what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 48 RSS Feed

Files Date: 2011-08-25

Slackware Security Advisory - PHP Updates
Posted Aug 25, 2011
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2011-1148, CVE-2011-1938, CVE-2011-2202, CVE-2011-2483
SHA-256 | b704efd34fea020dfef8a9b9848cf0433a54a6adea560c6b21f2008b64fa9306
Dissecting Java Server Faces For Penetration Testing
Posted Aug 25, 2011
Authored by Aditya K Sood, Krishna Raja

Whitepaper called Dissecting Java Server Faces for Penetration Testing. This paper is divided into two parts. In the first part, they discuss the internals of JSF, a Java based web application framework and its inherent security model. In the second part, they discuss about the security weaknesses and applied security features in the JSF. In addition, they also raise a flag on the security issues present in JSF in order to conduct effective penetration testing.

tags | paper, java, web
SHA-256 | bb2851a7d694bdfdc081c72877ac631b96b1d0fc6f302e1493882794b986f6d1
RSA enVision Credential Disclosure / File Retrieval
Posted Aug 25, 2011
Site emc.com

RSA, the security division of EMC, announces security fixes to address two security vulnerabilities in RSA enVision. These include arbitrary file retrieval and credentials being mailed in the clear.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2011-2736, CVE-2011-2737
SHA-256 | 21733d753cf541d05c9bdb1f1335a9efc8d4ec5ead044111b3d8aaaab1ffcf89
GLPI 0.80.1 Database Information Disclosure
Posted Aug 25, 2011
Authored by Yuri Goltsev | Site ptsecurity.com

GLPI versions 0.80.1 and below suffer from a database information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | 5eed314db85dc74bd217874b0c50d69d31f0f589c508750bace80938534ca81f
WordPress SendIt 1.5.9 Blind SQL Injection
Posted Aug 25, 2011
Authored by evilsocket

WordPress SendIt plugin versions 1.5.9 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7106e3bbbc0f0a17bb69813ffc8c3ed81a8b43adfde17b2f5ade3a8ee682330b
Demystifying The Android Malware
Posted Aug 25, 2011
Authored by Dinesh Shetty

Whitepaper called Demystifying the Android Malware. It dives into various phases to discuss the hows and whys behind malware implementation for Android.

tags | paper
SHA-256 | ad9e4c33e888d2a10ee1d2ca15fbe4ebac9bb71fc66331e213a36b8563c018b5
Studiomenozzi SQL Injection
Posted Aug 25, 2011
Authored by Ehsan_Hp200

Studiomenozzi suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e2e3878a7699b0bf0fab22d8b32868d3347e3d5e5073e7c9b51901cda7c29621
Ninuz SQL Injection
Posted Aug 25, 2011
Authored by Ehsan_Hp200

Ninuz suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bc6d012e5c1d60b0ec9f1046ed573709c4619cd86100d5df4f666e8f2d6069b6
Arya Web SQL Injection
Posted Aug 25, 2011
Authored by CR9

Arya Web suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 5772c0532f7af420f6af95ca64a90c64f0cb8f73f48dff2dbb9f3d6a85a4f42b
NetSaro Enterprise Messenger Server Code Disclosure
Posted Aug 25, 2011
Authored by Rob Kraus | Site solutionary.com

A vulnerability exists in the NetSaro Enterprise Messenger Server Administration Console allowing a remote attacker to obtain unauthenticated access to the applications source code. Attackers may make HTTP GET requests and append a Null Byte to allow download of the source code for the applications web pages. An attacker does not need to authenticate to obtain access to source code for pages that usually require authentication prior to viewing.

tags | advisory, remote, web
SHA-256 | 1231ae3590ce9f439d6b83bc44f312d176de967ea3fd246651485e8e72f9d537
Microsoft Report Viewer Cross Site Scripting
Posted Aug 25, 2011
Authored by Adam Bixby | Site gdssecurity.com

