47153 matches found
US-CERT Technical Cyber Security Alert TA09-294A -- Oracle Updates for Multiple Vulnerabilities
Oracle Critical Patch Update Advisory - October 2009 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
PBLang <= 4.99.17.q Remote File Rewriting / Remote Command Execution
--------------------------------------------------------------- / | | / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / / | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg Original Here:...
XSS in Rainbow with Rainbow.Zen
hey ,, Vulnerable : rainbowportal web : http://rainbowportal.net/ XSS : 1- http://example.net/jira/secure/BrowseProject.jspa?id="scriptalert'BLacKZeRo'/script Discovered By BLacK ZeRo [email protected] Best regards ,,...
Etnus TotalView 5.
Program: Etnus TotalView Version: 5.0.0-4 DESCRIPTION ----------- TotalView is a multiprocess source-level debugger for programs written in the C, C++, and Fortran programming languages. TotalView is part of a suite of programming tools from Etnus, LLC. PROBLEM ------- Failed to install the files...
def-2001-09: Winzip32 zipandemail Buffer Overflow
====================================================================== Defcom Labs Advisory def-2001-09 Winzip32 zipandemail Buffer Overflow Author: Peter Grьndl [email protected] Release Date: 2001-03-02 ======================================================================...
[ MDVSA-2014:133 ] gd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:133 http://www.mandriva.com/en/support/security/ Package : gd Date : July 10, 2014 Affected: Business Server 1.0 Problem Description: Updated gd and libgd packages fix security vulnerability: The...
[USN-2192-1] OpenSSL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2192-1 May 05, 2014 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
APPLE-SA-2012-06-11-1 iTunes 10.6.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-06-11-1 iTunes 10.6.3 iTunes 10.6.3 is now available and addresses the following: iTunes Available for: Mac OS X v10.5 or later, Windows 7, Vista, XP SP2 or later Impact: Importing a maliciously crafted .m3u playlist may lead to an...
Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS
Advisory: Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS Advisory ID: SSCHADV2011-007 Author: Stefan Schurtz Affected Software: Successfully tested on: version 4.2.1.f Vendor URL: http://www.blogcms.com Vendor Status: resolved CVE-ID: - ========================== Vulnerability...
FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution
Security Advisory ----------------- FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution Researcher Information ---------------------- Discovered by: Giuseppe Zmax Fuggiano Website: http://www.giusef.net Contact: giuseppedotfuggianoatgmaildotcom Product Information...
Audacity buffer overflow
buffer overflow on .gro files parsing...
ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability
ZDI-08-071: IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-071 October 30, 2008 -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Storage Manager Express -- TippingPointTM IPS Customer Protection:...
Oracle Critical Patch Update Advisory - July 2008
Oracle Critical Patch Update Advisory - July 2008 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are...
Cisco CallManager 4.1 Input Validation Vulnerability
Cisco CallManager 4.1 Input Validation Vulnerability scip AG Vulnerability ID 2977 03/13/2007 http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2977 I. INTRODUCTION Cisco CallManager, short CCM, is a professional voice-over-IP solution that tracks active components, including among others phones,...
uniForum <= v4 (wbsearch.aspx) Remote SQL Injection Vulnerability
Title : uniForum = v4 wbsearch.aspx Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : ... Vendor : http://uniforum.biz/ $$ : $99 SQL--------------------------------------------------------- http://target/path//wbsearch.aspx POST Method SQL Example: //Fin the -wbsearch.aspx...
Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability
Advisory: //////////// Microsoft Visual C++ 6.0 is prone to stack based memory corruption vulnerability during processing .RC resource files, caused by the lack of input data boundary check. Vulnerable software: //////////////////// Microsoft Visual Studio 6.0 SP6 Impact: /////// Remote code...
zenphoto Multiple Path Disclosure and Cross Site Scripting Vulnerabilities
Hi all, I've found several vulnerabilities in zenphoto, which is a great and simple photo gallery. I notified the team a month ago, and the new release zenphoto 1.0.2 beta fixes all the vulnerabilities. Thanks to the team for their great application and the fixes...
SECURITY.NNOV advisory - The Bat! directory traversal (public release)
This advisory is being provided to you under the policy documented at http://www.wiretrip.net/rfp/policy.html. SECURITY.NNOV advisory - The Bat! directory traversal Topic: The Bat! attachments directory traversal Author: 3APA3A [email protected] Affected Software: The Bat! Version = 1.48f...
