47153 matches found
Secunia Research: Autonomy Keyview Ichitaro Text Parsing Buffer Overflow
====================================================================== Secunia Research 07/10/2011 - Autonomy Keyview Ichitaro Text Parsing Buffer Overflow - ====================================================================== Table of Contents Affected...
Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager Advisory ID: cisco-sa-20111005-nac Revision 1.0 For Public Release 2011 October 05 1600 UTC GMT...
Medium severity flaw with Ark
I recently discovered that the Ark archiving tool is vulnerable to directory traversal via malformed. When attempts are made to view files within the malformed Zip file in Ark's default view, the wrong file may be displayed due to incorrect construction of the temporary file name. Whilst this doe...
Secunia Research: Cyrus IMAPd NTTP Authentication Bypass Vulnerability
====================================================================== Secunia Research 05/10/2011 - Cyrus IMAPd NTTP Authentication Bypass Vulnerability - ====================================================================== Table of Contents Affected...
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Advisory ID: cisco-sa-20111005-fwsm Revision 1.0 For Public Release 2011 October 05 1600 UTC GMT +-------------------------------------------------------------------...
[SECURITY] [DSA 2316-1] quagga security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2316-1 [email protected] http://www.debian.org/security/ Florian Weimer October 05, 2011 http://www.debian.org/security/faq -...
quagga route daemon multiple security vulnerabilities
Multiple memory corruptions on OSPF and BGP packets parsing...
cyrus-imapd nntp server security vulnerabilities
Buffer overflow, auuthentication bypass...
[SECURITY] [DSA 2315-1] openoffice.org security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2315-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano October 05, 2011 http://www.debian.org/security/faq -...
vTiger CRM 5.2.x <= Remote Code Execution Vulnerability
vTiger CRM 5.2.x = Remote Code Execution Vulnerability 1. OVERVIEW The vTiger CRM 5.2.1 and lower versions are vulnerable to Remote Code Execution. No fixed version has been released as of 2011-10-05. 2. BACKGROUND vtiger CRM is a free, full-featured, 100 Open Source CRM software ideal for small...
Cytel Studio memory corruptions
Memory corruptions on CY3, CYL, CYB files parsing...
vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities
vTiger CRM 5.2.x = Multiple Cross Site Scripting Vulnerabilities 1. OVERVIEW The vTiger CRM 5.2.1 and lower versions are vulnerable to Cross Site Scripting. No fixed version has been released as of 2011-10-04. 2. BACKGROUND vtiger CRM is a free, full-featured, 100 Open Source CRM software ideal f...
Netvolution referer header SQL injection vulnerability
Netvolution CMS v2.5.8 is vulnerable to a blind SQL injection attack in the HTTP “referer” header. A malicious user may utilize this vulnerability to modify content on the vulnerable website, inject malicious javascript code to a visitor’s browser, collect CMS usernames and plaintext passwords an...
Metropolis Technologies OfficeWatch directory traversal
Embedded web server directory traversal...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
Multiple vulnerabilities in SonicWall
While pentesting a a WIFI network on a customer, we found some vulnerabilities in the SonicWall NSA 4500. You can find details here: http://www.pentest.es/vulnssonicpoint.txt -------------------------------------------------- Title: ====== SonicWall products with incompatible MAC spoofing...
DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval
Title ----- DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval Severity -------- High Date Discovered --------------- September 6th, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description...
SonicWall NSA 4500 protection bypass
ARP spoofing protection doesn't work if used in conjunction...
Vulnerabilities in Cytel Studio 9
Luigi Auriemma Application: Cytel Studio: StatXact / LogXact / CrossOver http://www.cytel.com/Software/StatXact.aspx http://www.cytel.com/Software/LogXact.aspx http://www.cytel.com/Software/Crossover.aspx Versions: = 9.0.0 Platforms: Windows Bugs: A strings stack overflow B rows integer overflow ...
SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability
Title: ====== SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability Date: ===== 2011-10-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=196 VL-ID: ===== 196 Introduction: ============= SonicWALL® ViewPoint™ ist ein benutzerfreundliches webbasiertes Reporting-Too...
Phorum 5.2.18 Cross-site scripting vulnerability
Advisory: Phorum 5.2.18 Cross-site scripting vulnerability Advisory ID: SSCHADV2011-023 Author: Stefan Schurtz Affected Software: Successfully tested on Phorum 5.2.18 Vendor URL: http://www.phorum.org/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description:...
Vulnerabilities in GenStat 14.1.0.5943
Luigi Auriemma Application: GenStat http://www.vsni.co.uk/software/genstat/ Versions: = 14.1.0.5943 Platforms: Windows Bugs: A array overflow with write2 B heap overflow Exploitation: file Date: 01 Oct 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bugs ...
