47153 matches found
Varnish 2.1.5, 3.0.3 DoS in http_GetHdr() while parsing Vary header
httpGetHdr | l == strlenhdr + 1 Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.0.3, 2.1.5 Summary: It's possible to crash Varnish via assertion if the single header within the Vary header is longer then 127 bytes. The 'l' cachehttp.c2...
FreeBSD 9.1 ftpd Remote Denial of Service
FreeBSD 9.1 ftpd Remote Denial of Service Maksymilian Arciemowicz http://cxsecurity.org/ http://cxsec.org/ Public Date: 01.02.2013 URL: http://cxsecurity.com/issue/WLB-2013020003 Affected servers: - ftp.uk.freebsd.org, - ftp.ua.freebsd.org, - ftp5.freebsd.org, - ftp5.us.freebsd.org, -...
PHP 5.3.6 multiple null pointer dereference
PHP 5.3.6 multiple null pointer dereference Author: Maksymilian Arciemowicz http://securityreason.com/ http://securityreason.net/ http://cxib.net/ Date: - Dis.: 20.07.2011 - Pub.: 19.08.2011 Affected Software verified: PHP 5.3.6 and prior Fixed: PHP 5.3.7 Original URL:...
XWeavers (page.asp?id) Remote SQL injection Vulnerability
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability XWeavers page.asp?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://xweavers.com/ Persian Gulf 4 Ever! Dork : "inurl:page.asp?id=" "Designed and Developed by XWeavers.com"...
Aruba Airwave / ArubaOS crossite scripting
Crossite scripting with SSID...
XSS in Webmin 1.540 + exploit for privilege escalation
Information -------------------- Name : XSS vulnerability in Webmin Software : All versions prior to and including 1.540 are affected. Vendor Hompeage : http://www.webmin.com Vulnerability Type : Cross-Site Scripting Severity : Medium Researcher : Javier Bassi javierbassi at gmail dot com...
Simploo CMS Community Edition - Remote PHP Code Execution Issue
Details ============= Product: Simploo CMS Community Edition Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.simploo.de/ Advisory-Status: published Credits ============= Discovered by: David Vieira-Kurz of MajorSecurity Affected Products: ============= Simploo CMS 1.7.1 and...
Sigma Portal Denial of Service Vulnerability
Securitylab.ir Application Info: Name: Sigma Portal Vendor: http://www.sigma.ir Vulnerability Info: Type: Denial of Service Risk: Medium 2010-08-11 - Vendor notified Vulnerability: http://site.ir/Portal/Picture/ShowObjectPicture.aspx?Width=27910000&Height=1099000-=&ObjectType=News&ObjectID=Pictur...
Microsoft Windows multiple security vulnerabilities
OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS...
[FLOCK-SA-2010-03] Flock Browser: javascript: url with a leading NULL byte can bypass cross origin protection (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 FLOCK-SA-2010-03 http://flock.com/security/ Title: javascript: url with a leading NULL byte can bypass cross origin protection XSS Impact: High Announced on: 2010-09-09 Affected Products: Flock 3 versions prior to 3.0.0.4112 CVEs cve.mitre.org:...
ZDI-10-102: Microsoft Internet Explorer Stylesheet Array Removal Remote Code Execution Vulnerability
ZDI-10-102: Microsoft Internet Explorer Stylesheet Array Removal Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-102 June 8, 2010 -- CVE ID: CVE-2010-1262 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer 8 -- TippingPointTM IP...
[DSecRG-09-053] VMware Remoute Console - format string
Digital Security Research Group DSecRG Advisory DSECRG-09-053 Application: VMware Remoute Console Version: e.x.p build-158248 Vendor URL: http://vmware.com Bugs: Format String Vulnerabilitys Exploits: YES PoC Reported: 07.08.2009 Vendor response: 13.08.2009 Date of Public Advisory: 09.04.2010 CVE...
