47153 matches found
ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities
ESA-2013-078.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities EMC Identifier: ESA-2013-078 CVE Identifier: CVE-2013-6173, CVE-2013-6174, CVE-2013-6175, CVE-2013-6176, CVE-2013-6177 Severity Rating: CVSS v2 Base Score: See bel...
[PSA-2013-0819-1] Oracle Java BytePackedRaster.verify() Signed Integer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0819-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Oracle...
Basic Forum by JM LLC - Multiple Vulnerabilities
Dear all, I have discovered some vulnerabilities in Basic Forum, developed by JM LLC. Cheers, Sp3ctrecore ADVISORY ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities ================================================ Software................: Basic For...
[Full-disclosure] Magnolia CMS multiple access control vulnerabilities
Subject: ====== Multiple access control vulnerabilities in Magnolia CMS, Community and Enterprise editions CVE ID: ====== CVE-2013-4621 Summary: ======== A non-admin user such as default users eric / peter can access and execute multiple administrative functionalities of the CMS by accessing...
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow MS13-037 / Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included a...
[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7
waraxe-2013-SA102 - Reflected XSS in phpMyAdmin 3.5.7 =============================================================================== Author: Janek Vind "waraxe" Date: 09. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-102.html Description of vulnerable software: phpMyAdmi...
Cisco Video Surveillance Operations Manager Multiple vulnerabilities
Exploit Title:Cisco Video Surveillance Operations Manager Multiple vulnerabilities Google Dork: intitle:"Video Surveillance Operations Manager Login" Date: 22 Feb 2013 reported to the vendor Exploit Author: Bassem | bassem.co Vendor Homepage: www.cisco.com Version: Version 6.3.2 Tested on: Versio...
APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 are now available and address the following: Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 o...
Multiple Vulnerabilities in Linksys WAG200G
Device Name: Linksys WAG200G Vendor: Linksys/Cisco ============ Device Description: ============ The WAG200G is a Linksys Wireless-G ADSL Home Gateway which has a high-speed ADSL2+ modem that gives you a fast connection to the Internet. Source:...
Re: The history of a -probably- 13 years old Oracle bug: TNS Poison
I wanted to comment on the workarounds for this problem: 1 Setting SQLNET.ENCRYPTIONSERVER=REQUIRED on the server is not enough to protect you. To avoid "man in the middle" attacks, you need to have an SSL certificate on the server and SSLSERVERDNMATCH=TRUE in the client's sqlnet.ora. 2 Another w...
ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-022 February 8, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: Tota...
n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table
n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2011.004 28-Dec-2011 Vendors: PHP, http://www.php.net Oracle, http://www.oracle.com Microsoft, http://www.microsoft.com Python, http://www.python.org Ruby, http://www.ruby.org Google, http://www.google.com Affected Products: PHP 4 and ...
Novell Sentinel Log Manager <=1.2.0.1 Path Traversal
Vuln: Path Traversal Application: Sentinel Log Manager Vendor: Novell Version affected: = 1.2.0.1 Website: http://www.novell.com/products/sentinel-log-manager/ Discovered By: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it The latest version of Sentinel Log Manager...
Multiple vulnerabilities in TinyMCE and flvPlayer and hundreds of web applications
Hello 3APA3A! I want to warn you about multiple vulnerabilities in TinyMCE and flvPlayer and hundreds of web applications and tens millions of web sites. These are Full path disclosure, Content Spoofing and Cross-Site Scripting vulnerabilities in TinyMCE CS and XSS are in flvPlayer, which is...
PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Vulnerability
------------------------------------------------------------------- PmWiki = 2.2.34 pagelist Remote PHP Code Injection Vulnerability ------------------------------------------------------------------- author...............: Egidio Romano aka EgiX mail.................: n0b0d13satgmaildotcom...
[USN-1137-1] Eucalyptus vulnerability
========================================================================== Ubuntu Security Notice USN-1137-1 May 26, 2011 eucalyptus, rampart vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
[DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service
Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January 2002. Before that time, I had used several...
Microsoft SMB client multiple security vulnerabilities
Memory corruptions, race conditions...
