47153 matches found
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Skype v. 5.x.x - information disclosure
Hello, 3APA3A, Title: ====== Skype v. 5.x.x - information disclosure Date: ===== 2012-02-13 Introduction: ============= Skype is a proprietary voice-over-Internet Protocol service and software application. Abstract: ========= We have discovered improper chat logs handling, which cause in logs...
ESA-2012-007: RSA, The Security Division of EMC, announces security fixes for RSA enVision
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-007: RSA, The Security Division of EMC, announces security fixes for RSA enVision Advisories Updated January 25, 2012 Summary: RSA, The Security Division of EMC, announces security fixes to address a security vulnerability and provide an...
AoF and CSRF vulnerabilities in D-Link DAP 1150
Hello 3APA3A! I want to warn you about new security vulnerabilities in D-Link DAP 1150 Wi-Fi Access Point and Router. These are Abuse of Functionality and Cross-Site Request Forgery vulnerabilities. This is my third advisory from series of advisories about vulnerabilities in D-Link products. Abus...
Multiple new vulnerabilities in Register Plus for WordPress
Hello 3APA3A! I want to warn you about multiple new vulnerabilities in plugin Register Plus for WordPress. These are Cross-Site Scripting, Code Execution and Full path disclosure vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are Register Plus...
EMC RSA enVision information leakage
It's possible to obtain environment variables values...
[security bulletin] HPSBMU02738 SSRT100748 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Unauthorized Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03171149Version: 1 HPSBMU02738 SSRT100748 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Unauthorized Access NOTICE: The information in this Security Bulletin should...
ME Monitoring Manager v9.x; v10.x - Multiple Vulnerabilities
Title: ====== ME Monitoring Manager v9.x; v10.x - Multiple Vulnerabilities Date: ===== 2012-01-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=115 VL-ID: ===== 115 Introduction: ============= Mit dem ManageEngine Applications Manager konnen IT-Administratoren von...
Skype information leakage
Locally deleted messages are only marked as deleted without wipeing or squeezing the database...
TELUS Security Labs VR - Oracle Java Web Start Command Argument Injection Remote Code Execution
Oracle Java Web Start Command Argument Injection Remote Code Execution TSL ID: TSL20120214-01 1. Affected Software Oracle Java Development Kit JDK 6 Update 30 and prior Oracle Java Development Kit JDK 7 Update 2 and prior Oracle JavaFX 2.0.2 and prior Oracle Java Runtime Environment JRE 6 Update ...
Nomachine NX Web Companion code spoofing
client.zip file is downloaded without signature check...
Multiple CSRF, DoS and XSS vulnerabilities in D-Link DAP 1150
Hello 3APA3A! I want to warn you about new security vulnerabilities in D-Link DAP 1150 Wi-Fi Access Point and Router. These are Cross-Site Request Forgery, Denial of Service and Cross-Site Scripting vulnerabilities. This is my fourth advisory from series of advisories about vulnerabilities in...
sqlinjection bug in nova cms
Exploit Title: XRayCMS 1.1.1 SQL Injection Vulnerability Date: 2/12/2012 Author: Dr.web Software Link: http://sourceforge.net/projects/xraycms/files/latest/download Version: 1.1.1 Tested on: Ubuntu XRay CMS is vulnerable to a SQL Injection attack which allows authentication bypass into the admins...
Mutant 200s tuner directory traversal
Directory traversal in embedded web server...
Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability
Title: ====== Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability Date: ===== 2012-02-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=434 VL-ID: ===== 434 Introduction: ============= Der Yahoo Messenger eigene Schreibung Yahoo! Messenger, kurz auch Y!M, YIM oder Y...
Mozilla Firefox / Thunderbird / Seamonkey use-after-free
nsXBLDocumentInfo::ReadPrototypeBindings use-after-free...
apr / aws libraries DoS
resources consumption because of collisions in a hash function...
Yahoo! Messenger buffer overflow
Buffer overflow on file transfer...
NGS00193 Patch Notification: Trend Micro DataArmor and DriveArmor - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption
Critical Vulnerability in DataArmor and DriveArmor 24 January 2012 Stuart Passe of NGS Secure has discovered a Critical vulnerability in DataArmor and DriveArmor. Impact: Restricted Environment breakout, Privilege Escalation and Full Disk Decryption Versions affected: DataArmor 3.0.10 or greater...
D-Link DIR-601 TFTP Directory Traversal Vulnerability
Vulnerability title: D-Link DIR-601 TFTP Directory Traversal Vulnerability CVSS Risk Rating: 7.8 High Product: D-Link DIR-601 Wireless N 150 Home Router Application Vendor: D-Link Vendor URL: www.dlink.com Public disclosure date: 1/20/2012 Discovered by: Rob Kraus and Solutionary Engineering...
D-Link DIR-601 directory traversal
TFTP server directory traversal...
AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AdaCore Security Advisory ========================= SA-2012-L119-003 Hash collisions in AWS Problem: Impacted versions of AWS store key/value pairs from submitted form data in hash tables using a hash function that has predictable collisions. As a...