Vulnerability in multiple themes for Drupal
Hello list! The endless saga continue. After informing about a lot of vulnerable plugins and widgets with this swf-file, here is information about multiple vulnerable themes ;-. I want to warn you about Cross-Site Scripting vulnerability in multiple themes for Drupal. And a lot of other themes fo...
DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal
Title ----- DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal Severity -------- High Date Discovered --------------- August 15, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: Chris Graham and r@b13$ Vulnerability Description...
GenStat memory corruption
Memory corruptions on GWB and GSH files processing...
ThinVNC / ThinRDP directory traversal
Directory traversal in embedded web server...
Elastix PBX Extensions Enumeration
Exploit Title: Elastix PBX Extensions Enumeration Date: 1 Oct 2011 Author: Bassem Saleh Contact: Injectoratlivedotcom Software Link: http://www.elastix.org/ Version: 2.X and may be below versions Tested on: 2.0.3 ================================================================ Non privileges user...
EViews memory corruptions
Memory corruption on WF1 files parsing, buffer overflow on PRG parsing...
Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities Advisory ID: cisco-sa-20110928-zbfw Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...
VUPEN Security Research - Novell GroupWise "RRULE" Remote Buffer Overflow Vulnerability
VUPEN Security Research - Novell GroupWise Calendar "RRULE" Remote Buffer Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Novell GroupWise is a messaging and collaborative software platform that...
Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability Advisory ID: cisco-sa-20110928-ipsla Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...
Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerability Advisory ID: cisco-sa-20110928-cucm Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...
Cisco Jabber Extensible Communications Platform / Cisco Unified Presence
Resources exhaustion on XML parsing...
Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities Advisory ID: cisco-sa-20110928-ipv6mpls Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT +---------------------------------------------------------------------...
VUPEN Security Research - Novell GroupWise "BYWEEKNO" Remote Memory Corruption Vulnerability
VUPEN Security Research - Novell GroupWise Calendar "BYWEEKNO" Remote Memory Corruption Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Novell GroupWise is a messaging and collaborative software platform tha...
iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability
iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Advisory ID: cisco-sa-20110928-sip Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...
FreeBSD domain socket name buffer overflow
bind buffer overflow on local domain sockets...
FreeBSD Security Advisory FreeBSD-SA-11:05.unix
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:05.unix Security Advisory The FreeBSD Project Topic: Buffer overflow in handling of UNIX socket addresses Category: core Module: kern Announced: 2011-09-28...
Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability Advisory ID: cisco-sa-20110928-smart-install Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...
VUPEN Security Research - Novell GroupWise "integerList" Remote Buffer Overflow Vulnerability
VUPEN Security Research - Novell GroupWise Calendar "integerList" Remote Buffer Overflow Vulnerability Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Novell GroupWise is a messaging and collaborative software platform th...
Integer overflow in Sterling Trader 7.0.2
Luigi Auriemma Application: Sterling Trader http://www.sterlingtrader.com/TradingPlatforms/tradingplatforms2.html Versions: = 7.0.2 Platforms: Windows Bug: integer overflow Exploitation: remote Date: 25 Sep 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2...
iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability
iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...
Vulnerabilities in EViews 7.2
Luigi Auriemma Application: EViews http://www.eviews.com Versions: = 7.0.0.1 aka 7.2 Platforms: Windows Bugs: A memory corruption B heap overflow Exploitation: file Date: 19 Sep 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bugs 3 The Code 4 Fix...
iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability
iDefense Security Advisory 09.26.11 http://labs.idefense.com/intelligence/vulnerabilities/ Sep 26, 2011 I. BACKGROUND GroupWise is Novell's messaging platform, and includes support for email, calendaring, and instant messaging. More information is available at the following website:...
Cisco Security Advisory: Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability Advisory ID: cisco-sa-20110928-xcpcupsxml Revision 1.0 For Public Release 2011 September 28 1600 UTC GMT...
PcVue ActiveX multiple security vulnerabilities
Unsafe methods, array index overflow, code execution...
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20110928-nat Revision 1.0 For Public Release 2011 Sep 28 1600 UTC GMT +--------------------------------------------------------------------...
Cisco 10000 routers DoS
Crash on ICMP packets parsing...
Vulnerabilities in PcVue 10 (SCADA)
Luigi Auriemma Application: PcVue http://www.arcinfo.com/index.php?option=comcontent&id=2&Itemid=151 Versions: PcVue = 10.0 SVUIGrd.ocx = 1.5.1.0 aipgctl.ocx = 1.07.3702 Platforms: Windows Bugs: A code execution in SVUIGrd.ocx Save/LoadObject B write4 in SVUIGrd.ocx GetExtendedColor C possible...