Microsoft Report Viewer controls suffer from a cross site scripting vulnerability. Microsoft Report Viewer Redistributable 2005 SP1 and Microsoft Visual Studio 2005 Service Pack 1 are affected.

tags | exploit, xss
advisories | CVE-2011-1976
SHA-256 | 4d9788bddcd51301180727fdb8f1bfb7d0282f2267bc50035868014db7f5b3e7
LedgerSMB 1.2.24 SQL Injection
Posted Aug 25, 2011
Authored by Chris Travers

The LedgerSMB development team has found an SQL injection issue in LedgerSMB version 1.2.24. Because this issue stems from their common SQL-Ledger heritage, it affects all versions of LedgerSMB and has been confirmed in SQL-Ledger version 2.8.33.

tags | advisory, sql injection
SHA-256 | d46a40d761ab4f653c338833304f4974937256b45896dba52e8970d226b6ce1c
Lumension Device Control Memory Corruption
Posted Aug 25, 2011
Authored by Andy Davis | Site ngssecure.com

Lumension Device Control (formerly Sanctuary) version 4.4 SR6 suffers from a remote memory corruption vulnerability.

tags | exploit, remote
SHA-256 | c57ef1704cb0c41b6705165642f98b7d6449b19cbe982463e50749ab3173be60
Zazavi 1.2.1 Cross Site Request Forgery / Shell Upload
Posted Aug 25, 2011
Authored by KedAns-Dz

Zazavi versions 1.2.1 and below suffer from cross site request forgery and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, csrf
SHA-256 | efc0457b3c527d10101324b43740b9416fa5f5c1b0f2473292acd3a5160b1f47
SmartCMS Cross Site Scripting
Posted Aug 25, 2011
Authored by Sony

SmartCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 72b51cc5ee1af6fcd43e3eb3cecfbb596d54706bd14bba01df086d4331da7384
Apache HTTPd Range Header Denial Of Service
Posted Aug 25, 2011
Site apache.org

A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by the Apache HTTPd server. Both the 1.3 and 2.x releases are affected. An attack tool is circulating in the wild. Active use of this tool has been observed. The attack can be done remotely and with a modest number of requests can cause very significant memory and CPU usage on the server.

tags | advisory, denial of service
advisories | CVE-2011-3192
SHA-256 | a9690ce85ab38ad4c6cee06d55ad11d445eea51f1cdb17fcbcf5b56233597938
Secunia Security Advisory 45733
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Rational ClearCase / ClearQuest, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | f689b815bb19801e01331128320dd168c381c78360367037b2a583098f264f7e
Secunia Security Advisory 45692
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - MustLive has discovered two vulnerabilities in neolao FLV Player Multi / Maxi, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | a67b6e25f69a29517cc95cc007b863dfa9a13aa9021dbfda51a6d6a9b7e4c109
Secunia Security Advisory 45727
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache Wicket, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 77917786ac8d670b1955d48a208120a0a4b8c00d4822d79141d64e428f81c2ed
Secunia Security Advisory 45726
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Citrix Access Gateway, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2c063a72930cf9f627aeebba359665be95b2bf3a97767ae9493c5b20b80060cc
Secunia Security Advisory 45769
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in VicBlog, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 25b2c10661d9dbc640fdf707592272c4d66e4d0fedde2bd648bd4206f2bb8035
Secunia Security Advisory 45767
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CommodityRentals Books/eBooks Rentals Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | ae01f926b0c695817b4e2a6189b1b0462eb31b47d1f9252c91198b9e67face15
Secunia Security Advisory 45782
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Redirection plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 412f9d361e731ab5b2e205b00f2e0794f8472d9544b8ec30f36413eb637fc2fd
Secunia Security Advisory 45725
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the WordPress-Amazon-Associate plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 155ffa0806a5c5f715e065d2ebc348ed6321a229f4dc5082c949077cfd1b8567
Secunia Security Advisory 45773
Posted Aug 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 594154926efe0e8b2c8a242becae22d9d1aa2f0a809662a973da6713f137e7e8
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close