Chrome Password Manager Cross Origin Weakness (CVE-2010-0556)
Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Chrome Password Manager Cross Origin Weakness Release Date: 2010-02-15 Application: Google Chrome Web Browser Versions:...
Microsoft Security Bulletin MS09-072 - Critical Cumulative Security Update for Internet Explorer (976325)
Microsoft Security Bulletin MS09-072 - Critical Cumulative Security Update for Internet Explorer 976325 Published: December 08, 2009 Version: 1.0 General Information Executive Summary This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in...
Oracle exploit for CTXSYS.DRVXTABC.CREATE_TABLES and others
Hi! I've just released the working exploit for CTXSYS.DRVXTABC.CREATETABLES injection on Oracle DB 9i/10g CVE-2009-1991 You can find the code on my site, http://rawlab.mindcreations.com In particular, Classic SQL injection:...
Piwigo SQL Injection Vulnerability - Security Advisory - SOS-09-007
Piwigo SQL Injection Vulnerability - Security Advisory - SOS-09-007 Release Date. 17-Aug-2009 Last Update. - Vendor Notification Date. 15-Jun-2009 Product. Piwigo Platform. Independent Affected versions. 2.0.0 verified, possibly others Severity Rating. Medium Impact. Manipulation of data Attack...
cross site scripting the browser google "chrome"
autor : bikolinux Vuln: cross site scripting the browser google "chrome" Download: http://www.google.com/chrome error local EMAIL [email protected] [email protected] vercion test 2.0.172.37 cross site scripting the browser google "chrome" The error is when making a request to record path =...
SASPCMS Multiple Vulnerabilities
www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP Content Management System . SASPCMS witc...
djbdns misformats some long response packets; patch and example attack
The DNS packet format allows names to be compressed by replacing the suffix of a name with an encoded offset to another location in the packet where the suffix already exists. Because of the encoding scheme, valid offsets are limited to 16384. In djbdns 1.05, response.c handles name compression...
Joomla Component mydyngallery
Joomla Component mydyngallery AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download : http://mydyngallery.mon-cottenchy.fr DORK : inurl:option=commydyngallery Bug...
Maran PHP Blog Xss By Khashayar Fereidani
---------------------------------------------------------------- Script : Maran PHP Blog Type : XSS Pasive Method : GET Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani a.k.a. Dr.Crash My Offical Website : HTTP://FEREIDANI.IR...
PR07-15: Cross-site Scripting (XSS) / HTML injection on F5 FirePass 4100 SSL VPN 'my.logon.php3' server-side script
Update: To exploit this in both firefox and IE requires an extra char "=" in the end. Using the same PoC URL we get: https://target.tld/my.logon.php3?"/scripttextareaHTMLinjectiontest/textarea!--= Client environment: firefox 2.0.0.11 and IE 6.0.2900.2180 Ricardo Martins, CISA Security Consultant...
PHP-Nuke KutubiSitte "kid" SQL Injection
RBT-4 Crew rbt-4.net PHP-Nuke KutubiSitte "kid" SQL Injection http://www.rbt-4.net/forum/viewthread.php?forumid=51&threadid=3058 AUTHOR : Lovebug modules.php?name=KutubiSitte&hop=hadisgoster&kid= Exploit :...
Minb Is Not A Blog default password directory
Minb Is Not A Blog default password directory http://sourceforge.net/projects/minb Via looking in a default directory, any user can access the users.db file which contains the username and encrypted password of the person running the board. Try it for your self: www.example.com/minb/db/users.db T...
Webif.cgi local file inclusion
.:: WEBIF.CGI LOCALE FILE INCLUSION ::. AUTHOR: maiosyet CONTACT: [email protected] SITE: http://www.mawk.org ORIGINAL ADV: http://www.mawk.org/mods.php?mods=Core&page=view&id=102 SOFTWARE: Webif.cgi http://www.ifnet.it/webif/ DESCRIPTION: Webif is the natural solution for librarianships who want...
