47153 matches found
NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM
======= Summary ======= Name: Symantec pcAnywhere Remote Code Execution Preauth Release Date: 30 April 2012 Reference: NGS00118 Discoverer: Edward Torkington [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec pcAnywhere 12.5.x IT Management Suite 7.0...
Oracle TNS Poison vulnerability is actually a 0day with no patch available
Hi all, Short history: The remote pre-authenticated vulnerability with CVSS2 10 I published some days ago 1, the vulnerability I called Oracle TNS Poison reported to vendor in 2008, is a 0day affecting all database versions from 8i to 11g R2. There is no patch at all for this vulnerability and...
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
Title: ====== C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=484 VL-ID: ===== 484 Introduction: ============= XPhone Unified Communications 2011 ist die leistungsstarkste Telefonie- und...
DoS vulnerabilities in Firefox, Internet Explorer and Opera
Hello 3APA3A! I want to warn you about Denial of Service vulnerability in Mozilla Firefox, Internet Explorer and Opera. Earlier there was published DoS vulnerability in browser Opera 10.10 found by Inj3ct0r http://securityvulns.com/news/Opera/1002.html. And some time ago I've checked this exploit...
Car Portal CMS v3.0 - Multiple Web Vulnerabilities
Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=502 VL-ID: ===== 502 Introduction: ============= Car Portal is a php software product for running auto classifieds websites. It provid...
NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI
======= Summary ======= Name: Websense Triton 7.6 stored XSS in report management UI Release Date: 30 April 2012 Reference: NGS00141 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: High Status: Published ======== TimeLine ========...
DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities
Title: ====== DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities Date: ===== 2012-04-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=509 VL-ID: ===== 509 Introduction: ============= DirectAdmin is a graphical web-based web hosting control panel designed to make...
Re: The history of a -probably- 13 years old Oracle bug: TNS Poison
I wanted to comment on the workarounds for this problem: 1 Setting SQLNET.ENCRYPTIONSERVER=REQUIRED on the server is not enough to protect you. To avoid "man in the middle" attacks, you need to have an SSL certificate on the server and SSLSERVERDNMATCH=TRUE in the client's sqlnet.ora. 2 Another w...
mysqldumper1.24.4_LFI_XSS_CSRF_PHPEXEC_TRAVERSAL_INFO_DISCLOS
================================================================================================ Vulnerable Software: MySQLDumper Version 1.24.4 Downloaded from: http://sourceforge.net/projects/mysqldumper/files/ MD5 SUM: b62357a0d5bbb43779d16427c30966a1 MySQLDumper1.24.4.zip...
Pritlog v0.821 CMS - Multiple Web Vulnerabilities
Title: ====== Pritlog v0.821 CMS - Multiple Web Vulnerabilities Date: ===== 2012-04-29 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=534 VL-ID: ===== 534 Introduction: ============= PRITLOG is an extremely simple, small 500K uncompressed and powerful blog system. It...
Opial CMS v2.0 - Multiple Web Vulnerabilities
Title: ====== Opial CMS v2.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=522 VL-ID: ===== 522 Introduction: ============= Opial lets you create audio mp3/ram/rm/avi/mpg/wav/ai f or any other format audio/video...
Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities
a bug in Wordpress WPsc-MijnPress plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. Exploit Title : Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities Author : BHG Security Center - IrIsT Security Team Discovered By : Am!r Home : http://Black-hg.Org -...
Symantec PCAnywhere multiple security vulnerabilities
Code execution, privilege escalation...
IA, CSRF and FPD vulnerabilities in Organizer for WordPress
Hello 3APA3A! I want to warn you about multiple new security vulnerabilities in plugin Organizer for WordPress. This is the third in series of advisories concerning vulnerabilities in this plugin. These are Insufficient Authorization, Cross-Site Request Forgery and Full path disclosure...
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject Security Bypass Remote Code Execution Vulnerability tested against: Microsoft Windows Vista sp2 Microsoft Windows 2003 r2 sp2 Internet Explorer 7/8/9 product homepage:...
NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation
======= Summary ======= Name: Symantec pcAnywhere insecure file permissions local privilege escalation Release Date: 30 April 2012 Reference: NGS00117 Discoverer: Edward Torkington [email protected] Vendor: Symantec Vendor Reference: Systems Affected: Symantec pcAnywhere 12.5.x IT...
NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow
High Risk Vulnerability Oracle Grid Engine 30 April 2012 Edward Torkington of NGS Secure has discovered a High risk vulnerability in Oracle Grid Engine Impact: sgepasswd Buffer Overflow Versions affected: version 62u7 This has been addresses as part of oracle April update:...
PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities
Title: PHP Volunteer Management getmessages.php SQL Injection Vulnerabilities Author: eidelweiss Twitter: @AriosRandy Website: www.eidelweiss.info Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Category: webapp php Greetz: Devilzc0de, exploit-db, G13 first vuln...
[SECURITY] [DSA 2461-1] spip security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2461-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 26, 2012 http://www.debian.org/security/faq -...
NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI
======= Summary ======= Name: Websense Triton 7.6 Authentication-bypass in report management UI Release Date: 30 April 2012 Reference: NGS00138 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: High Status: Published ======== TimeLine...
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability
Title: ====== C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=484 VL-ID: ===== 484 Introduction: ============= XPhone Unified Communications 2011 ist die leistungsstarkste Telefonie- und...
