47153 matches found
Security Bug in Jana HTTP Server
Hello Bugtraqers, I found a directory travelling bug again, this time in JANA HTTP Server software available as freeware from http://www.jana-server.ocm.de . Here is a copy of the mail I sended to the author. eAX -------------------------------------------- Hello Thomas, I got your proxy/perver...
Buffalo LinkStation authentication bypass
Session validity is not checked on request...
novius-os.5.0.1 Persistent XSS, LFI & Open Redirect Vulnerabilities
Credits: John Page hyp3rlinx + Domains: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-NOVIUSOS0629.txt Vendor: ======================= community.novius-os.org Product: =============================================================== novius-os.5.0.1-elche is a PHP...
[ MDVSA-2015:217 ] sqlite3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:217 http://www.mandriva.com/en/support/security/ Package : sqlite3 Date : April 30, 2015 Affected: Business Server 1.0, Business Server 2.0 Problem Description: Multiple vulnerabilities has been found and...
APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-03-17-1 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 Safari 8.0.4, Safari 7.1.4, and Safari 6.2.4 are now available and address the following: WebKit Impact: Visiting a maliciously crafted website may lead to an unexpected application...
TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367
Information -------------------- Advisory by Netsparker. Name: XSS Vulnerability with Scope and Other URL Parameters of WebSearch Affected Software : TWiki Affected Versions: 6.0.1 and possibly below Vendor Homepage : http://www.twiki.org/ Vulnerability Type : Cross-site Scripting Severity :...
IL and CSRF vulnerabilities in D-Link DAP-1360
Hello 3APA3A! There are Information Leakage and Cross-Site Request Forgery vulnerabilities in D-Link DAP-1360 Wi-Fi Access Point and Router. ------------------------- Affected products: ------------------------- Vulnerable is the next model: D-Link DAP-1360, Firmware 1.0.0. This model with other...
[USN-2379-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-2379-1 October 09, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-2344-1] PHP vulnerabilities
========================================================================== Ubuntu Security Notice USN-2344-1 September 10, 2014 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Bilyoner mobile apps prone to various SSL/TLS attacks
===================================================================== Sceptive Security Advisory Synopsis: Bilyoner mobile apps prone to various SSL/TLS attacks Product: Various mobile applications Advisory URL: http://sceptive.com/p/bilyoner-mobile-apps-prone-to-various-ssltls-attacks Advisory...
CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211
Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Kramarz Details: By sending a crafted PO...
[CVE-2014-1903] FreePBX 2.9 through 12 RCE
Overview: Unauthenticated user-level Remote Code Execution RCE vulnerability in admin/config.php, the main interface to FreePBX. This bug was introduced in FreePBX 2.9, earlier versions are not affected. Score - 8.4 AV:N/AC:L/Au:N/C:P/I:P/A:C/E:H/RL:OF/RC:C/CDP:MH/TD:ND/CR:L/IR:L/AR:M Reference t...
Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities
Exploit Title: Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities Exploit Author: absane Blog: http://blog.noobroot.com Discovery date: September 29th 2013 Vendor notified: September 29th 2013 Vendor fixed: October 12 2013 Vendor Homepage: http://cart66.com Software Link:...
VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free (MS13-059)
VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free MS13-059 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of th...
[SECURITY] [DSA 2705-1] pymongo security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2705-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano June 10, 2013 http://www.debian.org/security/faq -...
[security bulletin] HPSBPV02855 SSRT100512 rev.1 - HP ProCurve 1700-8(J9079A) and 1700-24(J9080A) Switches, Cross Site Request Forgery (CSRF)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03699981 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03699981 Version: 1 HPSBPV02855...
[USN-1733-1] Ruby vulnerabilities
========================================================================== Ubuntu Security Notice USN-1733-1 February 21, 2013 ruby1.9.1 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Multiple vulnerabilities in Megapolis.Portal Manager
Hello 3APA3A! I want to warn you about multiple Cross-Site Scripting vulnerabilities in Megapolis.Portal Manager. It's commercial CMS from Softline-IT earlier Softline, which in particularly widespread among Ukrainian government sites including ministry, parliament, two special services and many...
Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities
Title: ====== Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities Date: ===== 2012-04-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=498 VL-ID: ===== 498 Introduction: ============= Cyberoam Unified Threat Management appliances offer comprehensive securit...
VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172)
VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution MS12-023 / CVE-2012-0172 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft...
