ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-151 April 29, 2011 -- CVE ID: CVE-2011-1735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected...

ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability

ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-150 April 29, 2011 -- CVE ID: CVE-2011-1734 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard --...

ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability

ZDI-11-146: HP Data Protector Backup Client Service EXECSCRIPT Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-146 April 29, 2011 -- CVE ID: CVE-2011-1730 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability

ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-149 April 29, 2011 -- CVE ID: CVE-2011-1733 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

[Onapsis Security Advisory 2011-006] Oracle JD Edwards JDENET Kernel Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-006: Oracle JD Edwards JDENET Kernel Denial of Service This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to...

[Onapsis Security Advisory 2011-008] Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-008: Oracle JD Edwards JDENET CallObjectKernel Remote Command Execution This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will...

Mozilla Foundation Security Advisory 2011-13

Mozilla Foundation Security Advisory 2011-13 Title: Multiple dangling pointer vulnerabilities Impact: Critical Announced: April 28, 2011 Reporter: regenrecht Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description Security researcher regenrecht reported...

Mozilla Foundation Security Advisory 2011-16

Mozilla Foundation Security Advisory 2011-16 Title: Directory traversal in resource: protocol Impact: Moderate Announced: April 28, 2011 Reporter: Soroush Dalili Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 Thunderbird 3.1.10 SeaMonkey 2.0.14 Description...

Mozilla Foundation Security Advisory 2011-14

Mozilla Foundation Security Advisory 2011-14 Title: Information stealing via form history Impact: Moderate Announced: April 28, 2011 Reporter: Paul Stone Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description Security researcher Paul Stone reported that ...

Mozilla Foundation Security Advisory 2011-15

Mozilla Foundation Security Advisory 2011-15 Title: Escalation of privilege through Java Embedding Plugin Impact: Critical Announced: April 28, 2011 Reporter: David Remahl Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description David Remahl of Apple Produ...

Mozilla Foundation Security Advisory 2011-18

Mozilla Foundation Security Advisory 2011-18 Title: XSLT generate-id function heap address leak Impact: Low Announced: April 28, 2011 Reporter: Chris Evans Products: Firefox, SeaMonkey Fixed in: Firefox 4.0.1 Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description Chris Evans of the Chrome...

[Onapsis Security Advisory 2011-011] Oracle JD Edwards JDENET Buffer Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2011-011: Oracle JD Edwards JDENET Buffer Overflow This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

Asterisk security vulnerabilities

Privilege escalation DoS via resources exhaustion...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

CA Arcot WebFort Versatile Authentication Server security vulnerabilities

Crossite scripting, request spoofing...

rsync memory corruption

Memory corruption on server reply parsing...

HP OpenView Storage Data Protector code execution

No description provided...

NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write

LibAVCodec AMV Out of Array Write 27/04/2011 Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect...

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager Document ID: 112878 Advisory ID: cisco-sa-20110427-cucm Revision 1.0 For Public Release 2011 April 27 1600 UTC GMT...

NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write

LibAVCodec AMV Out of Array Write 27/04/2011 Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect...

Code Execution в WordPress 2.5 - 3.1.1

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Code Execution уязвимости в WordPress. Возможна Code Execution WASC-31 атака в WordPress через аплоадер. Атака может быть проведена пользователями с правами Author, Editor и Administrator. В WordPress 2.5 - 2.8.4 можно загружать php скрипти 1.php ...

NGS00068 Patch Notification: LibAVCodec AMV Out of Array Write

LibAVCodec AMV Out of Array Write 27/04/2011 Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect...

[security bulletin] HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02781143 Version: 1 HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as...

XSS in Webmin 1.540 + exploit for privilege escalation

Information -------------------- Name : XSS vulnerability in Webmin Software : All versions prior to and including 1.540 are affected. Vendor Hompeage : http://www.webmin.com Vulnerability Type : Cross-Site Scripting Severity : Medium Researcher : Javier Bassi javierbassi at gmail dot com...

AST-2011-005: File Descriptor Resource Exhaustion

Asterisk Project Security Advisory - AST-2011-005 Product Asterisk Summary File Descriptor Resource Exhaustion Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated TCP Based Sessions TCP SIP, Skinny, Asterisk Manager Interface, and HTTP sessions Severity Moderate Exploits...

CA20110426-01: Security Notice for CA Arcot WebFort Versatile Authentication Server

-----BEGIN PGP SIGNED MESSAGE----- CA20110426-01: Security Notice for CA Arcot WebFort Versatile Authentication Server Issued: April 26, 2011 CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist...

HP System Management Homepage multiple security vulnerabilities

Crossite scripting, code execution, DoS...

Microsoft fixed SMB NTLM relay attacks

Microsoft fixed NTLM proxing vulnerability: credentials used for one services could be forwardedto different one. Attack is known for many years as NTLM weakness...

Kaspersky administration Kit SMB relaying attack

Network is automatically scanned and hosts found are automatically connected via SMB with administrative permissions, making it possible SMB relaying attack...

HP Insight Control multiple security vulnerabilities

Privilege escalation, code execution, information leakage, DoS...

HP Proliant Support Pack multiple security vulneraebilities

Crossite scripting, information leakage...

Re: [DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay

It was closed only for relayng to the same host but it is imposible to close relayng on another host which run processes st the same account. And also smbrelay patch did not work on clusters http://dsecrg.blogspot.com/2011/01/passthehash-bible-1-attacking.html...

XSS in Webmin 1.540 + exploit for privilege escalation

Information -------------------- Name : XSS vulnerability in Webmin Software : All versions prior to and including 1.540 are affected. Vendor Hompeage : http://www.webmin.com Vulnerability Type : Cross-Site Scripting Severity : Medium Researcher : Javier Bassi javierbassi at gmail dot com...