Hackproofing Oracle Financials 11i & R12
Hi all, Yesterday a friend of mine told me that I "forget" to share with the general public one small detail about a presentation 1 I given at the conference RootedCon 2010 2. In the presentation there is a currently working 0day against Oracle Financials R12. The 0day is too obvious and pretty...
Microsoft Security Bulletin MS10-022 - Important Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)
Microsoft Security Bulletin MS10-022 - Important Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution 981169 Published: April 13, 2010 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in VBScript on Microso...
Microsoft Security Advisory (979267) Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP Could Allow Remote Code Execution
Microsoft Security Advisory 979267 Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP Could Allow Remote Code Execution Published: January 12, 2010 Version: 1.0 General Information Executive Summary Microsoft is aware of reports of vulnerabilities in Adobe Flash Player 6 provided in...
TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== Title: TwonkyMedia Server Multiple Cross-Site Scripting Vulnerabilities Product: TwonkyMedia Server Vendor: TwonkyMedia PacketVideo Corporation, http://www.twonkymedia.com...
URL spoofing bug involving Firefox's error pages and document.write
Application: Firefox 3.0.11 OS: Windows XP - SP3 ------------------------------------------------------ 1 - Description 2 - Vulnerability 3 - POC/EXPLOIT ------------------------------------------------------ Description This software is a popular web browser that supports multiple platforms as...
SQL Injection vulnerability in myPHPNuke
Здравствуйте 3APA3A! Сообщаю вам о найденной мною SQL Injection уязвимости в системе myPHPNuke. SQL Injection: POST запрос на странице http://site/admin.php " from mpnauthors where benchmark10000,md5now!=1/ В поле Nickname. Auth Bypass атака в данном случае невозможна, только Blind SQL Injection...
Mozilla Foundation Security Advisory 2009-17
Mozilla Foundation Security Advisory 2009-17 Title: Same-origin violations when Adobe Flash loaded via view-source: scheme Impact: High Announced: April 21, 2009 Reporter: Gregory Fleischer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.9 Description Security researcher Gregory...
SEC Consult SA-20090415-0 :: Multiple Vulnerabilities in Novell Teaming
SEC Consult Security Advisory 20090415-0 ========================================================================== title: Novell Teaming Multiple Vulnerabilities Username Enumeration Multiple Cross Site Scripting Includes vulnerable Liferay portal program: Novell Teaming vulnerable version: 1.0....
Microsoft Security Bulletin MS09-016 - Important Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause Denial of Service (961759)
Microsoft Security Bulletin MS09-016 - Important Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway Medium Business Edition Could Cause Denial of Service 961759 Published: April 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves ...
[DSECRG-09-037] abk-soft AbleSpace CMS 1.0 - Multiple security vulnerabilities
original advisory: http://dsecrg.com/pages/vul/show.php?id=137 Digital Security Research Group DSecRG Advisory DSECRG-09-037 Application: AbleSpace Versions Affected: 1.0 Vendor URL: http://abk-soft.com/ Bugs: Multiple Blind SQL Injections, Multiple XSS Exploits: YES Reported: 18.03.2009 Vendor...
[Full-disclosure] PHP-Calendar SQL Credential Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Risk: Moderate Exploitable: Remotely Vulnerability: Information disclosure Version: Multiple Versions PHP-Calendar http://www.php-calendar.com was "written for a college social group at Northeastern University to keep track of events, etc. We...
Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.OLAPIMPL_T.ODCITABLESTART
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Oracle Database Buffer Overflow in SYS.OLAPIMPLT.ODCITABLESTART January 29, 2009 Risk Level: High Affected versions: Oracle Database Server version 9iR2 Remote exploitable: Yes Authentication to Database Server is needed...
[AK-ADV2008-001] Openfire Jabber-Server: Multiple Vulnerabilities (Authentication Bypass, SQL injection, ...)