DirectAdmin v1.403 - Cross Site Scripting Vulnerability
Title: ====== DirectAdmin v1.403 - Cross Site Scripting Vulnerability Date: ===== 2012-04-02 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=486 VL-ID: ===== 486 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
Seeker Advisory: Insecure Redirect in .NET Form Authentication - Redirect From Login Mechanism (ReturnURL Parameter)
Seeker Research Center Security Advisory By Irene Abezgauz =========== I. Overview =========== An Insecure Redirect vulnerability has been identified in the .NET Form Authentication - in the Redirect From Login mechanism. This vulnerability allows an attacker to craft links that contain redirects...
ATutor 2.0.3 Multiple XSS vulnerabilities
Advisory: ATutor 2.0.3 Multiple XSS vulnerabilities Advisory ID: SSCHADV2012-002 Author: Stefan Schurtz Affected Software: Successfully tested on ATutor 2.0.3 Vendor URL: http://atutor.ca Vendor Status: informed ========================== Vulnerability Description ========================== ATuto...
[USN-1270-1] Software Center vulnerability
========================================================================== Ubuntu Security Notice USN-1270-1 November 21, 2011 software-center vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
Mozilla Foundation Security Advisory 2011-39
Mozilla Foundation Security Advisory 2011-39 Title: Defense against multiple Location headers due to CRLF Injection Impact: Moderate Announced: September 27, 2011 Reporter: Ian Graham Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.23 Thunderbird 7.0 SeaMonkey 2.4...
Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability Advisory ID: cisco-sa-20110729-tp Revision 1.0 For Public Release 2011 July 29 1600 UTC GMT...
ICMPv6 Router Announcement flooding denial of service affecting multiple systems
This security advisory is released because Microsoft doesnt want to fix the issue. Cisco did for its IOS and ASA within 3 months. Title: ICMPv6 Router Announcement flooding denial of service affecting multiple systems Date: 05 April 2011 URL:...
HTB22911: XSS in Eleanor CMS
Vulnerability ID: HTB22911 Reference: http://www.htbridge.ch/advisory/xssineleanorcms.html Product: Eleanor CMS Vendor: Eleanor CMS http://eleanor-cms.ru/ Vulnerable Version: rc5 Vendor Notification: 22 March 2011 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by Vendor Risk level:...
Chilkat Software FTP2 ActiveX Component (ChilkatFtp2.DLL 2.6.1.1) Remote Code Execution poc
!-- Chilkat Software FTP2 ActiveX Component ChilkatFtp2.DLL 2.6.1.1 Remote Code Execution poc by rgod tested against Internet Explorer 7 on Vista should also work with 8/9 ActiveX Settings: CLSID: 302124C4-30A0-484A-9C7A-B51D5BA5306B Progid: ChilkatFtp2.ChilkatFtp2.1 Binary Path:...
XSS in Textpattern CMS
Vulnerability ID: HTB22672 Reference: http://www.htbridge.ch/advisory/xssintextpatterncms.html Product: Textpattern CMS Vendor: Team Textpattern http://textpattern.com/ Vulnerable Version: 4.2.0 Vendor Notification: 21 October 2010 Vulnerability Type: XSS Cross Site Scripting Status: Fixed by...
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Advisory ID: cisco-sa-20100908-wlc Revision 1.0 For Public Release 2010 September 08 1600 UTC GMT +--------------------------------------------------------------------...
About the security content of iTunes 9.1
About the security content of iTunes 9.1 Last Modified: August 12, 2010 Article: HT4105 Email this article Print this page Summary This document describes the security content of iTunes 9.1. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a...
Microsoft Security Bulletin MS10-034 - Critical Cumulative Security Update of ActiveX Kill Bits (980195)
Microsoft Security Bulletin MS10-034 - Critical Cumulative Security Update of ActiveX Kill Bits 980195 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update addresses two privately reported vulnerabilities for Microsoft software. This security update is...
SQL injection vulnerability in CuteSITE CMS
Vulnerability ID: HTB22396 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityincutesitecms.html Product: CuteSITE CMS Vendor: AMT Company Vulnerable Version: 1.5.0 and Probably Prior Versions Vendor Notification: 20 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed,...
TLS / SSLv3 vulnerability explained (New ways to leverage the vulnerability)
Dear List, I updated the whitepaper with a lot of new information, some leveraging the vulnerability in other ways that certainly increase the effectiveness and impact of this vulnerability. A brief warning to those that think they are safe because they don't accept client-side renegotiations...
Atlantic SimpleCaddy Shopping Cart Price Manipulation
SENKED-2009-0001 - Atlantic SimpleCaddy Shopping Cart Price Manipulation senked security advisory http://www.senked.com/ Date Published: 2009-07-01 Last Update: 2009-07-01 Advisory ID: SENKED-2009-0001 Bugtraq ID: none CVE Name: none Title: Atlanticintelligence SimpleCaddy Shoopuing Cart Price...
