[CVE-2012-1089] Apache Wicket serving of hidden files vulnerability

Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Wicket 1.4.x and 1.5.x Description: It is possible to view the content of any file of a web application by using an Url to a Wicket resource which resolves to a 'null' package. With such a Url the attacker can...

Multiple vulnerabilities in Open Journal Systems (OJS)

Advisory ID: HTB23079 Product: Open Journal Systems OJS Vendor: Public Knowledge Project Vulnerable Versions: 2.3.6 and probably prior Tested Version: 2.3.6 Vendor Notification: 29 February 2012 Vendor Patch: 16 March 2012 Public Disclosure: 21 March 2012 Vulnerability Type: Arbitrary File...

[SECURITY] [DSA 2445-1] typo3-src security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2445-1 [email protected] http://www.debian.org/security/ Florian Weimer March 31, 2012 http://www.debian.org/security/faq -...

[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7

We don't release 0days... except when vendors show no interest in fixing their their bugs. http://umbraco.com/umbraco/dashboard/FeedProxy.aspx?url=http://en.wikipedia.org/wiki/Openproxy Have fun. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Matta Consulting - Matta Advisory...

Brute Force и XSS уязвимость в Wordpress

Здравствуйте 3APA3A! Сообщаю вам об ещё одной уязвимости в WordPress, о которой мне известно уже давно - это Brute Force через XML-RPC функционал в WordPress. Brute Force WASC-11: http://site/xmlrpc.php В данном функционале нет защиты от Brute Force атак. При отправке соответствующих POST-запросо...

Wordpress taggator plugin Sql Injection Vulnerabilities

a bug in Wordpress taggator plugin that allows to us to occur a Sql Injection on a Remote machin. Exploit Title : Wordpress taggator plugin Sql Injection Vulnerabilities Author : BHG Security Center - IrIsT Security Team Discovered By : Am!r Home : http://Black-hg.Org - http://IrIsT.Ir Software...

[waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0

waraxe-2012-SA082 - File Existence Disclosure in Uploadify 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-82.html Description of vulnerable software:...

[ MDVSA-2012:050 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:050 http://www.mandriva.com/security/ Package : phpmyadmin Date : April 3, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in phpmyadmin: It wa...

Cisco WebEx Player buffer overflow

Buffer overflow on .WRF files parsing...

Quest InTrust ActiveX buffer overflows

ArDoc.dll and AnnotateX.dll buffer overflows...

[security bulletin] HPSBUX02755 SSRT100667 rev.1 - HP-UX WBEM, Remote Unauthorized Access to Diagnostic Data

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03221589 Version: 1 HPSBUX02755 SSRT100667 rev.1 - HP-UX WBEM, Remote Unauthorized Access to Diagnostic Data NOTICE: The information in this Security Bulletin should be acted upon as soon as...

[ MDVSA-2012:038 ] openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:038 http://www.mandriva.com/security/ Package : openssl Date : March 26, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in...

Quake 3 / ioquake3 traffic amplification vulnerability

Source of getstatus UDP message is not checked...

NGS00158 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Arbitrary file download is possible with a crafted URL when logged in as any user

Medium Risk Vulnerability in McAfee Email and Web Security Appliance 29 March 2012 Ben Williams of NGS Secure has discovered a medium risk vulnerability in the McAfee Email and Web Security Appliance Impact: Arbitrary file download is possible with a crafted URL, when logged in as any user Versio...

Wireshark multiple security vulnerabilities

DoS via ANSI A, IEEE 802.11, MP2T protocols...

Intuit Help System Protocol URL Heap Corruption and Memory Leak

Intuit Help System Protocol URL Heap Corruption and Memory Leak Derek Soeder [email protected] Reported to [email protected] on March 15, 2012; vendor did not respond. Reported to CERT on March 22, 2012; vendor did not respond. Responsible disclosure failed with error code 10060. Published:...

[ MDVSA-2012:042 ] wireshark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:042 http://www.mandriva.com/security/ Package : wireshark Date : March 28, 2012 Affected: 2011. Problem Description: Multiple vulnerabilities was found and corrected in Wireshark: The ANSI A dissector could...

[ MDVSA-2012:041 ] expat

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:041 http://www.mandriva.com/security/ Package : expat Date : March 27, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: A memory leak and a hash table collision flaw in expat could...

Cisco IOS multiple security vulnerabilities

Multiple DoS conditions...

D-Link SecuriCam DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability

D-Link SecuriCam DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability tested against: Microsoft Windows Server 2003 r2 sp2 Internet Explorer 7/8 Live demo: http://203.125.227.70/eng/index.cgi username: dlink password: dlink product homepage:...

raptor library (libreoffice / openoffice) file injection

It's possible to inject file via XML...

OpenSSL security vulnerabilities

DoS, CMS implementation vulnerabilities...

Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution

Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution homepage: http://www.quest.com/intrust/ description: "InTrust securely collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems, helping you comply...

Cisco Security Advisory: Cisco IOS Internet Key Exchange Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Internet Key Exchange Vulnerability Advisory ID: cisco-sa-20120328-ike Revision 1.0 For Public Release 2012 March 28 16:00 UTC GMT +-------------------------------------------------------------------- Summary =====...

HP-UX WBEM unauthorized access

No description provided...

NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Password hashes can be recovered from a system backup and easily cracked

Medium Risk Vulnerability in McAfee Email and Web Security Appliance 29 March 2012 Ben Williams of NGS Secure has discovered a medium risk vulnerability in the McAfee Email and Web Security Appliance Impact: Active session tokens of other users are disclosed within the UI Versions affected: All...

NGS00155 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Any logged-in user can bypass controls to reset passwords of other administrators

High Risk Vulnerability in McAfee Email and Web Security Appliance 29 March 2012 Ben Williams of NGS Secure has discovered a high risk vulnerability in the McAfee Email and Web Security Appliance Impact: Any logged-in user can bypass controls to reset passwords of other administrators If role-bas...

Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability Advisory ID: cisco-sa-20120328-ssh Revision 1.0 For Public Release 2012 March 28 16:00 UTC GMT...

McAfee Email and Web Security Appliance multiple security vulnerabilities

XSS, authentication bypass, privilege escalation, information leakage, directory traversal...

libzip securitty vulnerabilities

Buffer overflow and integer overflow on zip files parsing...

Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite Vulnerability

Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite homepage: http://www.quest.com/intrust/ description: "InTrust securely collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems, helping you comply...

TrendNet SecurView ActiveX buffer overflow

UltraMJCam control buffer overflow...

Traffic amplification via Quake 3-based servers

It has been discovered that spoofed "getstatus" UDP requests are being used by attackers0123 to direct status responses from multiple Quake 3-based servers to a victim, as a traffic amplification mechanism for a denial of service attack on that victim. Open-source games derived from the Quake 3...

Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability Advisory ID: cisco-sa-20120328-smartinstall Revision 1.0 For Public Release 2012 March 28 16:00 UTC GMT...

[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip

PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2012-02 Released on: 21st March 2012 Affected products: libzip = 0.10 PHP 5.4.0 PHP = 5.3.10 zipruby = 0.3.6 Impact: heap overflow, information leak Credit: - Thomas Klausner - Timo Warns PRESENSE Technologies GmbH CVE...

VMware High-Bandwidth Backdoor ROM Overwrite Privilege Elevation

VMware High-Bandwidth Backdoor ROM Overwrite Privilege Elevation Derek Soeder [email protected] Reported: December 5, 2011 Published: March 30, 2012 AFFECTED VENDOR --------------- VMware, Inc. AFFECTED ENVIRONMENTS --------------------- The following VMware product versions are known to be...

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability Advisory ID: cisco-sa-20120328-nat Revision 1.0 For Public Release 2012 March 28 16:00 UTC GMT +-------------------------------------------------------------------...

Intuit QuickBook сode execution

Code execution and memory corruption in intu-help-qb5: protocol handler...

D-Link SecuriCam ActiveX buffer overflow

Buffer overflow in DcsCliCtrl.dll control...

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features Advisory ID: cisco-sa-20120328-mace Revision 1.0 For Public Release 2012 March 28 16:00 UTC GMT...

Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability Advisory ID: cisco-sa-20120328-rsvp Revision 1.0 For Public Release 2012 March 28 16:00 UTC GMT +---------------------------------------------------------------------...

NGS00153 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Reflective XSS allowing an attacker to gain session tokens

High Risk Vulnerability in McAfee Email and Web Security Appliance 29 March 2012 Ben Williams of NGS Secure has discovered a high risk vulnerability in the McAfee Email and Web Security Appliance Impact: Reflective XSS allowing an attacker to gain session tokens Versions affected: All versions...

[SECURITY] [DSA 2443-1] linux-2.6 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2443-1 [email protected] http://www.debian.org/security/ Dann Frazier March 26, 2012 http://www.debian.org/security/faq -...

TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow

TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow camera demo http://67.203.184.58:9193/admin/view.cgi?profile=0 username=guest password=guest Background: The mentioned product, when browsing the device w...

[security bulletin] HPSBMU02756 SSRT100596 rev.1 - HP Performance Manager Running on HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03255321 Version: 1 HPSBMU02756 SSRT100596 rev.1 - HP Performance Manager Running on HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code, Denial of Service DoS NOTICE: The...

PHP 5.4/5.3 deprecated eregi() memory_limit bypass

PHP 5.4/5.3 deprecated eregi memorylimit bypass Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 30.03.2012 Original link: http://cxsecurity.com/issue/WLB-2012030272 PoC's: memorylimit poc http://cxsecurity.com/issue/WLB-2012030271 openbasedir poc...

CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: libraptor - XXE in RDF/XML File Interpretation Release Date: 2012-03-24 Applications: libraptor / librdf...

PHP DoS

Resouces exhaustion on POSIX regular expressions functions...

Intuit Help System Protocol File Retrieval

Intuit Help System Protocol File Retrieval Derek Soeder [email protected] Reported to [email protected] on March 15, 2012; vendor did not respond. Reported to CERT on March 22, 2012; vendor did not respond. Responsible disclosure failed with error code 10060. Published: March 30, 2012 AFFECT...

NGS00154 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Session hijacking and bypassing client-side session timeouts

Medium Risk Vulnerability in McAfee Email and Web Security Appliance 29 March 2012 Ben Williams of NGS Secure has discovered a medium risk vulnerability in the McAfee Email and Web Security Appliance Impact: Session hijacking and bypassing client-side session timeouts Versions affected: All...