47153 matches found
Samba file existance check
It's possible to check file existance by error message of mount.cifs...
Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901)
1 Background ============ Android applications are executed in a sandbox environment, to ensure that no application can access sensitive information held by another, without adequate privileges. For example, The Browser application holds sensitive information such as cookies, cache and history, a...
FireFox information leakage
DNS names for websockets requests are resolved via system DNS server instead of configured SOCKS...
rssh restrictions bypass
It's possible to bypass restrictions by manipulating with environment variables...
HP Performance Insight for Networks multiple security vulnerabilities
Crossite scripting, SQL injection, privilege escalation...
Apple Mac OS X filevault information leakage
Encrypted file system password is written in cleartext to log file...
HP System Health Application сode execution
No description provided...
Samba privilege escalation
Unprivileged user can execute privileged RPC calls to modify accounts database...
[ MDVSA-2012:070 ] samba
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:070 http://www.mandriva.com/security/ Package : samba Date : May 4, 2012 Affected: 2010.1, Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in samba: A file existence...
SQL Injection and other issues in Micro Technology Services, Inc. Lynx
Summary The Micro Technology Services Inc. "Lynx Message Server 7.11.10.2" and/or "LynxTCPService version 1.1.62" web interface is vulnerable to SQL Injection, Cross-Site Scripting, and other security problems. 2. Description Lynx is a "Facility wide Duress and Emergency Notification" system...
Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability
Advisory: Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability Advisory ID: KORAMIS-ADV2012-001 Contact: [email protected] Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.6 Vendor URL: http://www.s9y.org Vendor Status: fixed...
IAA, Redirector and XSS vulnerabilities in WordPress
Hello 3APA3A! I want to warn you about security vulnerabilities in WordPress. These are Insufficient Anti-automation, Redirector and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are WordPress 2.0 - 3.3.1. ---------- Detail...
[waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page
waraxe-2012-SA088 - Reflected XSS in Joomla 2.5.4 admin sysinfo page =============================================================================== Author: Janek Vind "waraxe" Date: 03. May 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-88.html CVE:...
Local File Inclusion in PluXml
Advisory ID: HTB23086 Product: PluXml Vendor: pluxml.org Vulnerable Versions: 5.1.5 and probably prior Tested Version: 5.1.5 Vendor Notification: 11 April 2012 Vendor Patch: 16 April 2012 Public Disclosure: 2 May 2012 Vulnerability Type: Local File Inclusion CVE References: CVE-2012-2227 Solution...
[security bulletin] HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03312417 Version: 1 HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting XSS, Privilege...
LAN Messenger v1.2.28 - Denial of Service Vulnerability
Title: ====== LAN Messenger v1.2.28 - Denial of Service Vulnerability Date: ===== 2012-05-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=537 VL-ID: ===== 537 Introduction: ============= LAN Messenger is a free and open source cross-platform instant messaging...
HP SNMP Agents for Linux security vulnerabilities
Crossite scripting, URL redirection...
VMWare privilege escalation
Uninitialized memory reference on guest system call processing...
VMware Backdoor Response Uninitialized Memory Potential VM Break
VMware Backdoor Response Uninitialized Memory Potential VM Break Derek Soeder [email protected] Reported: December 5, 2011 Published: May 3, 2012 AFFECTED VENDOR --------------- VMware, Inc. AFFECTED ENVIRONMENTS --------------------- The following VMware product versions are known to be...
[waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template
waraxe-2012-SA087 - Reflected XSS in Joomla 1.5.26 "japurity" template =============================================================================== Author: Janek Vind "waraxe" Date: 03. May 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-87.html CVE:...
Multiple vulnerabilities in OrangeHRM
Advisory ID: HTB23080 Product: OrangeHRM Vendor: OrangeHRM Inc. Vulnerable Versions: 2.7 RC and probably prior Tested Version: 2.7 RC Vendor Notification: 7 March 2012 Vendor Patch: 24 April 2012 Public Disclosure: 9 May 2012 Vulnerability Type: SQL Injection, Cross-Site Scripting XSS CVE...
Firefox security bug (proxy-bypass) in current Tor BBs
https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs "A user has discovered a severe security bug in Firefox related to websockets bypassing the SOCKS proxy DNS configuration. This means when connecting to a websocket service, your Firefox will query your local DNS...
Apple Legacy filevault barn door...
As someone said here recently, carefully built crypto has a unfortunate tendency to consist of three thick impregnable walls and a picket fence in the back with the gate left open. That seems to have happened to Apple's older "legacy" Filevault in the current release of MacOX Lion 10.7.3...
VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory Potential VM Break
VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory Potential VM Break Derek Soeder [email protected] Reported: December 5, 2011 Published: May 3, 2012 AFFECTED VENDOR --------------- VMware, Inc. AFFECTED ENVIRONMENTS --------------------- The following VMware product versions ar...
