47153 matches found
ZDI-12-100 : HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-100 : HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-100 June 21, 2012 - -- CVE ID: CVE-2012-0127 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts - Security Advisory 2012-03-01 === PyPAM -- Python bindings for PAM - Double Free Corruption - --------------------------------------------------------- Affected Versions ================= PyPAM = 0.4.2 Red Hat PyPAM =...
CMS wizard Cross Site Scripting
================================================================= -=CMS wizard Cross Site Scripting ================================================================= Author: XaDaL Date: 14-02-2012 vendor: http://www.cmswizard.co.uk/ tested on: windows mobile dork : powered by CMS wizard This...
XSS и BF уязвимости в Drupal
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Brute Force уязвимостях в Drupal. XSS WASC-08: На страницах с формами например на странице комментария http://site/comment/reply/1, как формах добавления, так и редактирования данных, которые защищены токеном от CSRF, возмож...
[USN-1126-1] PHP vulnerabilities
========================================================================== Ubuntu Security Notice USN-1126-1 April 29, 2011 php5 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
Microsoft Security Bulletin MS10-089 - Important Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)
Microsoft Security Bulletin MS10-089 - Important Vulnerabilities in Forefront Unified Access Gateway UAG Could Allow Elevation of Privilege 2316074 Published: November 09, 2010 Version: 1.0 General Information Executive Summary This security update resolves four privately reported vulnerabilities...
Microsoft Security Bulletin MS10-035 - Critical Cumulative Security Update for Internet Explorer (982381)
Microsoft Security Bulletin MS10-035 - Critical Cumulative Security Update for Internet Explorer 982381 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability in...
Zigurrat CMS SQL Injection Vulnerability
================= IUT-CERT ================= Title: Zigurrat CMS SQL Injection Vulnerability Vendor: www.farsi-cms.com Dork: Design by Tagfa Co Type: Input.Validation.Vulnerability SQL Injection Fix: N/A ================== nsec.ir ================= Description: ------------------ Zigurrat CMS is ...
Ananta Gazelle SQL Injection Vulnerability
www.BugReport.ir AmnPardaz Security Research Team Title: Ananta Gazelle SQL Injection Vulnerability Vendor: http://www.anantasoft.com/ Vulnerable Version: 1.0 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: Ananta Gazelle is a rich JavaScript enabled CMS with...
Microsoft Windows TCP/IP and TCP/IPv6 multiple security vulnerabilities
Multiple memory corruptions in ICMPv6, IPSec, TCP implementations...
Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack
Microsoft Windows NT GP Trap Handler Allows Users to Switch Kernel Stack ------------------------------------------------------------------------- CVE-2010-0232 In order to support BIOS service routines in legacy 16bit applications, the Windows NT Kernel supports the concept of BIOS calls in the...
FreeBSD privilege escalation
It's possible to bypass environment variables filtering on suid program execution...
Bypassing DBMS_ASSERT in certain situations
DBMSASSERT can be used to prevent PL/SQL injection. In certain cases it can be bypassed. This is documented in a paper I wrote in July 2008 but am only publishing now: http://www.databasesecurity.com/oracle/Bypassing-DBMSASSERT.pdf Cheers, David Litchfield NGSSoftware Ltd...
[ MDVSA-2009:050-1 ] python-pycrypto
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:050-1 http://www.mandriva.com/security/ Package : python-pycrypto Date : February 23, 2009 Affected: 2009.0 Problem Description: A vulnerability have been discovered and corrected in PyCrypto ARC2 module...
DoS vulnerabilities in Mozilla, Internet Explorer, Google Chrome and Opera
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Denial of Service уязвимостях в браузерах Mozilla Firefox, Opera та Google Chrome. Данные уязвимости похожи на DoS в Firefox, Opera и Chrome http://websecurity.com.ua/2456/, которые я опубликовал в проекте День багов в браузерах. Данную атаку я...