DNS birthday attacks
DNS uses 2-bytes message identificator to prevent spoofing attack. The problem is if few same requests came in same time they are forwarded with different IDs from same UDP port. It increases chances to spoof reply so called birthdey effect: probability that among 60 randomely choosen persons the...
php-generics 1.0 Remote File Inclusion Vulnerabilities
-------------------------------------------------------- php-generics 1.0 Remote File Inclusion Vulnerabilities -------------------------------------------------------- Software: php-generics 1.0Beta Vendor: http://ie.archive.ubuntu.com/sourceforge/p/ph/php-generics/php-generics-1.0.0-beta.zip...
iPhotoAlbum v1.1(header.php)Remote File Include Vulnerability
iPhotoAlbum v1.1header.phpRemote File Include Vulnerability D.Script: http://sourceforge.net/projects/iphotoalbum/ Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc V.Code ?php ifisset$setmenu include"$setmenu"; ? Exploit:Path/lib/static/header.php?setmenu=SheLL Greetz To: Tryag-Tea...
SazCart <= 1.5 (cart.php) Remote File Include Vulnerability
sazcart v1.5 cart.php Remote File include ---Hitamputih crew--- Bug Found By : IbnuSina vendor : http://sazcart.com/site Risk : High Greetz : Solpot,permenhack,barbarosa,cah|gemblunkz,fungmen,setiawan,irvian,meteoroid and all member hitamputih crew community www.kaipank.org/forum especially thx t...
SQuery <= 4.5(libpath) Remote File Inclusion Exploit
================================================================= SQuery = 4.5libpath Remote File Inclusion Exploit ================================================================= Worked On : ALL VERSIONS | | Critical Level : Dangerous | | Gug Found In : gore.php |...
[SA15658] Ovidentia FX "babInstallPath" File Inclusion Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Multiple applications fd_set structure bitmap array index overflow
Issue: Multiple applications fdset structure bitmap array index overflow Type: remote Date: December, 12 2004 Original URL: http://www.security.nnov.ru/advisiories/sockets.asp Author: 3APA3A URL: http://www.security.nnov.ru/ Affected: gnugk 2.2.0 confirmed, fixed by vendor gnugk is OpenH323...
Windows drivers privilege escalation
During access to driver memory range for input/output buffers is not checked...
UW c-client library vulnerability
It seems, that c-client libraries by University of Washington have some bugs, that makes some programs that depend upon those libraries go crazy. AFAIK affected programs include at least Pine read "pain", ipop3d and IMAPD. And those programs and libraries are commonly used in Unixes. I don't know...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-011 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date:...
ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities EMC Identifier: ESA-2015-002 CVE Identifier: CVE-2013-1899, CVE-2013-1900, CVE-2013-1901, CVE-2013-1902, CVE-2012-5885, CVE-2011-3389, CVE-2013-1767, CVE-2012-2137,...
[USN-2459-1] OpenSSL vulnerabilities
========================================================================== Ubuntu Security Notice USN-2459-1 January 12, 2015 openssl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
FreeBSD Security Advisory FreeBSD-SA-14:09.openssl [REVISED]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:09.openssl Security Advisory The FreeBSD Project Topic: OpenSSL use-after-free vulnerability Category: contrib Module: openssl Announced: 2014-04-30 Affects:...
Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability
Document Title: =============== Mozilla Bug Bounty 5 - WireTap Remote Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=953 Mozilla Bug Tracking ID: 875818 Video: http://www.vulnerability-lab.com/getcontent.php?id=1182 Partner News...
EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution
EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution tested against: Microsoft Windows Server 2008 r2 sp1 EMC Data Protection Advisor 5.8 sp5 vulnerability: the "DPA Illuminator" service DPAIlluminator.exe listening on public port 8090 tcp/http and 8453 tcp/https is...
[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03969435 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03969435 Version: 1 HPSBMU02933 rev....
[CVE-2013-5702] Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities
Watchguard Server Center v11.7.4 Multiple Non-Persistent Cross-Site Scripting Vulnerabilities RCE Security Advisory http://www.rcesecurity.com 1. ADVISORY INFORMATION ----------------------- Product: Watchguard Server Center Vendor URL: www.watchguard.com Type: Cross-Site Scripting CWE-79 Date...
[PSA-2013-0811-1] Oracle Java storeImageArray() Invalid Array Indexing
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +------------------------------------------------------------------------------+ | Packet Storm Advisory 2013-0811-1 | | http://packetstormsecurity.com/ | +------------------------------------------------------------------------------+ | Title: Oracle...