Android information leakage
All local applications have unrestricted /proce access and access to SQLite journal files...
Cross-Site Scripting (XSS) in Pivotx
Advisory ID: HTB23087 Product: Pivotx Vendor: pivotx.net Vulnerable Versions: 2.3.2 and probably prior Tested Version: 2.3.2 Vendor Notification: 18 April 2012 Vendor Patch: 18 April 2012 Public Disclosure: 9 May 2012 Vulnerability Type: Cross-Site Scripting XSS CVE Reference: CVE-2012-2274...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0009 Synopsis: VMware Workstation, Player, ESXi and ESX patches address critical security issues Issue date: 2012-05-03 Updated on:...
rssh security announcement
rssh is a shell for restricting SSH access to a machine to only scp, sftp, or a small set of similar applications. http://www.pizzashack.org/rssh/ Henrik Erkkonen has discovered that, through clever manipulation of environment variables on the ssh command line, it is possible to circumvent rssh. ...
HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03301854 Version: 1 HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting XSS, URL Redirection NOTICE: The information in this Security Bulletin should be acted upo...
[CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability
-------------------------------------------------------------------- OpenConf = 4.11 author/edit.php Blind SQL Injection Vulnerability -------------------------------------------------------------------- author...............: Egidio Romano aka EgiX mail.................: n0b0d13satgmaildotcom...
Adobe Shockwave Player multiple security vulnerabilities
Multiple memory corruptions...
[CAL-2011-0073]CVE-2012-2028 Adobe Photoshop parsing TIF heap buffer overflow vulnerability
hi dear, today, adobe publiced a bulletins about adboe photoshop. http://www.adobe.com/support/security/bulletins/apsb12-11.html nine8 of code audit labs of vulnhunt.com with "vulnhunt Fuzzing" discovered a vulnerability named CVE: CVE-2012-2028. more details see...
Adobe Flash Professional buffer overflow
Buffer overflow on files processing...
Adobe Illustrator multiple security vulnerabilities
Multiple memory corruptions on file processing...
Adobe Flash Player memory corruption
Memory corruption due to invalid objects handling...
[CAL-2011-0073]CVE-2012-2028 Adobe Photoshop parsing TIF heap buffer overflow vulnerability
hi dear, today, adobe publiced a bulletins about adboe photoshop. http://www.adobe.com/support/security/bulletins/apsb12-11.html nine8 of code audit labs of vulnhunt.com with "vulnhunt Fuzzing" discovered a vulnerability named CVE: CVE-2012-2028. more details see...
CORE-2011-1123: Windows Kernel ReadLayoutFile Heap Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Windows Kernel ReadLayoutFile Heap Overflow 1. Advisory Information Title: Windows Kernel ReadLayoutFile Heap Overflow Advisory ID: CORE-2011-1123 Advisory URL:...
Adobe Shockwave Player Remote Code Execution (CVE-2012-2031)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2031 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...
Adobe Shockwave Player Remote Code Execution (CVE-2012-2030)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2030 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...
Adobe Shockwave Player Remote Code Execution (CVE-2012-2029)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.dissect.pe Memory corruption when Adobe Shockwave Player parses .dir media file CVE-2012-2029 INTRODUCTION Adobe Shockwave Player is the Adobe plugin to many different browsers to view...
Apple iOS multiple security vulnerabilities
URL spoofing, crossite scripting, memory corruptions...
APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update iOS 5.1.1 Software Update is now available and addresses the following: Safari Available for: iPhone 3GS, iPhone 4, iPhone 4S, iPod touch 3rd generation and later, iPad, iPad 2 Impact: A maliciously...
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
Multiple memory corruptions in main code and different libraries, crossite scripting, information leakage...
NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM
======= Summary ======= Name: Websense Triton 7.6 Unauthenticated remote command execution as SYSTEM Release Date: 30 April 2012 Reference: NGS00140 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: Critical Status: Published ========...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Opera / Mozilla / Internet Explorer DoS
Large number of nested tags leads to buffer overflow...
McAfee Virtual Technician ActiveX code execution
GetObject unsafe function...
PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities
Exploit Title: PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities Date: 04/21/12 Author: G13 Twitter: @g13net Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Category: webapp php ToC 0x01 Description 0x02 XSS 0x03 SQL Injection 0x04 Vendor Notification 0x01...
DIY CMS v1.0 Poll - Multiple Web Vulnerabilities
Title: ====== DIY CMS v1.0 Poll - Multiple Web Vulnerabilities Date: ===== 2012-04-26 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=518 VL-ID: ===== 518 Introduction: ============= Do It Yourslef Content Management System is a feature-rich, php-built, mysql-based,...