Mozilla Foundation Security Advisory 2008-16
Mozilla Foundation Security Advisory 2008-16 Title: HTTP Referrer spoofing with malformed URLs Impact: Moderate Announced: March 25, 2008 Reporter: Gregory Fleischer, RSnake Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.13 SeaMonkey 1.1.9 Description Security researcher Gregory Fleischer...
eGov Content Manager Cross Site Scripting Vulrnability
HSC eGov Content Manager Cross Site Scripting Vulrnability The eGov Manager was designed to simplify the efforts of government staffers who are responsible for posting public documents, news updates, events, managing staff directories and online services. This issue is due to a failure in the...
iDefense Security Advisory 04.11.07: Apache HTTPD suEXEC Multiple Vulnerabilities
Apache HTTPD suEXEC Multiple Vulnerabilities iDefense Security Advisory 04.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 11, 2007 I. BACKGROUND The suexec binary is a helper application which is part of the Apache HTTP server package. It is designed to allow a script to run wit...
Ezboxx multiple vulnerabilities.
Ezboxx multiple vulnerabilities. Vulnerable version: Ezboxx Portal System Beta v 0.7.6 and below. The Ezboxx Portal System Beta v 0.7.6 and below versions are vulnerable to Cross-site scripting, Path disclosure and SQL Injection attacks. Cross-site scripting: ---------------------- Description:...
TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode)
TFTP Server 3CTftpSvc Buffer Overflow Vulnerability Long transporting mode ------------------------------------------------------------------ SUMMARY: 3CTftpSvc TFTP Server is a Freeware TFTP server for Windows 9x/NT/XP. http://support.3com.com/software/utilitiesforwindows32bit.htm or...
PHPOLL => 0.96 Cross Site Scripting
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM PHPOLL =...
UStore 1.0 (detail.asp) Remote SQL Injection Vulnerability
Title : UStore 1.0 detail.asp Remote SQL Injection Vulnerability Author : ajann http://target/path//detail.asp?ID=SQL Example: //detail.asp?ID=-120union20select200,username,password,0,0,0,0,0,0,020from20tblusers20where20id20like201 """"""""""""""""""""" ajann,Turkey ... Im not Hacker!...
Pie Cart Pro => (Home_Path) Remote File Inclusion Exploit
==================================================================== Pie Cart Pro = HomePath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz http://www.doodlebabies.com/...
XSS Vulnerability in Guest-book script powered by Community Architect
This document is best seen with Font: Verdana Size: 9pt Advisory Name =========== XSS Vulnerability in Guest-book script powered by Community Architect Vulnerable Systems ============== Sites providing web-hosting service powered by Community Architect. Found By ======= Susam Pal Found On =======...
Fortinet Security Advisory: FSA-2006-08
Fortinet Security Advisory: FSA-2006-08 Microsoft Excel Column Index Improper Memory Access Advisory Date : March 14, 2006 Reported Date : January 24, 2006 Vendor : Microsoft Affected Products : Microsoft Excel 2003 Chinese Version Windows XP Home Edition Chinese Version and possible all versions...
WinAmp player buffer overflow
Buffer overflow on oversized computer name in UNC path of .pls on .m3u file entry. Buffer overflow on oversized WMA playlist file entry. Vulnerability can be exploited for hidden trojan installation...
[SA16462] CPAINT Ajax Toolkit Unspecified Command Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Подмена подписанного документа в ECDSA
Серьёзная ошибка в ECDSA. В матаппарате новейшего американского стандарта ЭЦП известного как ECDSA DSA для эллиптических кривых 1 cтр. 25-30 существует серьёзная ошибка позволяющая выбрать такое значение секретного ключа, чтобы получить одинаковые подписи для разных документов. Это позволяет...
Security holes in LokwaBB and W-Agora
Somebody advised me to post also on bugtraq not only on vuln-dev, I thus do it : I just hope that doesn't give more work to the webmasters. Product 1 : W-Agora 4.1.3 http://www.w-agora.net Problem : - Including file Exploits : - With a file http://www.attacker.com/dbaccess.txt :...
Уязвимости в Cisco SN 5420
Различные уязвимости позволяют чтение конфигурации и DoS...
Buffer overflow in awhttpd (Re: Format string bug in awhttpd (Re: [AP] awhttpd v2.2 local DoS))
Hello 3APA3A, OK, format string issue exists only in proposed patch... What about this issue: There are at least 2 buffer overflows with heap corruption, tpbuf can be up to 210 characters while getreqsi is malloc100. Of cause, target file should exist... tpbuf is base dir concatenated with 100...
