47153 matches found
[security bulletin] HPSBMA02555 SSRT100064 rev.1 - HP Client Automation Enterprise Infrastructure (Radia) Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02286740 Version: 1 HPSBMA02555 SSRT100064 rev.1 - HP Client Automation Enterprise Infrastructure Radia Remote Disclosure of Information NOTICE: The information in this Security Bulletin should b...
Mozilla Foundation Security Advisory 2010-27
Mozilla Foundation Security Advisory 2010-27 Title: Use-after-free error in nsCycleCollector::MarkRoots Impact: Critical Announced: June 22, 2010 Reporter: wushi Products: Firefox, SeaMonkey Fixed in: Firefox 3.5.10 SeaMonkey 2.0.5 Description Security researcher wushi of team509 reported that th...
Cyberoam SSL VPN Client - Plain-text Storage of Username and Password
Cyberoam SSL VPN Client - Plain-text Storage of Username and Password Vulnerability Summary: Product: Cyberoam SSL VPN Client v1.0 Vendor: eLiteCore Website: http://www.cyberoam.com/ Platform: Windows Vulnerability Classification: Insecure Storage of User Credentials Issue Fixed in Version:...
Microsoft Security Bulletin MS10-020 - Critical Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232)
Microsoft Security Bulletin MS10-020 - Critical Vulnerabilities in SMB Client Could Allow Remote Code Execution 980232 Published: April 13, 2010 Version: 1.0 General Information Executive Summary This security update resolves one publicly disclosed and several privately reported vulnerabilities i...
[SECURITY] [DSA 2030-1] New mahara packages fix sql injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-2030-1 [email protected] http://www.debian.org/security/ Nico Golde April 6th, 2010 http://www.debian.org/security/faq -...
CubeCart 4 Session Management Bypass
CubeCart 4 Session Management Bypass Release Date: 2009/10/29 Author: Bogdan Calin bogdan at acunetix dot com Severity: Critical Vendor Status: Vendor has released an updated version I. Background From Wikipedia: CubeCart is a free-to-use eCommerce software solution, designed to allow individuals...
[ONSEC-09-011] UMI.CMS Multiple XSS
ONSEC-09-011 UMI.CMS Multiple XSS Цель: UMI CMS =2.7.3 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 15.07.2009 Дата оповещения разработчика: 15.07.2009 Дата выхода исправления: 03.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимые поля...
Microsoft Security Bulletin MS09-043 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution (957638)
Microsoft Security Bulletin MS09-043 - Critical Vulnerabilities in Microsoft Office Web Components Could Allow Remote Code Execution 957638 Published: August 11, 2009 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities in...
(Post Form --> Parent Register (name)) Credentials Changer (SQLi) EXPLOIT -- Online Grades & Attendance v-3.2.6-->
!/usr/bin/perl ------------------------------------------------------------------------------------------------------------------- Post Form -- Parent Register name Credentials Changer SQLi EXPLOIT -- Online Grades & Attendance v-3.2.6--...
Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability Advisory ID: cisco-sa-20090520-cw http://www.cisco.com/warp/public/707/cisco-sa-20090520-cw.shtml Revision 1.0 For Public Release 2009 May 20 1600 UTC GMT Summary =======...
Mozilla Foundation Security Advisory 2009-19
Mozilla Foundation Security Advisory 2009-19 Title: Same-origin violations in XMLHttpRequest and XPCNativeWrapper.toString Impact: High Announced: April 21, 2009 Reporter: mozbugra4 Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.0.9 Description Mozilla security researcher mozbugra4...
Re: PHP-Revista Multiple vulnerabilities
Discovered by Sirdarckcat from elhacker.net ------------------------------------------------------------------------ ------------ Revista 1.1.2 http://php-revista.sourceforge.org ------------------------------------------------------------------------ ------------ Revista is a simple spanish PHP...
E107 CMS (e107_plugins/guestbook) stored XSS
Фильтрация отсутствует в поле "Email", POST запрос: POSTDATA=name=1&email='/"scriptalert'xss'/script&url=http3A2F2F&comment=4&guestbooksubmit=SiC5B3sti Далее следует редактирование сообщения. http://Target/e107plugins/guestbook/guestbook.php?edit.номер вашего сообщения Example:...
{securityreason.com}PHP 5 *printf() - Integer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.5 and prior : printf functions Integer Overflow Author: Maksymilian Arciemowicz cXIb8O3 SecurityReason.com and SecurityReason.pl Date: - - Written: 01.03.2008 - - Public: 20.03.2008 SecurityReason Research SecurityAlert Id: 52 CVE-2008-1384...
[ GLSA 200803-15 ] phpMyAdmin: SQL injection vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200803-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
UniversalFtp Server 1.0.44 Multiple Remote Denial of service
UniversalFtp Server 1.0.44 Multiple Remote Denial of service @nolife : This bug has been found with a brain , ten fingers, a keyboard , and a laptop , one of my best Tool i ever tryed. Stay tuned for more tools hint . Reponse: 226 Completed... Statut: Liste du repertoire completee Commande : LIST...