Please find attached a detailed advisory of the vulnerability. Alternatively, the advisory can also be found at: http://www.andreas-kurtz.de/advisories/AKADV2008-001-v1.0.txt Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last...
Multiple DNS servers and clients DNS records spoofing
DNS poisoning attack may be used to spoof query results...
Mozilla Foundation Security Advisory 2008-07
Mozilla Foundation Security Advisory 2008-07 Title: Possible information disclosure in BMP decoder Impact: Moderate Announced: February 19, 2008 Reporter: Gynvael Coldwind // Vexillium Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 2.0.0.12 Thunderbird 2.0.0.12 SeaMonkey 1.1.8...
US-CERT Technical Cyber Security Alert TA07-355A -- Adobe Updates for Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-355A Adobe Updates for Multiple Vulnerabilities Original release date: December 21, 2007 Last revised: -- Source: US-CERT Systems Affected Adobe Flash Player 9.0.48.0 and earlier Adobe...
SimpleGallery v0.1.3 (index.php) Cross-Site Scripting Vulnerability
SimpleGallery v0.1.3 index.php Cross-Site Scripting Vulnerability Download: http://richie.7crows.net/projects/gnu/simpleGallery/ Bug found by Jose Luis Gуngora Fernбndez / JosS Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure...
SMF .htaccess bypass
./start Discovered by Seph1roth on June 2007 was priv8 Vulnerable: Simple Machine Forum ALL Versions Visit: http://www.blackroots.it - Best hacking site. Description: If smf has index.php?action=admin in .htaccess ,i can bypass that by typing in the url some variable of administration panel :...
TS-2007-002-0: BlueCat Networks Adonis root Privilege Access
Template Security Security Advisory ----------------------------------- BlueCat Networks Adonis root Privilege Access Date: 2007-08-06 Advisory ID: TS-2007-002-0 Vendor: BlueCat Networks, http://www.bluecatnetworks.com/ Revision: 0 Contents -------- Summary Software Version Details Impact Exploit...
CVE-2007-3383: XSS in Tomcat send mail example
CVE-2007-3383: XSS in Tomcat send mail example Severity: Low Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: 4.0.0 to 4.0.6 4.1.0 to 4.1.36 Description: When reporting error messages, the SendMailServlet does not filter user supplied data before display. This enable...
US-CERT Technical Cyber Security Alert TA07-199A -- Mozilla Updates for Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-199A Mozilla Updates for Multiple Vulnerabilities Original release date: July 18, 2007 Last revised: -- Source: US-CERT Systems Affected Mozilla Firefox Mozilla Thunderbird Other products...
Microsoft Security Bulletin MS07-040 - Critical Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212)
Microsoft Security Bulletin MS07-040 - Critical Vulnerabilities in .NET Framework Could Allow Remote Code Execution 931212 Published: July 10, 2007 Version: 1.0 General Information Executive Summary This update resolves three privately reported vulnerabilities. Two of these vulnerabilities could...
SAP Web Dynpro Java (BC-WD-JAV) Vulnerability
COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: NetWeaver, Web Dynpro Java BC-WD-JAV Vendor: SAP Subject: Multiple XSS, HTML Injection Risk: Medium Effect: Remotely exploitable Author: Cyrill Brunschwiler [email protected] Date: June, 17th 2007 Introduction: ------------- Compass...
Linux and BSD based Unix system IPv6 traffic amplification
IPv6 routing header allows to set route in a way to trasmit packet for multiple times over the same link...
[security bulletin] HPSBMA02176 SSRT051035 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00809525 Version: 1 HPSBMA02176 SSRT051035 rev.1 - HP OpenView Network Node Manager OV NNM Remote Unauthorized Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should...