Novell iPrint buffer overflow
Buffer overflow on TCP/631 request parsing...
sudo format string vulnerability
Format string vulnerability on logging...
ESA-2012-005: EMC NetWorker buffer overflow vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-005: EMC NetWorker buffer overflow vulnerability. EMC Identifier: ESA-2012-005 EMC Identifier: NW135173 CVE Identifier: CVE-2012-0395 Severity Rating: CVSS v2 Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C Affected products: EMC NetWorker Server...
SQL injection in Bigware shop software
The Bigware shop software prior to version 2.15 contains a SQL injection, resulting in full database compromise. The injection point is the POST parameter 'lastname' in the module mainbigware43.php. A user must be created before exploitation. Proof of concept is at...
XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge)
Attach some PoC analysis related to a XSS vulnerability to phpldapadmin. I previously coordinate with the Cert-US in order they contact with Sourceforge and Debian, but receive they was unable to put in contact with them. The first discover was on January 10 for 1.1.6 version, where after noticed...
ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-12-028 February 8, 2012 - -- CVE ID: CVE-2011-1392 - -- CVSS: 9,...
CA Total Defense multiple security vulnerabilities
SQL injection, information leakage...
Cyberoam Central Console v2.00.2 - File Include Vulnerability
Title: ====== Cyberoam Central Console v2.00.2 - File Include Vulnerability Date: ===== 2012-02-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=405 VL-ID: ===== 405 Introduction: ============= Cyberoam Central Console CCC appliances offer the flexibility of hardware...
D-Link ShareCenter security vulnerabilities
Authentication bypass, information leakage...
ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-022 February 8, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: Tota...
[SECURITY] [DSA 2395-1] wireshark security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2395-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 27, 2012 http://www.debian.org/security/faq -...
Wireshark multiple security vulnerabilities
LANalyzer buffer overflow, DoS...
ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-030 February 8, 2012 - -- CVE ID: CVE-2011-1388 - -- CVSS: 9,...
IBM ActiveX multiple security vulnerabilities
SPSS and Rational Rhapsody ActiveX multiple security vulnerabilities...
EMC Networker buffer overflow
Buffer overflow on RPC request parsing in indexd.exe...
SimpleGroupware 0.742 Cross-Site-Scripting vulnerability
Advisory: SimpleGroupware 0.742 Cross-Site-Scripting vulnerability Advisory ID: INFOSERVE-ADV2012-01 Author: Stefan Schurtz Contact: [email protected] Affected Software: Successfully tested on SimpleGroupware 0.742 Vendor URL: http://www.simple-groupware.de/ Vendor Status: fixed see Changelog...
Multiple vulnerabilities in postfixadmin
Advisory ID: CSA-12002 Title: Multiple vulnerabilities in postfixadmin Product: postfixadmin Version: 2.3.4 and probably prior Vendor: www.postifixadmin.org Vulnerability type: SQL injection, XSS Vendor notification: 2012-01-10 Public disclosure: 2012-01-26 postfixadmin version 2.3.4 and probably...
ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-019 January 30, 2012 - -- CVE ID: CVE-2012-0188 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:...
Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14
Summary ======= Bugzilla is a Web-based bug-tracking system used by a large number of software projects. The following security issues have been discovered in Bugzilla: When a user creates a new account, Bugzilla doesn't correctly reject email addresses containing non-ASCII characters, which coul...
ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-026 February 8, 2012 - -- CVE ID: CVE-2012-0190 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-029 February 8, 2012 - -- CVE ID: CVE-2011-1391 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - --...
Multiple vulnerabilities in OpenEMR
Advisory ID: HTB23069 Product: OpenEMR Vendor: OEMR Vulnerable Version: 4.1.0 and probably prior Tested Version: 4.1.0 Vendor Notification: 11 January 2012 Vendor Patch: 29 January 2012 Public Disclosure: 01 February 2012 Vulnerability Type: Local File Inclusion, Arbitrary Command Execution...
Multiple vulnerabilities in OSclass
Advisory ID: HTB23068 Reference: https://www.htbridge.ch/advisory/multiplevulnerabilitiesinosclass.html Product: OSclass Vendor: osclass.org http://osclass.org/ Vulnerable Version: 2.3.3 and probably prior Tested Version: 2.3.3 Vendor Notification: 04 January 2012 Vendor Patch: 16 January 2012...
DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass
Title ----- DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass Severity -------- High Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Date Discovered --------------- December 7, 2011 Vulnerability Description...
CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache CXF 2.4.5 and 2.5.1 Description: CXF does not validate a WS-Security UsernameToken receiv...
ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability. EMC Identifier: ESA-2012-009 EMC Identifier: CS-16072 EMC Identifier: CS-16073 CVE Identifier: CVE-2011-4144 Severity Rating: CVSS v2 Base Score: 6.8...
AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary file upload
Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload Version: 1.1.9 Date: 2012-01-19 Author: 6Scan http://6scan.com security team Software Link: http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/ Official fix: This advisory is released after the vendor was...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...