47153 matches found
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
GNOME Desktop Manager privilege escalation
root privileges are not dropped on files access...
Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Secure Access Control System Unauthorized Password Change Vulnerability Advisory ID: cisco-sa-20110330-acs Revision 1.0 For Public Release 2011 March 30 1600 UTC GMT...
[ MDVSA-2011:055 ] openldap
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:055 http://www.mandriva.com/security/ Package : openldap Date : March 30, 2011 Affected: 2009.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been identified and fixed in openldap:...
Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability Advisory ID: cisco-sa-20110330-nac Revison 1.0 For Public Release 2011 March 30 1600 UTC GMT...
Solaris 10 Port Stealing Vulnerability
I reported this to Oracle, but I have been told that this is part of the BSD standard and a desire feature !. In a nutshell, as an ordinary user, I can bind to a port using a specific address even if another process is already bound to it with a wildcard address. This makes it very easy for an...
HTB22908: XSRF (CSRF) in Collabtive
Vulnerability ID: HTB22908 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincollabtive.html Product: Collabtive Vendor: Open Dynamics http://collabtive.o-dyn.de/ Vulnerable Version: 0.6.5 and probably prior versions Vendor Notification: 17 March 2011 Vulnerability Type: CSRF Cross-Site Reques...
BSD systems / Solaris port hijacking
User can open port with specified interface address if it's already open by another application without interface address...
VMSA-2011-0006 VMware vmrun utility local privilege escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ VMware Security Advisory Advisory ID: VMSA-2011-0006 Synopsis: VMware vmrun utility local privilege escalation Issue date: 2011-03-29 Updated on: 2011-03-29 initial release of...
VMware privilege escalation
It's possible to elevate privileges via shared library spoofing...
"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path
"WESPA PHP Newsletter v3.0" Remote Admin Password Change With install path Author: alieye class : remote E-mail: [email protected] greetz: C.S.Eye Security Team members We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com...
HTB22904: Path disclosure in bbPress
Vulnerability ID: HTB22904 Reference: http://www.htbridge.ch/advisory/pathdisclosureinbbpress.html Product: bbPress Vendor: http://bbpress.org http://bbpress.org Vulnerable Version: 1.0.3 Vendor Notification: 15 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech Brid...
Unidesk ReportingService Forceful Browsing Vulnerability
------------------------------------------------------------------ 1. Summary: Unidesk management appliance is prone to a forceful browsing vulnerability that allows an attacker access to administrator resources. ------------------------------------------------------------------ 2. Description: T...
ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability
ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-113 March 28, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Zend -- Affected Products: Zend Zend Server -- TippingPointTM IPS Customer...
SimplisCMS 1.0.3.0 Remote File Disclosure Vulnerability
Exploit Title: SimplisCMS 1.0.3.0 Remote File Disclosure Vulnerability home : http://www.D99Y.com Date: 27/3/2011 Author: NassRawI Software Link: http://modcove.com/index.php Demo : http://modcove.com/index.php?page=demo Version: 1.0.3.0 file : simpliscms/admin/index.php exploit :...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
HTB22905: Path disclosure in Wordpress
Vulnerability ID: HTB22905 Reference: http://www.htbridge.ch/advisory/pathdisclosureinwordpress.html Product: Wordpress Vendor: http://wordpress.org/ http://wordpress.org/ Vulnerable Version: 3.1 Vendor Notification: 15 March 2011 Vulnerability Type: Path disclosure Status: Not Fixed Risk level:...
[SECURITY] [DSA 2204-1] imp4 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2204-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 27, 2011 http://www.debian.org/security/faq -...
XSS, SQL Injection и SQL DB Structure Extraction уязвимости в Cetera eCommerce
Здравствуйте 3APA3A! Сообщаю вам о найденных мною новых Cross-Site Scripting, SQL Injection и SQL DB Structure Extraction уязвимостях в Cetera eCommerce. XSS WASC-08 также работают в версии 15.0: http://site/catalog/3Cscript3Ealertdocument.cookie3C/script3E/...
SimplisCMS 1.0.3.0 SQL injection / Cross Site Scripting
Exploit Title: SimplisCMS 1.0.3.0 SQL injection / Cross Site Scripting home : http://www.D99Y.com Date: 27/3/2011 Author: NassRawI Software Link: http://modcove.com/index.php Demo : http://modcove.com/index.php?page=demo Version: 1.0.3.0 1 SQL injection http://localhost/simpliscms/admin/index.php...
Zend Server code execution
It's possible to execute user-supplied code via Java Bridge TCP/10001 service...
HTB22903: XSS in Spitfire CMS
Vulnerability ID: HTB22903 Reference: http://www.htbridge.ch/advisory/xssinspitfirecms.html Product: Spitfire CMS Vendor: Spitfire http://spitfire.clausmuus.de/ Vulnerable Version: 1.0.436 Vendor Notification: 15 March 2011 Vulnerability Type: XSS Risk level: Medium Credit: High-Tech Bridge SA -...
TSSA-2011-01 xpdf : multiple vulnerabilities allow remote code execution
--------------------------------------------------------------------------- xpdf : multiple vulnerabilities in t1lib allow arbitrary remote code execution - --------------------------------------------------------------------------- - -- Vulnerability Summary: Date Published: 28/03/2011 Last...
Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003
Sense of Security - Security Advisory - SOS-11-003 Release Date. 28-Mar-2011 Last Update. - Vendor Notification Date. 25-Mar-2011 Product. Wordpress Plugin BackWPup Platform. Independent Affected versions. 1.6.1 verified, possibly others Severity Rating. High Impact. System Access Attack Vector...
HP Diagnostics crossite scripting
No description provided...
