47153 matches found
[Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory ONAPSIS-2014-034: SAP Business Objects Search Token Privilege Escalation via CORBA 1. Impact on Business ===================== By exploiting this vulnerability a remote and potentially unauthenticated attacker would be able t...
APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2014-12-3-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 is now available and addresses the following: WebKit Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite...
APPLE-SA-2014-09-17-2 Apple TV 7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-09-17-2 Apple TV 7 Apple TV 7 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: An attacker can obtain WiFi credentials Description: An attacker could have impersonated a WiFi...
[USN-2253-1] LibreOffice vulnerability
========================================================================== Ubuntu Security Notice USN-2253-1 June 23, 2014 libreoffice vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
CVE-2014-0097 Spring Security Blank password may bypass user authentication
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0097 Blank password may bypass user authentication Severity: Important Vendor: Spring by Pivotal Versions Affected: - - Spring Security 3.2.0 to 3.2.1 - - Spring Security 3.1.0 to 3.1.5 Description: The ActiveDirectoryLdapAuthenticator does n...
Weak firmware encryption and predictable WPA key on Sitecom routers
ADVISORY INFORMATION Title: Weak firmware encryption and predictable WPA key on Sitecom routers Discovery date: 17/02/2014 Release date: 24/04/2014 Credits: Roberto Paleari @rpaleari Alessandro Di Pinto @adipinto Advisory URL: http://blog.emaze.net/2014/04/sitecom-firmware-and-wifi.html AFFECTED...
[security bulletin] HPSBMU03028 rev.1 - HP Matrix Operating Environment and CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04268239 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04268239 Version: 1 HPSBMU03028 rev....
Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities
Document Title: =============== Elite Graphix ElitCMS 1.01 & PRO - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1117 Release Date: ============= 2013-10-18 Vulnerability Laboratory ID VL-ID:...
Wordpress Valums Uploader - File Upload Vulnerability
Title: ====== Wordpress Valums Uploader - File Upload Vulnerability Date: ===== 2013-01-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=817 VL-ID: ===== 817 Common Vulnerability Scoring System: ==================================== 7.5 Abstract: ========= The...
XSS in dokeos 2.1.1
Exploit Title : Dokeos 2.1.1 Multiple Cross-Site Scripting Vulnerabilities Author:Marcela Benetrix home:www.girlinthemiddle.net Date: 10/17/12 version: 2.1.1 software link:www.dokeos.com Dokeos description Dokeos is an open source e-learning platform programmed in PHP, Javascript and HTML which...
TCExam Edit SQL Injection
/--------------------------- | TCExam Edit SQL Injection | ---------------------------/ Summary ======= TCExam 11.3.007 is prone to a SQL injection flaw located in tceeditanswer.php and tceeditquestion.php. These files pass a 'subjectmoduleid' parameter into a SQL statement without satisfactory...
0A29-11-4 : Privilege escalation vulnerabilities in Nagios XI installer < 2011R1.9
================ Privilege escalation vulnerabilities in Nagios XI installer 2011R1.9 Author: 0a29406d9794e4f9b30b3c5d6702c708 twitter.com/0a29 - 0a29.blogspot.com - GMail 0a2940 ================ Description: ================ Multiple privilege escalations exist within Nagios XI installer. Tested...
DNS Poisoning via Port Exhaustion
Hey, Today we are releasing a very interesting whitepaper which describes a DNS poisoning attack against stub resolvers. It discloses two vulnerabilities: 1. A vulnerability in Java CVE-2011-3552, CVE-2010-4448 which enables remote DNS poisoning using Java applets. This vulnerability can be...
Apple Safari / WebKit multiple security vulnerabilities
Crossite scripting, multiple memory corruption, code execution...
Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Dow Group dynamic.php?id sub.php?solutioncatid newsdesc.php?id product.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.dowgroup.com/ Persian Gulf 4 Ever! Dork :...
Mozilla Foundation Security Advisory 2011-16
Mozilla Foundation Security Advisory 2011-16 Title: Directory traversal in resource: protocol Impact: Moderate Announced: April 28, 2011 Reporter: Soroush Dalili Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 Thunderbird 3.1.10 SeaMonkey 2.0.14 Description...
HTB22920: Path disclosure in Viscacha
Vulnerability ID: HTB22920 Reference: http://www.htbridge.ch/advisory/pathdisclosureinviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech Bridge ...
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability (CVE-2010-4331)
'Seo Panel' Cookie-Rendered Persistent XSS Vulnerability CVE-2010-4331 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in 'Seo Panel' page rendering which allows for unfiltered, unencrypted content to be presented to a user...
