what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2012-09-25

WordPress Archin Cross Site Scripting
Posted Sep 25, 2012
Authored by DigiP | Site attack-scanner.com

The Archin WordPress theme suffers from cross site scripting and various handling vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 79feda0b7bd00e685a77a7bcc11ae8076e0fd00fde04b69a0ff51a66722cf77e
HP ALM Remote Code Execution
Posted Sep 25, 2012
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability within the XGO.ocx ActiveX Control installed with the HP Application Lifecycle Manager Client. The vulnerability exists in the SetShapeNodeType method, which allows the user to specify memory that will be used as an object, through the node parameter. It allows to control the dereference and use of a function pointer. This Metasploit module has been successfully tested with HP Application Lifecycle Manager 11.50 and requires JRE 6 in order to bypass DEP and ASLR.

tags | exploit, activex
advisories | OSVDB-85152
SHA-256 | ec3a92a54d30ec8115475aa2f9d8a0f18702ad62a555db9aaf6b1450a030cada
Auxilium RateMyPet Arbitrary File Upload
Posted Sep 25, 2012
Authored by sinn3r, DaOne | Site metasploit.com

This Metasploit module exploits a vulnerability found in Auxilium RateMyPet's. The site banner uploading feature can be abused to upload an arbitrary file to the web server, which is accessible in the 'banner' directory, thus allowing remote code execution.

tags | exploit, remote, web, arbitrary, code execution
advisories | OSVDB-85554
SHA-256 | a7035c9bcda8b50beee473cbedd67c5154d287ee3c5a962c820f3de3648682e5
Gentoo Linux Security Advisory 201209-10
Posted Sep 25, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-10 - A buffer overflow vulnerability in Calligra could result in the execution of arbitrary code. Versions less than 2.4.3-r1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-3456
SHA-256 | 5decd8ff65fe8a1b1527e651245de456fed8b6ea20110d38879f7fc56c0aa012
Gentoo Linux Security Advisory 201209-09
Posted Sep 25, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-9 - A vulnerability has been found in Atheme which may lead to Denial of Service or a bypass of security restrictions. Versions less than 6.0.10 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2012-1576
SHA-256 | d094346e88952898b40a9e5b3d85bc12e1ea79a3936694eb8cf26a2d4330cf5e
Thomson SpeedTouch ST780 Insecure SSL Connection
Posted Sep 25, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Thomson SpeedTouch ST780, by design, has mixed content in the DOM during an SSL encapsulated session.

tags | advisory
SHA-256 | 9f6490ea623fbe7b601d57d1e4cd0577e84849f09b056198d080aee040e37ad6
Stoneast SQL Injection
Posted Sep 25, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites powered by Stoneast suffer from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | fcb9049bb0be6dc14b6d0be1d5698d8cd3d24bbc7d027d589fba10bef8c93e78
Yet Another Oracle Java Vulnerability
Posted Sep 25, 2012
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations has announced that they have discovered yet another sandbox bypass of Oracle Java and have reported little in the way of details until the vendor fixes the issue. It currently affects all versions of Java. It's probably best to just keep Java off in your browser for now.

tags | advisory, java
SHA-256 | 37fdc8d80a0b4d0df3960ac7a955595a2cb6e9d1152e90d378fc9a7f71ec1745
Gentoo Linux Security Advisory 201209-08
Posted Sep 25, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-8 - A vulnerability in SquidClamav may result in Denial of Service. Versions less than 6.8 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2012-3501
SHA-256 | d70186bbdef09eaafa4a75996caa16abe3d0c445446747c67f8c21eb0c635815
Gentoo Linux Security Advisory 201209-07
Posted Sep 25, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-7 - A buffer overflow in International Components for Unicode could result in execution of arbitrary code or Denial of Service. Versions less than 49.1.1-r1 are affected.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2011-4599
SHA-256 | a45c6de5880ee15eff807430f6579a8aebaf0bd37de177fb9d6c72f4d547f743
Wordpress Plugin Token Manager Cross Site Scripting
Posted Sep 25, 2012
Authored by the_cyber_nuxbie