Gekko <=0.8.2 (temp directory) Path Disclosure
Gekko =0.8.2 temp directory Path Disclosure Download: http://www.gekkoware.org/ Bug found by JosS / Jose Luis Gуngora Fernбndez Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure d0rk: "Powered by Gekko" Stop lammer sensitive...
rPSA-2007-0212-1 util-linux
rPath Security Advisory: 2007-0212-1 Published: 2007-10-08 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local Root Deterministic Privilege Escalation Updated Versions: util-linux=/conary.rpath.com@rpl:devel//1/2.12r-1.5-1 rPath Issue Tracking System:...
Big Blue Guestbook HTML Injection Vulnerabilities
Hi friends, Big Blue Guestbook software is prone to HTML injection attacks. This issue is exposed via the message form field in the guestbook entry submission form. Exploitation could permit remote attackers to persistently inject hostile HTML and script code into guestbook content. This could...
tsdisplay4xoops 0.1(xoops_url)Remote File Include Vulnerabilitiy
tsdisplay4xoops 0.1xoopsurlRemote File Include Vulnerabilitiy D.Script: http://kisskool30.free.fr/tsdisplay4xoopsv0.08.zip Discovered by: GolDM = Mahmoodali Homepage: http://Www.Tryag.Com/cc Exploit:Path/modules/tsdisplay4xoops/blocks/tsdisplay4xoopsblock2.php?xoopsurl=Shell Greetz To: Tryag.Com/...
Microsoft Windows csrss (?) memory corruption exploited in-the-wild
Dear [email protected], On one of Russian forum security vulnerability is discussed in Microsoft Windows Windows XP is tested. A vulnerability is caused by memory corruption is string beginning with "?" is send thorugh MessageBox API with MBSERVICENOTIFICATION flag. It looks like some "debug"...
Invision Community Blog Mod 1.2.4 .PHP SQL Injection Vulnerability
Open any blog entry 2. Try to reply to any message 3. Push "Preview message" button Do not post your reply 4. Save source code of opened page to your PC 5. Find this string input type='hidden' name='eid' value='BLOGENTRYID' / 6. Change BLOGENTRYID with this SQL Injection: BLOGENTRYID UNION...
[Aria-Security Team] MidiCart ASP Plus Shopping Cart SQL Injection
Aria-Security Team Advisory www.Aria-security.Com For English www.Aria-Security.net For Persian ----------------------------------------------------------- Software: MidiCart ASP Plus Shopping Cart Method: SQL Injection And Cross Site Scripting PoC: http://target/path/itemshow.asp?codeno=SQL...
[Full-disclosure] [x0n3-h4ck.org] Bug on Drake CMS v0.2
-=--------------------ADVISORY-------------------=- Drake CMS V. 0.2 Author: CorryL x0n3-h4ck.org -=----------------------------------------------------=- -=+ Application: Drake CMS -=+ Version: 0.2 -=+ Vendor's URL: https://sourceforge.net/projects/drakecms/ -=+ Platform: WindowsLinuxUnix -=+ Bu...
[Full-disclosure] Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"
·= Security Advisory =· Issue: Cross Site Scripting XSS Vulnerability in Netquery by "VIRtech" Discovered Date: 04/10/2006 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://www.virtech.org Details: VIRtechs Netquery system is prone to a Cross Site Scripting...
WTools v0.0.1-ALPH - Remote File Include Vulnerabilities
ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- WTools v0.0.1-ALPH - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=1880 Script : WTools v0.0.1-ALPH Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks : BLaCKWHITE, Blackened,...
Windows ICMP DoS (potential code execution)
Buffer overflow on ICMP packets with Loose Source and Record Route IP options. Short message translation: There are DoS conditions in Windows 2000 built-in NAT server. Tested configuration: Windows 2000 English Standard/Advanced Service Pack 4 + Update Rollup 1 for Service Pack 4 with NAT server...
Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities
ENGLISH Title : Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities Dork : "Copyright 2004 easy-content forums" Author : ajann Exploit; SQL INJECTON-------------------------------------------------------- http://target/path/userview.asp?startletter=SQL TEXT...
NetDSL-1000 DSL router telnet server DoS
Request flood causes telnet service to hang...
[Full-disclosure] NIC Chile CGI Script Zone Transfers
NIC Chile CGI Script Zone Transfers. Autor: Rodrigo Gutierrez rodrigo at intellicomp.cl Affected: All ".cl" domains which use NIC's Chile Secondary NS. Vendor url: http://www.nic.cl Rate: Critical Background. NIC Chile is a part of the University of Chile and is in charge of handling all the...
MailCarrier 2.51 SMTP server Buffer Overflow [PoC included]
ABOUT : MailCarrier is a full-featured mail server with the latest security and anti-spam functions. It supports SSL communication and SMTP/POP3 authentication methods based on SASL and NTLM that do not transmit message and/or password in clear text. Many spam mails can be blocked through inquiry...
[EXPL] Hummingbird's Exceed X Emulator Fonts Directive Mishandling
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion Beyond Security in Canada Toronto-based Sunrays Technologies is now Beyond Security's representative in Canada. We welcome ISPs, system...