Microsoft Security Bulletin MS10-061 - Critical Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290)
Microsoft Security Bulletin MS10-061 - Critical Vulnerability in Print Spooler Service Could Allow Remote Code Execution 2347290 Published: September 14, 2010 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Print Spooler...
Mozilla Foundation Security Advisory 2010-32
Mozilla Foundation Security Advisory 2010-32 Title: Content-Disposition: attachment ignored if Content-Type: multipart also present Impact: Moderate Announced: June 22, 2010 Reporter: Ilja van Sprundel Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.4 Firefox 3.5.10 SeaMonkey 2.0.5 Description...
[Onapsis Security Advisory 2010-002] SAP J2EE Engine MDB Path Traversal
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-002: SAP J2EE Engine MDB Path Traversal This advisory can be downloaded from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...
Microsoft Security Bulletin MS10-002 - Critical Cumulative Security Update for Internet Explorer (978207)
Microsoft Security Bulletin MS10-002 - Critical Cumulative Security Update for Internet Explorer 978207 Published: January 21, 2010 Version: 1.0 General Information Executive Summary This security update resolves seven privately reported vulnerabilities and one publicly disclosed vulnerability in...
[ONSEC-09-013] 1C Bitrix 8.0.5 Admin Console XSS
ONSEC-09-013 1C Bitrix 8.0.5 Admin Console XSS Цель: 1C Bitrix 8.0.5 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 25.08.2009 Дата оповещения разработчика: 30.08.2009 Дата выхода исправления: 01.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание:...
Mozilla Foundation Security Advisory 2009-38
Mozilla Foundation Security Advisory 2009-38 Title: Data corruption with SOCKS5 reply containing DNS name longer than 15 characters Impact: Low Announced: July 21, 2009 Reporter: Andrej Andolsek Products: Firefox Fixed in: Firefox 3.5.2 Firefox 3.0.12 Description Andrej Andolsek reported that whe...
VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2009-0007 Synopsis: VMware Hosted products and ESX and ESXi patches resolve security issues Issue date: 2009-05-28 Updated on:...
RealPlayer multiple security vulnerabilities
Multiple vulnerabilities on IVR format parsing...
Mozilla Foundation Security Advisory 2008-34
Mozilla Foundation Security Advisory 2008-34 Title: Remote code execution by overflowing CSS reference counter Impact: Critical Announced: July 15, 2008 Reporter: TippingPoint Zero Day Initiative Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.1 Firefox 2.0.0.16 Thunderbird 2.0.0....
CORE-2008-0204: Timbuktu Pro Remote Path Traversal and Log Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs Timbuktu Pro Remote Path Traversal and Log Injection Advisory Information Title: Timbuktu Pro Remote Path Traversal and Log Injection Advisory ID: CORE-2008-0204...
Multiple vulnerabilities in Double-Take 5.0.0.2865
Luigi Auriemma Application: Double-Take http://www.doubletake.com Versions: = 5.0.0.2865 version 4.5.x tested with success too Platforms: Windows Bugs: A server termination through "vectorT too long" exception B NULL pointer crash C termination through memory allocation D informations disclosure ...
POWER PHLOGGER v.2.2.5 (username) SQL Injection
POWER PHLOGGER v.2.2.5 username SQL Injection Author: Attila Gerendi Darkz Date: December 20, 2005 Package: POWER PHLOGGER http://www.phpee.com/ Versions Affected: v.2.2.5 Other versions may also be affected Severity: SQL Injection Description: Input passed to the "username" parameter in...
Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability(-ies)
Taltech Tal Bar Code ActiveX Control Memory Corruption Vulnerability-ies Michal Bucko sapheal hack.pl I. BACKGROUND The Bar Code ActiveX Control has all the features necessary to easily add professional quality barcodes to any Windows application including Web pages, database reporting and...
Gallery 1.2.5 <= Remote File Include Vulnerablites
Gallery 1.2.5 = Remote File Include Vulnerablites D.Script: http://www.gnu-darwin.org/packages/x86/www/gallery-1.2.5.tgz Exploit:Path/errors/needinit.php?GALLERYBASEDIR=Shell Exploit:Path/errors/reconfigure.php?GALLERYBASEDIR=Shell Exploit:Path/errors/unconfigured.php?GALLERYBASEDIR=Shell...
[Full-disclosure] Invision Power Board 2.1.7 debug mode vulnerability
Debug mode is a feature in IPB 2.0.0-2.1.7 that shows all database queries for each forum page requested. If Debug mode is turned on, it is possible for anyone to request a forgotten password for an account, and capture the validation key that is sent to the account's email address. This allows a...
Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Serendipity Weblog XSS Vulnerabilities Release Date: 2006/10/19 Last Modified: 2006/10/19 Author: Stefan Esser sesser at hardened-php dot net email concealed Application:...
bug com_madeira
lintah|adv|02@2006=========mambo-commadeira===php injek by : iFX a.k.a inversFX [email protected] [email protected] [email protected] ------------------------------- locate : Indonesia, Jakarta -------------------------------- date : 21/09/2006 -------------------------------- title : php backdoo...
[SA15842] CSV_DB / i_DB Arbitrary Command Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[securitylab.ru & security.nnov] Kerio Winroute Firewall Xroxy problem
Application: Kerio Winroute Firewall 5.10 Vendor: Kerio Technologies Inc. Vendor Site: http://www.kerio.com Remote: Yes Exploitable: Yes Risk level: Critical if proxy requires authentication Authors: Alexander Antipov & 3APA3A aka Pig Killer Authors Sites: http://www.securitylab.ru...
CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin
Vulnerability title: Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin CVE: CVE-2015-7320 Vendor: WordPress DWBooster Product: Appointment Booking Calendar Affected version: 1.1.7 Fixed version: 1.1.8 Reported by: Iberia Medeiros Vulnerability Details:...
Jenkins 1.626 - Cross Site Request Forgery / Code Execution
Title: Jenkins 1.626 - Cross Site Request Forgery / Code Execution Date: 27.08.15 Affected versions: = 1.626 current Vendor: jenkins-ci.org Contact: smash at devilteam.pl Cross site request forgery vulnerability in Jenkins 1.626 allows remote attackers to hjiack the authentication of users for mo...
CollabNet Subversion Edge indes local file inclusion
Vuln Title: Local file inclusion in CollabNet Subversion Edge Management Frontend via logfile "listViewItem" parameter of the "index" action Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type:...
Use-After-Free in PHP
Advisory ID: HTB23262 Product: PHP Vendor: PHP Group Vulnerable Versions: 5.6.9 and probably prior Tested Version: 5.6.9 Advisory Publication: May 20, 2015 without technical details Vendor Notification: May 20, 2015 Vendor Patch: June 2, 2015 Public Disclosure: June 10, 2015 Vulnerability Type: U...
[ MDVSA-2015:027 ] kernel
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:027 http://www.mandriva.com/en/support/security/ Package : kernel Date : January 16, 2015 Affected: Business Server 1.0 Problem Description: Multiple vulnerabilities has been found and corrected in the Linux...
APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-10-16-1 OS X Yosemite v10.10 OS X Yosemite v10.10 is now available and addresses the following: 802.1X Impact: An attacker can obtain WiFi credentials Description: An attacker could have impersonated a WiFi access point, offered to...
Re: [oss-security] CVE-2014-6271: remote code execution through bash
On Wed, Sep 24, 2014 at 04:05:51PM +0200, Florian Weimer wrote: Stephane Chazelas discovered a vulnerability in bash, related to how environment variables are processed: trailing code in function definitions was executed, independent of the variable name. In many common configurations, this...
Multiple Vulnerabilities with Aztech Modem Routers
PRODUCT DESCRIPTION The Aztech ADSL family of modems/routes are shipped to residential and SOHO users that desires speed from 150-300mbps rate. This modem/router also supports IEEE802.11b/g/n as a Wireless LAN Access point. The vulnerable model numbers are: DSL5018EN 1T1R Shipped with Globe Telec...
[SECURITY] [DSA 2959-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2959-1 [email protected] http://www.debian.org/security/ Michael Gilbert June 14, 2014 http://www.debian.org/security/faq -...
[SECURITY] CVE-2014-0095 Apache Tomcat denial of service
CVE-2014-0095 Denial of Service Severity: Important Vendor: The Apache Software Foundation Versions Affected: - Apache Tomcat 8.0.0-RC2 to 8.0.3 Description: A regression was introduced in revision 1519838 that caused AJP requests to hang if an explicit content length of zero was set on the...
NGS00106 Technical Advisory: Increased exploitation of Oracle GlassFish Server Administration Console Remote Authentication Bypass Vulnerability
======= Summary ======= Name: Increased exploitation of Oracle GlassFish Server Administration Console Remote Authentication Bypass Vulnerability Release Date: 5 January 2012 Reference: NGS00106 Discoverer: David Spencer [email protected] Vendor: Oracle Vendor Reference: Systems Affecte...
[DSECRG-11-031] SAP RFC EPS_DELETE_FILE - Authorisation bypass, smbrelay
DSECRG-11-031 SAP RFC EPSDELETEFILE - Authorisation bypass, smbrelay Security vulnerability was founded in sap EPSDELETEFILE RFC function allows attacker to delete files remotely or steal hashes of SAP server account in windows environment using SMBRelay attack. Digital Security Research Group...
ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability
ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-191 June 8, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...