[security bulletin] HPSBMA02649 SSRT100430 rev.1 - HP Diagnostics, Remote Cross Site Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02770512 Version: 1 HPSBMA02649 SSRT100430 rev.1 - HP Diagnostics, Remote Cross Site Scripting XSS NOTICE: The information in this Security Bulletin should be acted upon as soon as possible...
[AntiSnatchOr] OpenCMS <= 7.5.3 multiple vulnerabilities
OpenCMS = 7.5.3 multiple vulnerabilities Name: OpenCMS = 7.5.3 multiple vulnerabilities Systems Affected: OpenCMS = 7.5.3 Severity: High Vendor: http://www.opencms.org Advisory: http://antisnatchor.com/opencms7.5.3multiplevulnerabilities Author: Michele "antisnatchor" Orru michele.orru AT...
Comodo issued fraudlent certificates
login.live.com, mail.google.com, www.google.com, login.yahoo.com, login.skype.com, addons.mozilla.org "Global Trustee" certificates were issued to untrusted third party...
[SECURITY] [DSA 2203-1] nss security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2203-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 26, 2011 http://www.debian.org/security/faq -...
Cisco VPN privileges escalation
Privilege escalation via Dial-Up Networking interface...
ZDI-11-111: (0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability
ZDI-11-111: 0Day Hewlett-Packard Virtual SAN Appliance hydra.exe Login Request Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-111 March 23, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packa...
[SECURITY] [DSA 2202-1] apache2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2202-1 [email protected] http://www.debian.org/security/ Stefan Fritsch March 23, 2011 http://www.debian.org/security/faq -...
Parallels Plesk 7.0 - 8.2 | Open URL Redirection Vulnerability
Parallels Plesk 7.0 - 8.2 | Open URL Redirection Vulnerability 1. OVERVIEW The Plesk versions from 7.0 to 8.2 are vulnerable to Open URL Redirection when "Enable [email protected]" access format, a new feature introduced in Plesk 7.0, is enabled in user preferences. 2. BACKGROUND Parallels Plesk...
HTB22900: Multiple XSS vulnerabilities in SyndeoCMS
Vulnerability ID: HTB22900 Reference: http://www.htbridge.ch/advisory/multiplexssvulnerabilitiesinsyndeocms.html Product: SyndeoCMS Vendor: http://www.syndeocms.org/ http://www.syndeocms.org/ Vulnerable Version: 2.8.02 Vendor Notification: 10 March 2011 Vulnerability Type: XSS Cross Site Scriptin...
HTB22902: XSS in SyndeoCMS
Vulnerability ID: HTB22902 Reference: http://www.htbridge.ch/advisory/xssinsyndeocms.html Product: SyndeoCMS Vendor: http://www.syndeocms.org/ http://www.syndeocms.org/ Vulnerable Version: 2.8.02 Vendor Notification: 10 March 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium...
HTB22899: Path disclosure in SyndeoCMS
Vulnerability ID: HTB22899 Reference: http://www.htbridge.ch/advisory/pathdisclosureinsyndeocms.html Product: SyndeoCMS Vendor: http://www.syndeocms.org/ http://www.syndeocms.org/ Vulnerable Version: 2.8.02 Vendor Notification: 10 March 2011 Vulnerability Type: Path disclosure Risk level: Low...
Уязвимости в Artefact St. CMS
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Brute Force и Full path disclosure уязвимостях в системе Artefact St. CMS. Это украинская коммерческая CMS. XSS WASC-08: http://site/search/?s=3Cscript3Ealertdocument.cookie3C/script3E Brute Force WASC-11: http://site/admin/...
HTB22895: XSS vulnerability in Ripe website manager
Vulnerability ID: HTB22895 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinripewebsitemanager.html Product: Ripe website manager Vendor: Ripe website manager Team http://www.ripewebsitemanager.com/ Vulnerable Version: 1.1 and probably prior versions Vendor Notification: 10 March 2011...
Vulnerabilities in some SCADA server softwares
The following are almost all the vulnerabilities I found for a quick experiment some months ago in certain well known server-side SCADA softwares still vulnerable in this moment. In case someone doesn't know SCADA like me before the tests: it's just one or more softwares usually a core, a graphic...
ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability
ZDI-11-112: 0 day Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-112 March 23, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packa...
ESA-2011-010: EMC Data Protection Advisor Collector arbitrary code execution with elevated privileges vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-010: EMC Data Protection Advisor Collector arbitrary code execution with elevated privileges vulnerability EMC Identifier: ESA-2011-010 CVE Identifier: CVE-2011-1420 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected...
SCADA service multiple security vulnerabilities
Large number of different vulnerabilities in factory sofware...
CORE-2011-0208: VLC Vulnerabilities handling .AMV and .NSV files
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ VLC Vulnerabilities handling .AMV and .NSV files 1. Advisory Information Title: VLC Vulnerabilities handling .AMV and .NSV files Advisory ID: CORE-2011-0208 Advisory URL:...
VLC media player security vulnerabilities
Buffer overflow on .AMV and .NSV parsing...
NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation
High Risk Vulnerability in Cisco VPN client Windows 64 bit 25 March 2011 Gavin Jones of NGS Secure has discovered a High risk vulnerability in the Cisco VPN client Windows 64 bit. Impact: Privilege Escalation Cisco has released a patch that addresses the issue. The announcement of this patch can ...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
HP Data Protector integer overflow
Data Protector Media Operations DBServer.exe TCP/19813integer overflow is unpatched for over 180 days...
HP Virtual SAN Appliance buffer overflow
Buffer overflow in hydra.exe TCP/13838 authentication is unpatched for 180 days...
Apache mpm_itk module privilege escalation
Under some conditions, request is processed with root privileged...
EMC Data Protection Advisor Collector weak security permissions
Weak permissions for executable files...