SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference

SIEMENS Sipass Integrated 2.6 Ethernet Bus - Arbitrary Pointer Dereference IOActive Security Advisory Title: SIEMENS Sipass Integrated 2.6 Ethernet Bus Arbitrary Pointer Dereference Severity: Critical Discovered by: Lucas Apa Date Reported: 09/11/12 CVE: TBD Siemens Advisory: SSA-938777...

Sitecom MD-25x Reverse Root Shell

!/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link: http://www.sitecom.com/download/5012/SitecomNas.2.4.17.bin Version:...

Mandriva Update for python-django MDVSA-2012:143 (python-django)

Check for the Version of python-django OpenVAS Vulnerability Test Mandriva Update for python-django MDVSA-2012:143 python-django Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

rpc-grind NSE Script

Fingerprints the target RPC port to extract the target service, RPC number and version. The script works by sending RPC Null call requests with a random high version unsupported number to the target service with iterated over RPC program numbers from the nmap-rpc file and check for replies from t...

hastymail2 webmail 1.1 rc2 - Persistent Cross-Site Scripting

!/usr/bin/python ''' Exploit Title: Hastymail2 Webmail Stored XSS Date: 17/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://www.hastymail.org Software Link: http://sourceforge.net/projects/hastymail/files/latest/download Version: 1.1 RC2 Gr33Tz: @aviadgolan , @benhayak,...

Hastymail2 Webmail 1.1 RC2 Stored XSS

Exploit for php platform in category web applications !/usr/bin/python ''' Exploit Title: Hastymail2 Webmail Stored XSS Date: 17/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://www.hastymail.org Software Link: http://sourceforge.net/projects/hastymail/files/latest/download...

Hastymail2 Webmail 1.1 RC2 Cross Site Scripting

!/usr/bin/python ''' Exploit Title: Hastymail2 Webmail Stored XSS Date: 17/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://www.hastymail.org Software Link: http://sourceforge.net/projects/hastymail/files/latest/download Version: 1.1 RC2 Gr33Tz: @aviadgolan , @benhayak,...

GNU gatekeeper -- denial of service

Jan Willamowius reports: GNU Gatekeeper before 3.1 does not limit the number of connections to the status port, which allows remote attackers to cause a denial of service connection and thread consumption via a large number of connections...

Scientific Linux Security Update : cyrus-sasl on SL4.x, SL3.x i386/x86_64

A bug was found in cyrus-sasl's DIGEST-MD5 authentication mechanism. As part of the DIGEST-MD5 authentication exchange, the client is expected to send a specific set of information to the server. If one of these items the 'realm' was not sent or was malformed, it was possible for a remote...

Scientific Linux Security Update : rgmanager on SL4.x i386/x86_64

Multiple insecure temporary file use flaws were discovered in rgmanager and various resource scripts run by rgmanager. A local attacker could use these flaws to overwrite an arbitrary file writable by the rgmanager process i.e. user root with the output of rgmanager or a resource agent via a...

pcanywhere-brute NSE Script

Performs brute force password auditing against the pcAnywhere remote access protocol. Due to certain limitations of the protocol, bruteforcing is limited to single thread at a time. After a valid login pair is guessed the script waits some time until server becomes available again. Script Argumen...

Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting

Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting Title: Vanilla Tagging Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 http://vanillaforums.org/download Create a new thread and post you...

Vanilla Forums 2.0.18.4 - Tagging Persistent Cross-Site Scripting

Title: Vanilla Tagging Stored XSS Date: 1/6/12 Author: Henry Hoggard Author URL: henryhoggard.co.uk Author Twitter: @henryhoggard Software: Vanilla Version 2.0.18.4 http://vanillaforums.org/download Create a new thread and post your XSS as tag. I used alert'xss' You will have to use a proxy /...

EMC Data Protection Advisor 5.8.1 - Denial of Service

Luigi Auriemma Application: EMC Data Protection Advisor http://www.emc.com/backup-and-recovery/data-protection-advisor/data-protection-advisor.htm Versions: = 5.8.1 Platforms: AIX, HP-UX, Linux, Solaris, Windows Bugs: A cProcessAuthenticationData NULL pointer B thread CPU 100% Exploitation: remot...

EMC Data Protection Advisor 5.8.1 - Denial of Service

EMC Data Protection Advisor 5.8.1 - Denial of Service Luigi Auriemma Application: EMC Data Protection Advisor http://www.emc.com/backup-and-recovery/data-protection-advisor/data-protection-advisor.htm Versions: = 5.8.1 Platforms: AIX, HP-UX, Linux, Solaris, Windows Bugs: A...

boost security and bug fix update

1.33.1-15 - Fix bugs in parsing invalid regexps - Resolves: 766755 1.33.1-14 - Delete leftover .orig files after patches are successfully applied 1.33.1-13 - GCC 4.4 fixes - Resolves: 567722 1.33.1-11 - Add a fix for thread safety bug in boost::regex - Build with -fno-strict-aliasing due to the...

Novell Groupwise Messenger 2.1.0 - Memory Corruption

Luigi Auriemma Application: Novell GroupWise Messenger http://www.novell.com/products/groupwise/ Versions: NMAPARM1 allows to corrupt the heap memory: 0042BCD9 |. 8B0B MOV ECX,DWORD PTR DS:EBX ; 3 0042BCDB |. 8B55 FC MOV EDX,DWORD PTR SS:EBP-4 ; 3 0042BCDE...

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : openssl vulnerabilities (USN-1357-1)

It was discovered that the elliptic curve cryptography ECC subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm ECDSA for the ECDHEECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timi...

USN-1357-1: OpenSSL vulnerabilities

It was discovered that the elliptic curve cryptography ECC subsystem in OpenSSL, when using the Elliptic Curve Digital Signature Algorithm ECDSA for the ECDHEECDSA cipher suite, did not properly implement curves over binary fields. This could allow an attacker to determine private keys via a timi...

Sunway ForceControl - SNMP 'NetDBServer.exe' Opcode 0x57 (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Sunway Forcecontr...