Wordpress Plugin Token Manager suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d8b5aa91136d87d8690e965cca7c9c14444d8e47d614e655c71097afeb5cbc46
Secunia Security Advisory 50736
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for multiple JBoss Enterprise products. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 535960c7b95e78e7ce146861226ffa571fb5584f5da0faffbfd3bca1409f7246
Apple Security Advisory 2012-09-24-1
Posted Sep 25, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.

tags | advisory
systems | apple
advisories | CVE-2011-1167, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3026, CVE-2011-3048, CVE-2011-3328, CVE-2011-3919, CVE-2011-4599, CVE-2012-0682, CVE-2012-0683, CVE-2012-1173, CVE-2012-3589, CVE-2012-3590, CVE-2012-3591, CVE-2012-3592, CVE-2012-3678, CVE-2012-3679, CVE-2012-3722, CVE-2012-3725, CVE-2012-3726
SHA-256 | 8b08f2840773bcd43aa00f4439e1687a278652e1b463a125bb95947245e9cf9b
Guacamole 0.6.0 Buffer Overflow
Posted Sep 25, 2012
Authored by Timo Juhani Lindfors

Guacamole 0.6.0 contains a trivial buffer overflow vulnerability that allows connected users to execute code with the privileges of the guacd daemon. In the Debian distribution the guacd 0.6.0-1 daemon runs as root and allows connections from unauthenticated users. However, it fortunately only listens on localhost by default. Proof of concept code included.

tags | exploit, overflow, root, proof of concept
systems | linux, debian
advisories | CVE-2012-4415
SHA-256 | 21c45827b31f9112a4a0c027ff900505880422add95028ba0827c3398244682f
Dell Data Protection | Access (DDPA) Vulnerable Components
Posted Sep 25, 2012
Authored by Stefan Kanthak

The current version of Dell's Data Protection | Access (DDPA) software for Windows (Build 2.2.00003.008 from 2012-06-14, released August 2012) contains and installs several outdated, superfluous and vulnerable Windows system components as well as outdated and vulnerable 3rd party components and drivers.

tags | advisory
systems | windows
SHA-256 | 94bd37cd29972c65c66ecaa5cf64277fc3f8e5d39650d0466b7af17303cc6c54
Secunia Security Advisory 50742
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Wireshark included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | solaris
SHA-256 | bda25736ef19cf31a54f54b391b42af64b1f84498418942a94914304663d0217
Secunia Security Advisory 50749
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in International Components for Unicode (ICU) included in Solaris, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | solaris
SHA-256 | 80d2909cffe4a158eaa917aa5cbc60bb2ade2a63b03fd1afe5708ef191939a85
Secunia Security Advisory 50743
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in libsoup included in Solaris, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
systems | solaris
SHA-256 | 0ce9066620e9b3156f034b9383526917417dab10c65d096571d7b71a9e9d214e
Secunia Security Advisory 50752
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere MQ, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e3d7705bf5418baa802f1577042e5b174e7608145ce8363d26ec6ab3e57a42fc
Secunia Security Advisory 50703
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 64f282fcce247d168cf43523c6e7c462cbb7b203bcd1547e4e78eb506e8232e4
Secunia Security Advisory 50751
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Application Server for z/OS, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
SHA-256 | b21495aedd182388696fad75cd22ac29210eba1b3d2bcea72c4aeacf8a72a14e
Secunia Security Advisory 50747
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Firefox included in Solaris, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | solaris
SHA-256 | 36834c0fdca6793cdd8e4649a5a1364317cc09979309f7f5b1f2cd7f66feba30
Secunia Security Advisory 50750
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged a vulnerability in libexpat included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | solaris
SHA-256 | 41e964a3f2cc18859e3d2a8aab15cb4e77853837ed3435717c99d46092578187
Secunia Security Advisory 50722
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Token Manager plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | d762a6b55ccb1a967e5c90dd8e9f2c5c7aa0762ffb20d8c585f2fc1052ba770c
Secunia Security Advisory 50745
Posted Sep 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple weaknesses, security issues, and vulnerabilities in Apache Tomcat included in Solaris, which can be exploited by malicious, local users to bypass certain security restrictions and disclose sensitive information and by malicious people to bypass certain security restrictions, manipulate certain data, disclose sensitive information, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | solaris
SHA-256 | 3a486de1a735397008b4787464f6a4e4b6dde3461853de96773875c75e28fcbe
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close