[USN-1110-1] KDE-Libs vulnerabilities
========================================================================== Ubuntu Security Notice USN-1110-1 April 14, 2011 kde4libs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
vsftpd 2.3.2 remote denial-of-service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 vsftpd 2.3.2 remote denial-of-service Author: Maksymilian Arciemowicz http://securityreason.com/ http://cxib.net/ Date: - - Dis.: 23.12.2010 - - Pub.: 01.03.2011 CVE: CVE-2011-0762 CERT: VU590604 Fix: vsftpd 2.3.4 15.02.2011 Affected Software verified...
ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability
ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-113 June 23, 2010 -- CVE ID: CVE-2010-1199 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x -- TippingPointTM IPS Customer Protection:...
[SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2010-1157: Apache Tomcat information disclosure vulnerability Severity: Low Vendor: The Apache Software Foundation Versions Affected: - - Tomcat 6.0.0 to 6.0.26 - - Tomcat 5.5.0 to 5.5.29 Note: The unsupported Tomcat 3.x, 4.x and 5.0.x versions ma...
[ MDVSA-2010:003 ] sendmail
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:003 http://www.mandriva.com/security/ Package : sendmail Date : January 11, 2010 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0, Enterprise Server 5.0, Multi Network Firewall 2.0 Problem Description...
POC for CVE-2008-5619 (roundcubemail PHP arbitrary code injection)
Public Release Date of POC: 2008-12-22 Author: Jacobo Avariento Gimeno Sofistic CVE id: CVE-2008-5619 Bugtraq id: 32799 Severity: Critical Vulnerability reported by: RealMurphy Intro ---- Roundcube Webmail is a browser-based IMAP client that uses "chuggnutt.com HTML to Plain Text Conversion"...
[MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue
MajorSecurity Advisory 47Simple Machines Forum SMF - Session fixation Issue Details ======= Product: Simple Machines Forum SMF Affected version: 1.1.2 and prior Remote-Exploit: yes Vendor-URL: http://www.simplemachines.org Vendor-Status: informed Advisory-Status: published Credits ============...
SCO 5.0.6 MMDF issues (deliver)
====================================================================== Strategic Reconnisiance Team Security AdvisorySRT2001-03 Topic: SCO 5.0.6 MMDF issues deliver Vendor: SCO Release Date: 03/27/01 ====================================================================== .: Description SCO...
IIS HACKING
Hi Folks, i have just compiled the well-known IIS tricks. I hope it will be helpful for securing your server. any comment,suggestion or insult...? wellcome MAB- SECURING IIS by BREAKING ===================================================== by Mount Ararat Blossom 9/15/2000...
MiniUPnP library buffer overflow
Buffer overflow on network request processing...
SilverStripe CMS Unvalidated Redirect & XSS vulnerabilities
Credits: hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-SILVERSTRIPE0607.txt Vendor: ================================ http://www.silverstripe.org/software/download Product: ================================ SilverStripe CMS & Framework v3.1.13...
vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability
Exploit Title: vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability + Discovered By: Dariush Nasirpour Net.Edit0r + My Homepage: black-hg.org / nasirpour.info + Date: 2015 27 February + Vendor Homepage: vBulletin.com + Tested on: vBulletin 4.2.2 + Greeting : Ali Razmjoo -...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
HTB22946: Multiple SQL Injection in Ajax Category Dropdown wordpress plugin
Vulnerability ID: HTB22946 Reference: http://www.htbridge.ch/advisory/multiplesqlinjectioninajaxcategorydropdownwordpressplugin.html Product: Ajax Category Dropdown wordpress plugin Vendor: http://www.dyasonhat.com/ http://www.dyasonhat.com/ Vulnerable Version: 0.1.5 Vendor Notification: 07 April...
Openregistrecil 1.02 (RFI/LFI) Multiple File Include Vulnerability
================================================================== Openregistrecil 1.02 RFI/LFI Multiple File Include Vulnerability ================================================================== + Openregistrecil 1.02 RFI/LFI Multiple File Include Vulnerability...
ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-083 November 10, 2009 -- CVE ID: CVE-2009-3129 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Excel -- TippingPointTM IPS...
CUPS / poppler / xpdf / Adobe Reader multipls security vulnerabilities
Integer overflows, race condiotions...
Max's Guestbook (XSS) Remote Vulnerability
Discovered by: GTADarkDude Disconvered on: 10 December 2008 Name: Max's Guestbook Version: 1.0 URL: http://www.phpf1.com/product/php-guestbook-script.html URL2: http://www.hotscripts.com/Detailed/78571.html Google Search: intitle:"Max's Guestbook" powered-by-PHP-F1 File maxGuestbook.class...