Обход Trend Micro AppletTrap (protection bypass)
Можно обойти защиту от Javascript Используя Unicode - кодировку...
[USN-2735-1] Oxide vulnerabilities
========================================================================== Ubuntu Security Notice USN-2735-1 September 08, 2015 oxide-qt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Code Injection in Epicor Retail Store 3.2.03.01.008
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Title: Code Injection in Epicor Retail Store Help System CVE: CVE-2015-2210 Vendor: Epicor Product: CRS Retail Store v3.2.03.01.008 Affected version: 3.2.03.01.008 Reported by: Zeng Xianbo Joseph [email protected] Issue identified by: Zeng...
OS Command Injection Infoblox Network Automation
Product: Network Automation, licensed as: • NetMRI • Switch Port Manager • Automation Change Manager • Security Device Controller Vendor: Infoblox Vulnerable Versions: 6.4.X.X-6.8.4.X Tested Version: 6.8.2.11 Vendor Notification: May 12th, 2014 Vendor Patch Availability to Customers: May 16th, 20...
[CORE-2014-0005] - Advantech WebAccess Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Advantech WebAccess Vulnerabilities 1. Advisory Information Title: Advantech WebAccess Vulnerabilities Advisory ID: CORE-2014-0005 Advisory URL: http://www.coresecurity.com/advisories/advantech-webaccess-vulnerabilities Date...
ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability
ESA-2014-055.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2014-055: EMC Network Configuration Manager NCM Report Advisor Session Fixation Vulnerability EMC Identifier: ESA-2014-055 CVE Identifier: CVE-2014-2509 Severity Rating: CVSS v2 Base Score: 6.9 AV:A/AC:M/Au:N/C:C/I:P/A:P Affected...
[USN-2228-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-2228-1 May 27, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
[security bulletin] HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04135307 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04135307 Version: 1 HPSBGN02970 rev....
SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch
SEC Consult Vulnerability Lab Security Advisory 20140228-0 ======================================================================= title: Privilege escalation vulnerability product: MICROSENS Profi Line Modular Industrial Switch Web Manager MS652119PM vulnerable version: Firmware version 10.3.1...
[REVIVE-SA-2013-001] Revive Adserver 3.0.2 fixes SQL injection vulnerability
======================================================================== Revive Adserver Security Advisory REVIVE-SA-2013-001 ------------------------------------------------------------------------ Advisory ID: REVIVE-SA-2013-001 CVE ID: CVE-2013-7149 Date: 2013-12-20 Security risk: Critical...
HP System Management Homepage multiple security vulnerabilities
Code execution, unauthorized access, DoS...
[SECURITY] [DSA 2695-1] chromium-browser security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2695-1 [email protected] http://www.debian.org/security/ Michael Gilbert May 29, 2013 http://www.debian.org/security/faq -...
[waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1
waraxe-2013-SA098 - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1 =============================================================================== Author: Janek Vind "waraxe" Date: 19. March 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-98.html Description of vulnerabl...
Unauthenticated remote access to D-Link DIR-645 devices
Unauthenticated remote access to D-Link DIR-645 devices ======================================================= ADVISORY INFORMATION Title: Unauthenticated remote access to D-Link DIR-645 devices Discovery date: 20/02/2013 Release date: 27/02/2013 Credits: Roberto Paleari [email protected],...
0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities
Title: ====== Free Monthly Websites v2.0 - Multiple Web Vulnerabilities Date: ===== 2013-02-04 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=851 VL-ID: ===== 851 Common Vulnerability Scoring System: ==================================== 8.5 Introduction: =============...
DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up
A few weeks ago, we have announced remote preauth root access exploit for Cisco Linksys http://www.youtube.com/watch?v=cv-MbL7KFKE. Vulnerability details were disclosed here: http://www.defensecode.com/public/DefenseCodeBroadcomSecurityAdvisory.pdf During further research, we have discovered that...
Adobe Flash Player memory corruption
Memory corruption on SWF parsing...
[ MDVSA-2012:154 ] apache
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:154 http://www.mandriva.com/security/ Package : apache Date : September 28, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in apache ASF HTTPD...