SQL Injection vulnerability in myPHPNuke
Здравствуйте 3APA3A! Сообщаю вам о найденной мною SQL Injection уязвимости в системе myPHPNuke. SQL Injection: POST запрос на странице http://site/admin.php " from mpnauthors where benchmark10000,md5now!=1/ В поле Nickname. Auth Bypass атака в данном случае невозможна, только Blind SQL Injection...
LxBlog
Securitylab.ir Application Info: Name: LxBlog Website: http://www.lxblog.net Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Sql/Xss Risk: Medium =========================================================...
Geeklog <=1.5.2 'SESS_updateSessionTime()' vulnerability
As the vendor stated, see: http://www.geeklog.net/article.php/geeklog-1.5.2sr2 geeklog is also vulnerable to this: http://www.securityfocus.com/bid/34361/info actually this should be renamed in glFusion 'SESSupdateSessionTime' SQL Injection Vulnerability...
Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting Vulnerability
Title: Cisco Unified MeetingPlace Web Conferencing Stored Cross Site Scripting Vulnerability CVE Identifier: N/A Credit: Security Assurance Team of the National Australia Bank. The vendor was advised of this vulnerability prior to its public release. National Australia Bank adheres to the...
facto Database Disclosure
facto Database Disclosure AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr - Hadi Kiamarsi Download : http://facto.sourceforge.net DORK : : Bug...
WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy
Virangar Security Team Tilte: WellyBlog Open Source Blog Portal Cross Site Scripting Vulnerabilitiy Author..................: theEdit0r Homepage ...............: Www.Virangar.netwww.virangar.ir Location ...............: Iran Software ...............: WellyBlog Open Source Blog Portal Site Script...
phpBB2 2.0.22 Cross Site Scripting Vulnerability
Opencosmo Security http://www.opencosmo.com Author: Alfredo Panzera, Opencosmo Security Vendor: phpBB.com Version: 2.0.22 Exploit: Go to http://website/forum/admin/admingroups.php and into 'Group description:' insert your XSS...
FMDeluxe (index.php) Cross-Site Scripting Vulnerability
FMDeluxe index.php Cross-Site Scripting Vulnerability Download: http://fmdeluxe.com/ Bug found by Jose Luis Gуngora Fernбndez / JosS Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure d0rk: "Powered By FMDeluxe" Stop lammer...
PHP-Nuke add admin ALL Versions
Paste this code into an HTML page then link it to victim victim must be admin iframe name="aiuto" frameborder="0" height="0" width="0"/iframe FORM name="Faiuto" ACTION="http://VICTIMURL/nuke/admin.php" target="aiuto" METHOD=POST input type=hidden NAME="addname" value="ATTACKER" input type=hidden...
TS-2007-002-0: BlueCat Networks Adonis root Privilege Access
Template Security Security Advisory ----------------------------------- BlueCat Networks Adonis root Privilege Access Date: 2007-08-06 Advisory ID: TS-2007-002-0 Vendor: BlueCat Networks, http://www.bluecatnetworks.com/ Revision: 0 Contents -------- Summary Software Version Details Impact Exploit...
[Full-disclosure] [ MDKSA-2007:122 ] - Updated gd packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:122 http://www.mandriva.com/security/ Package : gd Date : June 13, 2007 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0 Problem Description: A flaw in libgd2 was found by Xavier Roche where it would n...
Webspeed OpenEdge Dos exploit
Webspeed OpenEdge Dos exploit Bug Discovered By :Eelko Neven Exploit Coded By spyMASter eklimizide koyalm : www.ulpow.net The Eliminators of the Web First you have to find the messenger execution url. For example: http://target/scripts/cgiip.exe/WService=wsbroker1...
Oracle Buffer Overflow in DBMS_DRS.GET_PROPERTY
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oracle Database Buffer overflow vulnerabilities in procedure DBMSDRS.GETPROPERTY DB03 AppSecInc Team SHATTER Security Advisory http://www.appsecinc.com/resources/alerts/oracle Jan 18, 2007 Affected versions: Oracle Database Server versions 9iR2 and...
Multiple Oracle application server vulnerabilities
SQL injections, DoS, data modification, crossite scripting, privilege escalation, audit setings modification. Password is passed from JDeveloper to SQLPlus in cleartext. JDeveloper password is stored in cleartext in different XML configuration files. Cleartext FormBuilder password is stored in...