Muster Render Farm Management System - Arbitrary File Download

Name: Muster Render Farm Management System Arbitrary File Download Vendor Website : http://www.vvertex.com/muster.html Date Released : November 29, 2011 Affected Software : Muster 6.20 Researcher : Nick Freeman [email protected] Description Security-Assessment.com has discovere...

Multi Gather Mozilla Thunderbird Signon Credential Collection

This module will collect credentials from Mozilla Thunderbird by downloading the necessary files such as 'signons.sqlite', 'key3.db', and 'cert8.db' for offline decryption with third party tools. If necessary, you may also set the PARSE option to true to parse the sqlite file, which contains...

DarkComet-RAT v4.0 Fix1 Released - Fully Cryptable

DarkComet-RAT v4.0 Fix1 Released - Fully Cryptable DarkComet-RAT v4.0 Change log - DarkComet-RAT is now compiled on Delphi XE instead of Delphi 2010. - Synthax highlighter added in remote keylogger. - Multithreading is now more efficient, no more freezing, using a new powerfull and stable...

Android Passwords are stored in plain text on Disk

Android Passwords are stored in plain text on Disk A Android user complain that , All passwords are stored in plane text on Disk via a message on discussion board of Android. He said "The password for email accounts is stored into the SQLite DB which in turn stores it on the phone's file system i...

Fedora Update for jabberd FEDORA-2011-7818

Check for the Version of jabberd OpenVAS Vulnerability Test Fedora Update for jabberd FEDORA-2011-7818 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 13 Update: jabberd-2.2.11-4.fc13

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

[SECURITY] Fedora 15 Update: jabberd-2.2.14-1.fc15

The jabberd project aims to provide an open-source server implementation of the Jabber protocols for instant messaging and XML routing. The goal of this project is to provide a scalable, reliable, efficient and extensible server that provides a complete set of features and is up to date with the...

Scarecrow enterprise Station management system wide byte injection exploit-vulnerability warning-the black bar safety net

Scarecrow enterprise Station based on php+sqlite and php+mysql two versions, php+sqlite features and asp+access almost,the advantage is in favor of the backup, now mostly web space to support php+sqlite. php+mysql features is conducive to processing large amounts of data, but backup and restore i...

PHP sqlite_single_query和sqlite_array_query函数SQL注入漏洞

No description provided by source...

CVE-2011-1717

Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak permissions, which allows local applications to read user IDs, contacts, phone numbers, date of birth, instant message logs, and other private information...

Sqlmap v.0.9 - automatic SQL injection and database takeover tool !

Sqlmap v.0.9 - automatic SQL injection and database takeover tool ! sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for...

[SECURITY] Fedora 15 Update: rubygem-rails-3.0.5-2.fc15

Rails is a framework for building web-application using CGI, FCGI, modruby, or WEBrick on top of either MySQL, PostgreSQL, SQLite, DB2, SQL Server, or Oracle with eRuby- or Builder-based templates...

OpenDNSSEC 1.2.1 latest version Released !

OpenDNSSEC 1.2.1 latest version Released ! Version 1.2.1 of OpenDNSSEC has now been released. ldns 1.6.9 is required for bugfixes. dnsruby-1.52 required for bugfixes. Bugfixes: Auditor: 'make check' now works when srcdir != builddir. Auditor: Include the 'make check' files in the tarball. Enforce...

iFileExplorer Free Directory Traversal

Exploit Title: iPod Touch/iPhone iFileExplorer Free Directory Traversal Date: 04/03/2011 UK date format Author: theSmallNothing Software Link: http://itunes.apple.com/gb/app/ifileexplorer-protect-multi/id355253462?mt=8 Version: 2.8 Tested on: iPod Touch 2G 4.1 import urllib, sqlite3 base =...

iOS iFileExplorer Free - Directory Traversal

iOS iFileExplorer Free - Directory Traversal Exploit Title: iPod Touch/iPhone iFileExplorer Free Directory Traversal Date: 04/03/2011 UK date format Author: theSmallNothing Software Link: http://itunes.apple.com/gb/app/ifileexplorer-protect-multi/id355253462?mt=8 Version: 2.8 Tested on: iPod Touc...

Hack Record Book

Записная книга для хранения и обработки найденных на сайтах уязвимостей. Можно сохранить: + Ссылку. + Описание уязвимости. + ТИЦ, PR можно узнать автоматически. + Alexa rate. + Google indexed|not filtered pages count. + Дату и время записи. + Рейтинг уязвимости. + Ваши личные заметки по данному...

Fedora 13 : proftpd-1.3.3c-1.fc13 (2010-17098)

This is an update to the current upstream maintenance release, which addresses two security issues that can be exploited by malicious users to manipulate certain data and compromise a vulnerable system. - A logic error in the code for processing user input containing the Telnet IAC Interpret As...

Fedora 14 : proftpd-1.3.3c-1.fc14 (2010-17091)

This is an update to the current upstream maintenance release, which addresses two security issues that can be exploited by malicious users to manipulate certain data and compromise a vulnerable system. - A logic error in the code for processing user input containing the Telnet IAC Interpret As...

openSUSE Security Update : dovecot12 (openSUSE-SU-2010:0923-1)

dovecot granted admin rights to all owner mailboxes CVE-2010-3706. When using multiple ACL entries for mailboxes the most specific one was not always applied CVE-2010-3707. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

openSUSE Security Update : dovecot12 (openSUSE-SU-2010:0636-1)

When using Maildir all ACLs on INBOX were copied to newly created mailboxes although only default ACLs should have been copied CVE-2010-3304. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...