Advisory CA-2001-33 Multiple Vulnerabilities in WU-FTPD
CERT Advisory CA-2001-33 Multiple Vulnerabilities in WU-FTPD Original release date: November 29, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Systems running WU-FTPD and its derivatives Overview WU-FTPD is a widely deploy...
Vulnerability in TYPSoft FTP Server
----- Begin Hush Signed Message from [email protected] ----- Vulnerability in TYPSoft FTP Server Overview TYPSoft FTP Server v0.85 is an ftp server available from http://www.webmasterfree.com and http://typsoft.n3.net. A vulnerability exists which allows a remote attacker to break out of the...
Ntop -w remote exploit
Problem: ntop has a stack-based BOF when it's requested too long filename. 2. Tested Version ntop-1.2a1 I only tested this version. 3. Example 1. first run ntop -w 8080 2. run this script $ printf "GET /perl -e 'print "A"x240'rnrn" |nc localhost 8080 3. the ntop goes seg. fault. $ ntop -w 8080...
SuSE Security Announcement: ypbind/ypclient (SuSE-SA:2000:042)
-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: ypbind/ypclient Announcement-ID: SuSE-SA:2000:042 Date: Wednesday, October 18th, 2000 19:15 MEST Affected SuSE versions: 6.0, 6.1, 6.2, 6.3, 6.4, 7.0 Vulnerability Type: possible remote root compromise Severity 1-10: 8 SuSE...
Infosec.20000712.worldclient.2.1
Infosec Security Vulnerability Report No: Infosec.20000712.worldclient.2.1 =============================== Vulnerability Summary --------------------- Problem: The web server for remote access to e-mail in WorldClient 2.1 is vulnerable for root dot dot. It is possible to read and in some cases...
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ======================================================================== Revive Adserver Security Advisory REVIVE-SA-2015-001 ========================================================================...
[SECURITY] [DSA 3330-1] activemq security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3330-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 07, 2015 https://www.debian.org/security/faq -...
WSO2 Identity Server multiple vulnerabilities
Hi, WSO2 Identity Server http://wso2.com/products/identity-server/ version 4.5.0/4.6.0/5.0.0 is prone to multiple vulnerabilities, including authentication bypass. Timeline: 09.10.2014 - Vendor notified 22.11.2014 - Vendor confirmed 04.12.2014 - Patches released 25.03.2015 - Bugtraq disclosure...
[ MDVSA-2015:216 ] ntop
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:216 http://www.mandriva.com/en/support/security/ Package : ntop Date : April 29, 2015 Affected: Business Server 1.0 Problem Description: Updated ntop package fixes security vulnerability: Lack of filtering i...
Incorrect handling of self signed certificates in OpenFire XMPP Server
Incorrect handling of self signed certificates in OpenFire XMPP Server Affected software: OpenFire XMPP server Affected versions: 3.9.3 and earlier Vulnerabilities addressed: CVE-2014-3451, CVE-2015-2080 Openfire is a real time collaboration RTC server licensed under the Open Source Apache Licens...
[RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite
Advisory: Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite During a penetration test, RedTeam Pentesting discovered a Directory Traversal vulnerability in hybris Commerce software suite. This vulnerability allows attackers to download arbitrary files of any size...
UNIT4 Prosoft HRMS XSS Vulnerability
Vulnerability type: Cross-site Scripting Vendor: http://www.unit4.com/ Product: UNIT4 Prosoft HRMS Product site: http://www.unit4apac.com/products/prosofthrms Affected version: 8.14.230.47 Fixed version: 8.14.330.43 Credit: Jerold Hoong & Edric Teo PROOF OF CONCEPT The login page of UNIT4's Proso...
CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2
CVE-2014-8731 CVSSv2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:F/RL:U/RC:C CVSSv2 Base Score=10.0 CVSSv2 Temp Score=9.5 OWASP Top 10 classification: A1 - Injection PHPMemcachedAdmin is a web-based frontend for Linux's memcached Daemon. Project Homepage: https://code.google.com/p/phpmemcacheadmin/...
APPLE-SA-2014-10-16-3 OS X Server v4.0
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-10-16-3 OS X Server v4.0 OS X Server v4.0 is now available and addresses the following: BIND Available for: OS X Yosemite v10.10 or later Impact: Multiple vulnerabilities in BIND, the most serious of which may lead to a denial of service...
APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 Safari 6.1.5 and Safari 7.0.5 are now available and address the following: WebKit Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.3 Impact...
Cross-Site Scripting (XSS) in CMSimple
Advisory ID: HTB23205 Product: CMSimple Vendor: Preben Bjorn Biermann Madsen Vulnerable Versions: 3.54 and probably prior Tested Version: 3.54 Advisory Publication: February 26, 2014 without technical details Vendor Notification: February 26, 2014 Vendor Patch: February 26, 2014 Public Disclosure...
APPLE-SA-2014-04-22-1 Security Update 2014-002
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-04-22-1 Security Update 2014-002 Security Update 2014-002 is now available and addresses the following: CFNetwork HTTPProtocol Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.2...
[SECURITY] [DSA 2877-1] lighttpd security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2877-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 12, 2014 http://www.debian.org/security/faq -...