...

eliteCMS installation file did not validate + the word written to the security vulnerability-vulnerability warning-the black bar safety net

eliteCMS installation program after the installation is not locked, cause hackers can access setup addresses repeat the installation 另外 一 个 漏洞 是 安装 程序 可以 直接 写 入 一句话 到 admin/includes/config.php We look at the code: ... elseif $GET'step' == "4" $file = "../admin/includes/config.php"; $write = "?...

[Wifi Honey] Creates fake APs using all encryption

This is a script, attack can use to creates fake APs using all encryption and monitors with Airodump. It automate the setup process, it creates five monitor mode interfaces, four are used as APs and the fifth is used for airdump-ng. To make things easier, rather than having five windows all this ...

cPanel Pro 11.32.5.11 Cross Site Request Forgery

============================================================================== Vulnerable Software: cPanel version : 11.32.5 build 11-11.32.5.11 cPanel Pro Vulnerability: CSRF Vendor: cpanel.net ==============================================================================...

Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities

Title: ====== Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities Date: ===== 2012-09-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=700 VL-ID: ===== 700 Common Vulnerability Scoring System: ==================================== 4.1 Introduction: =============...

Design/Logic Flaw

Unspecified vulnerability in the decodeframe function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."...

CVE-2012-2787

Unspecified vulnerability in the decodeframe function in libavcodec/indeo4.c in FFmpeg before 0.11 and Libav 0.8.x before 0.8.4 has unknown impact and attack vectors, related to the "setup width/height."...

CVE-2011-5160

Cross-site scripting XSS vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject arbitrary web script or HTML via the site parameter...

Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities

Document Title: =============== Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id= Release Date: ============= 2012-09-09 Vulnerability Laboratory ID VL-ID: ==================================== 715...

Mandrake Linux Security Advisory : openssh (MDKSA-2000:068-1)

A vulnerability exists with all versions of OpenSSH prior to 2.3.0 with regards to the X11 forwarding and ssh-agent. If agent or X11 forwarding is disabled in the ssh client configuration, the client does not request these features during session setup. However, when the ssh client receives an...