PHP-Nuke genaral print SQL Injection(id)
PHP-Nuke genaral print SQL Injectionid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"modules.php?name"print DORK 2 : allinurl:"modules.php?name=Hikaye" DORK : allinurl:"modules.php?name=Fikralar" DORK :...
zabbix privilege escalation
Super-user privileges are not droppen on user-supplied application execution...
iDefense Security Advisory 08.16.07: IBM DB2 Universal Database Directory Creation Vulnerability
IBM DB2 Universal Database Directory Creation Vulnerability iDefense Security Advisory 08.16.07 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 16, 2007 I. BACKGROUND IBM Corp.'s DB2 Universal Database product is a large database server product commonly used for high end databases. For...
AIX 4.3 lsmcode local root command execution
It has been reported on http://www.securityfocus.com/bid/18114/ about this vulnerability in AIX 5.1 - 5.3, some exploits is published in milw0rm to exploits this issue http://milw0rm.com/exploits/701 I have an AIX 4.3 box and it seems vulnerable with this issue too bash-2.04$ mkdirhier /tmp/aap/b...
PHP 5.2.0 session.save_path safe_mode and open_basedir bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.0 session.savepath safemode and openbasedir bypass Author: Maksymilian Arciemowicz SecurityReason Date: - - Written: 02.10.2006 - - Public: 08.12.2006 SecurityAlert Id: 43 CVE: CVE-2006-6383 SecurityRisk: High Affected Software: PHP 5.2.0...
P.A.I.D v2.2
P.A.I.D v2.2 Homepage: http://www.webexceluk.net Effected files: faq.php input form of logging in. index.php The input forms of logging into My Account do not sanatize user input. For PoC of a XSS attack simply put in: "IMG SRC=javascript:alert'XSS'" It also seems when logging in, even if your...
[Full-Disclosure] EarlyImpact ProductCart shopping cart software multiple security vulnerabilities
S-Quadra Advisory 2004-02-16 Topic: EarlyImpact ProductCart shopping cart software multiple security vulnerabilities Severity: High Vendor URL: http://www.earlyimpact.com Advisory URL: http://www.s-quadra.com/advisories/Adv-20040216.txt Release date: 16 Feb 2004 1. DESCRIPTION ProductCart is a...
Details and exploitation of buffer overflow in mshtml.dll (and few sidenotes on Unicode overflows in general)
Dear, Advisory was originally posted in 1-3 2 weeks ago, so I think it's enough time passed to publish some details, because 4,5 have enough information to re-discover vulnerability. ERRor erroratpochtamt.ru discovered IE 5.5 and 6.0 in some cases crash on embed src="filename.AAAAAAAAAAlot of 'A'...
Orange Web Server v2.1 DoS
Introduction: Orange Web Server v2.1 is a powerful yet light- weight web server that runs on all Windows platforms. Easy to setup and use, Orange Web Server can turn any PC into a web server. The httpd is based on GoAhead c Technology. The Vendors website is:...
Security Bulletin (MS00-055)
Microsoft Security Bulletin MS00-055 - -------------------------------------- Patch Available for "Scriptlet Rendering" Vulnerability Originally Posted: August 09, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities in Microsoftr Internet Explorer. The...
FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability
Title: ====== FortiGate FortiDB 2kB 1kC & 400B - Cross Site Vulnerability Date: ===== 2012-11-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=558 VL-ID: ===== 558 Common Vulnerability Scoring System: ==================================== 2.5 Introduction: ============...
AVAVoIP v1.5.12 - Multiple Web Vulnerabilities
Title: ====== AVAVoIP v1.5.12 - Multiple Web Vulnerabilities Date: ===== 2012-06-28 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=437 VL-ID: ===== 611 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Designed fr...
ZeusCart Ecommerce Shopping Cart Software Cross-Site scripting Vulnerability
ZeusCart Ecommerce Shopping Cart Software Cross-Site scripting Vulnerability SecPod Technologies www.secpod.com Author Sooraj K.S SecPod ID: 1003 07/28/2010 Issue Discovered 07/30/2010 Vendor Notified No Response from Vendor Class: Cross-Site Scripting Severity: Medium Overview: --------- ZeusCar...
Linux GFS / GFS2 file system DoS
gfs2lock/gfslock doesn't check file permissions...