HP Network Automation information leakage

No description provided...

[security bulletin] HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux (IC-Linux), Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information Disclosure, Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02794777 Version: 1 HPSBMA02658 SSRT100413 rev.1 - Insight Control for Linux IC-Linux, Remote Unauthorized Elevation of Privilege, Execution of Arbitrary Code, Encryption Downgrade, Information...

HTB22953: XSS in Max's PHP Photo Album

Vulnerability ID: HTB22953 Reference: http://www.htbridge.ch/advisory/xssinmaxsphpphotoalbum.html Product: Max's PHP Photo Album Vendor: http://www.phpf1.com http://www.phpf1.com Vulnerable Version: 2008-04-01 Vendor Notification: 12 April 2011 Vulnerability Type: XSS Cross Site Scripting Risk...

[security bulletin] HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02735590 Version: 1 HPSBMA02661 SSRT100408 rev.1 - HP Proliant Support Pack PSP Running on Linux and Windows, Remote Cross Site Scripting XSS, URL Redirection, Information Disclosure NOTICE: The...

Уязвимости во многих темах и компонентвх для Joomla

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях во многих темах и компонентах для Joomla. Подобно уязвимостям во многих темах для WordPress, Drupal и ExpressionEngine, также уязвимыми являются...

[security bulletin] HPSBMA02667 SSRT100464 rev.1 - HP SiteScope, Cross Site Scripting (XSS) and HTML Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Document ID: c02807712 Version: 1 HPSBMA02667 SSRT100464 rev.1 - HP SiteScope, Cross Site Scripting XSS and HTML Injection NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2011-04-21 Last Update...

[security bulletin] HPSBMA02662 SSRT100409 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, Denial of Service (DoS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02735910 Version: 1 HPSBMA02662 SSRT100409 rev.1 - HP System Management Homepage SMH for Linux and Windows, Remote Unauthorized Access, Execution of Arbitrary Code, Denial of Service DoS NOTICE:...

HTB22948: Path disclosure in Cotonti

Vulnerability ID: HTB22948 Reference: http://www.htbridge.ch/advisory/pathdisclosureincotonti.html Product: Cotonti Vendor: Cotonti Team http://www.cotonti.com/ Vulnerable Version: Siena 0.9.0 Vendor Notification: 12 April 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech...

[security bulletin] HPSBMA02666 SSRT100434 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02789514 Version: 1 HPSBMA02666 SSRT100434 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Information Disclosure NOTICE: The information in this Security Bulletin...

AST-2011-006: Asterisk Manager User Shell Access

Asterisk Project Security Advisory - AST-2011-006 Product Asterisk Summary Asterisk Manager User Shell Access Nature of Advisory Permission Escalation Susceptibility Remote Authenticated Sessions Severity Minor Exploits Known Yes Reported On February 10, 2011 Reported By Mark Murawski markm AT...

HTB22954: Path disclousure in yappa-ng Photo Gallery

Vulnerability ID: HTB22954 Reference: http://www.htbridge.ch/advisory/pathdisclousureinyappangphotogallery.html Product: yappa-ng Photo Gallery Vendor: http://www.zirkon.at/ http://www.zirkon.at/ Vulnerable Version: 2.3.2 Vendor Notification: 12 April 2011 Vulnerability Type: Path disclousure Ris...

HTB22951: XSS in WP-Ajax-Recent-Posts wordpress plugin

Vulnerability ID: HTB22951 Reference: http://www.htbridge.ch/advisory/xssinwpajaxrecentpostswordpressplugin.html Product: WP-Ajax-Recent-Posts wordpress plugin Vendor: QiQiBoY http://www.qiqiboy.com/ Vulnerable Version: 1.0.1 Vendor Notification: 12 April 2011 Vulnerability Type: XSS Cross Site...

[DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay

Digital Security Research Group DSecRG Advisory DSECRG-11-018 Application: Kaspersky Administration Kit Versions Affected: from 6.0 Vendor URL: http://www.kaspersky.com Bug: Design flaw Exploits: YES Reported: 22.01.2011 Vendor response: 22.01.2011 Solution: disable IP scan Date of Public Advisor...

HTB22955: Path disclosure in BuddyPress WordPress plugin

Vulnerability ID: HTB22955 Reference: http://www.htbridge.ch/advisory/pathdisclosureinbuddypresswordpressplugin.html Product: BuddyPress Vendor: BuddyPress http://buddypress.org/ Vulnerable Version: 1.2.8 Vendor Notification: 12 April 2011 Vulnerability Type: Path disclosure Risk level: Low Credi...

Re: [DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay

It was closed only for relayng to the same host but it is imposible to close relayng on another host which run processes st the same account. And also smbrelay patch did not work on clusters http://dsecrg.blogspot.com/2011/01/passthehash-bible-1-attacking.html...

HTB22952: XSS vulnerabilities in Noah's Classifieds

Vulnerability ID: HTB22952 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinnoahsclassifieds.html Product: Noah's Classifieds Vendor: Noah's Classifieds http://www.noahsclassifieds.org/ Vulnerable Version: 5.0.4 and probably prior versions Vendor Notification: 12 April 2011...

HTB22957: XSRF (CSRF) in phpList

Vulnerability ID: HTB22957 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphplist.html Product: phpList Vendor: Tincan Ltd http://www.phplist.com/ Vulnerable Version: 2.10.13 and probably prior versions Vendor Notification: 12 April 2011 Vulnerability Type: CSRF Cross-Site Request Forgery...