Imagemagic multiple security vulnerabilities
Buffer overflows, insufficient user supplied data validation...
[SECURITY] [DSA 2462-1] imagemagick security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2462-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 29, 2012 http://www.debian.org/security/faq -...
NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI
======= Summary ======= Name: Websense Triton 7.6 reflected XSS in report management UI Release Date: 30 April 2012 Reference: NGS00137 Discoverer: Ben Williams [email protected] Vendor: Websense Vendor Reference: Systems Affected: Risk: Medium Status: Fixed ======== TimeLine ========...
[ MDVSA-2012:065 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:065 http://www.mandriva.com/security/ Package : php Date : April 27, 2012 Affected: 2010.1, 2011. Problem Description: Multiple vulnerabilities has been identified and fixed in php: The PDORow implementation...
XSS, CSRF and AFU vulnerabilities in Organizer for WordPress
Hello 3APA3A! I want to warn you about multiple security vulnerabilities in plugin Organizer for WordPress. This is the second in series of advisories concerning vulnerabilities in this plugin. These are Cross-Site Scripting reflected and persistent, Cross-Site Request Forgery and Arbitrary File...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Linux kernel multiple security vulnerabilities
DoS, information leakage, privilege escalation...
NVidia Linux / Unix drivers privilege escalation
Kernel memory access is possible...
[USN-1406-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1406-1 March 27, 2012 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Multiple vulnerabilities in Piwigo
Advisory ID: HTB23085 Product: Piwigo Vendor: Piwigo project Vulnerable Versions: 2.3.3 and probably prior Tested Version: 2.3.3 Vendor Notification: 4 April 2012 Vendor Patch: 8 April 2012 Public Disclosure: 25 April 2012 Vulnerability Type: Directory Path Traversal, Cross-Site Scripting XSS CVE...
[USN-1413-1] Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1413-1 March 29, 2012 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
RuggedCom SCADA equipment backdoor
RuggedCom's Rugged Operating System backdoor account...
HP ProCurve switches compact flash cards virus
Some of the devices contain virus on compact flash card...
Android information leak
---------------------------- Vulnerability Description ---------------------------- We found that any android application can read all world-readable files in the "/proc" directory without specifying any permissions in their manifest files. This can leak sensitive information. For example, if the...
AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver
Asterisk Project Security Advisory - AST-2012-005 Product Asterisk Summary Heap Buffer Overflow in Skinny Channel Driver Nature of Advisory Exploitable Heap Buffer Overflow Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On March 26, 2012 Reported By Russell...
OpenSSL memory corruption
Memory corruption in asn1d2ireadbio/SMIMEreadPKCS7/SMIMEreadCMS...
Astaro Command Center crossite scripting
Multiple crossite scripting vulnerabilities...
Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities
Title: ====== Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=8 VL-ID: ===== 8 Introduction: ============= Das Astaro Security Gateway 625 wurde speziell fur den Schutz gro?er Unternehm...
ChurchCMS 0.0.1 'admin.php' Multiple SQLi
Exploit Title: ChurchCMS 0.0.1 'admin.php' Multiple SQLi Date: 04/21/12 Author: G13 Twitter: @g13net Software Link: http://sourceforge.net/projects/churchcms/?source=directory Version: 0.0.1 Category: webapps php Description ChurchCMS is the software to place on your church's website that is easi...
VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0007 Synopsis: VMware hosted products and ESXi/ESX patches address privilege escalation Issue date: 2012-04-12 Updated on: 2012-04-...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer
Trustwave SpiderLabs Security Advisory TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer https://www.trustwave.com/spiderlabs/advisories/TWSL2012-008.txt Published: 04/11/12 Version: 1.0 Vendor: Plixer International http://www.plixer.com Product: Scrutinizer NetFlow a...
Astaro Security Gateway crossite scripting
Multiple crossite scripting possibilities...
RuggedCom - Backdoor Accounts in my SCADA network? You don't say...
Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: April 23, 2012 CVE: CVE-2012-1803 Background: RuggedCom is one of a handful of networking vendors who capitalize on the market for "Industrial Strength" and "Hardened" networking equipment. You'll find...
Plixer Scrutinizer NetFlow and sFlow Analyzer multiple security vulnerabilities
Authentication bypass, SQL injection, crossite scripting...
VMWare ESXi / ESX weak permissions
VMWare Tools folder weak permissions...
AST-2012-004: Asterisk Manager User Unauthorized Shell Access
Asterisk Project Security Advisory - AST-2012-004 Product Asterisk Summary Asterisk Manager User Unauthorized Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known No Reported On February 23, 2011 Reported By David Woolley...
PHP Ticket System Beta 1 'p' SQL Injection
Exploit Title: PHP Ticket System Beta 1 'p' SQL Injection Date: 04/16/12 Author: G13 Twitter: @g13net Software Site: http://sourceforge.net/projects/phpticketsystem/ Version: Beta 1 Category: webapp php Description PHP Ticket System is a small PHP MySQL trouble ticket or work ordersystem that is ...
[ MDVSA-2012:064 ] openssl0.9.8
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:064 http://www.mandriva.com/security/ Package : openssl0.9.8 Date : April 24, 2012 Affected: 2010.1 Problem Description: It was discovered that the fix for CVE-2012-2110 MDVSA-2012:060 was not sufficient to...