Multiple Oracle application server vulnerabilities
SQL injections, DoS, data modification, crossite scripting, privilege escalation, audit setings modification. Password is passed from JDeveloper to SQLPlus in cleartext. JDeveloper password is stored in cleartext in different XML configuration files. Cleartext FormBuilder password is stored in...
phpPowerCards 2.10 (txt.inc.php) Remote Code Execution Vulnerability
+------------------------------------------------------------------------------------------- + phpPowerCards 2.10 txt.inc.php Remote Code Execution Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: phpPowerCards 2.10 ...
PHP open_basedir with symlink() function Race Condition PoC exploit
/ -------------------------------------------------------- Neo Security Team NST - Advisory 26 - 09/10/06 -------------------------------------------------------- Program: PHP Homepage: http://www.php.net Vulnerable Versions: PHP 3, 4, 5 Risk: High! Impact: Critical Risk -==PHP openbasedir with...
WM-News v0.5 - Remote File Include Vulnerabilities
ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- WM-News v0.5 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=203 Script : WM-News v0.5 Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks : BLaCKWHITE, B0tan, FearLesS, B3g0k,...
Mambo Component - Display MOSBot Manager Remote File Inclusion Vuln
Aria-Security.net Advisory Discovered by: O.U.T.L.A.W www.Aria-security.net Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - Display MOSBot Manager Attack method: Remote File Inclusion Source: includeonce "".$mosConfigabsolutepath."/administrator/components/"...
Joomla RFİ ( ERNE )
ERNE ---- ERNEALZM ---- BU ASK BiTMEZ---- Mambo jim Component - Remote File Include Vulnerabilities Credits : ERNE Risk : High Class: Remote Thanks : EntRika, Liz0zim, Rmx, Dengesiz, DiLejyoner AND irc.gigachat.net kurdhack contact: erneaternealizmdotcom Vulnerable :...
PhpBlueDragon CMS 2.9.1, File inclusion vulnerability
----------------------------------------------------- Advisory id: FSA:015 Author: Federico Fazzi Date: 14/06/2006, 18:20 Sinthesis: PhpBlueDragon CMS 2.9.1, File inclusion vulnerability Type: high Product: http://phpbluedragon.net/ Patch: unavailable...
SQL Injection in Chinese ASP Webcounter
I found a vulnerability in a webcounter quite spread in China, I was not able to retrieve its name if someone could help.... You can find examples of this webcounter by searching for "StatDay.asp" hourly statistics for a given day, "StatMonth.asp" daily statistics for a given month or...
Woltlab Burning Board SQL Injection Vulnerability
GulfTech Security Research May 16th, 2005 Vendor : Woltlab GmbH URL : http://www.woltlab.de/ Version : Burning Board 2. And Earlier Risk : SQL Injection Vulnerabilities Description: Burning Board is a popular, multi purpose forum / community software offered by WoltLab GmbH. There is an SQL...
Security Patchs for PHP Products
PHPSecure made some patchs for security holes in PHP products. Here is the list : - ALP - Banner Ad 2.0 : http://www.phpsecure.org/index.php?id=1&zone=pDl More details : http://online.securityfocus.com/search?category=22&query=ALP - Tight Auction 3.0 :...
vpopmail CGIapps vpasswd vulnerabilities
Centaura Technologies Security Research Lab Advisory Product Name: vpopmail-CGIApps Systems: Linux/OpenBSD/FreeBSD/NetBSD Severity: High Risk Remote: Yes Category: Insuficient input checking Vendor URL: http://diario.buscadoc.org/index.php?topic=Programas Advisory Author: Ignacio Vazquez Advisory...
Advisory CA-2002-25 Integer Overflow In XDR Library
CERT Advisory CA-2002-25 Integer Overflow In XDR Library Original release date: August 05, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Applications using vulnerable implementations of SunRPC-derived XDR libraries, which...
Unify eWave ServletExec DoS
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory Unify eWave ServletExec DoS ---------------------------------------------------------------------- FS Advisory ID: FS-103000-15-SRVX Release Date: October 30, 2000 Product: Unify eWave ServletExec 3.0C Vendo...