what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2012-05-07 to 2012-05-08

Digital Whisper Electronic Magazine #31
Posted May 7, 2012
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 31. Written in Hebrew.

tags | magazine
SHA-256 | 12b4f095105ff4449b7bd0f89c86c37ea9bdd360637540bede3c6901a0a2599c
Red Hat Security Advisory 2012-0547-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0547-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration using the PHP module for Apache httpd to handle PHP scripts.

tags | advisory, remote, web, arbitrary, cgi, php, code execution
systems | linux, redhat
advisories | CVE-2012-1823
SHA-256 | cf433296092f3f1e23f59cf22f40a5f23112bca55e0461faaf2d616f4aaf07bb
Red Hat Security Advisory 2012-0546-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0546-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially-crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. Red Hat is aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration in Red Hat Enterprise Linux 5 and 6 using the PHP module for Apache httpd to handle PHP scripts.

tags | advisory, remote, web, arbitrary, cgi, php, code execution
systems | linux, redhat
advisories | CVE-2012-1823
SHA-256 | 370b85d0ff129582e77ad077b5afa1a0ec4a18b11acbece33fd34bbf9776cf74
Red Hat Security Advisory 2012-0544-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0544-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.

tags | advisory, denial of service, arbitrary
systems | linux, redhat
advisories | CVE-2010-4167, CVE-2012-0247, CVE-2012-0248, CVE-2012-0259, CVE-2012-0260, CVE-2012-1798
SHA-256 | 8de65be2fccd90aeb21230e00496bc38147f8f63da19d99fc78529caa13f8c0a
Red Hat Security Advisory 2012-0545-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0545-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop.

tags | advisory, denial of service, arbitrary
systems | linux, redhat
advisories | CVE-2012-0247, CVE-2012-0248, CVE-2012-0260
SHA-256 | 486fac7c70f5900ea4b2003350cc49df5a6f5ae8814ef2b537c4e6f0534d688d
Red Hat Security Advisory 2012-0542-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0542-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 8b3987f6e40fef85052bc1517ccdd155b8785e42c315e04f9e426c3eaf558929
Red Hat Security Advisory 2012-0543-01
Posted May 7, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0543-01 - The Apache HTTP Server is the namesake project of The Apache Software Foundation. It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-3348, CVE-2011-3368, CVE-2011-3607, CVE-2012-0021, CVE-2012-0031, CVE-2012-0053
SHA-256 | 376715e8712ee30354e348ebd39de77f32d1502ee20f1d7c87fee06fdef8376b
Ubuntu Security Notice USN-1439-1
Posted May 7, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1439-1 - Matthias Weckbecker discovered a cross-site scripting (XSS) vulnerability in Horizon via the log viewer refresh mechanism. If a user were tricked into viewing a specially crafted log message, a remote attacker could exploit this to modify the contents or steal confidential data within the same domain. Thomas Biege discovered a session fixation vulnerability in Horizon. An attacker could exploit this to potentially allow access to unauthorized information and capabilities. Various other issues were also addressed.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2012-2094, CVE-2012-2144, CVE-2012-2094, CVE-2012-2144
SHA-256 | 7b70699a65f9988c4c343caffced00dfe13277d783584ab531944622f4ea9fba
NeXus Infotech CMS SQL Injection
Posted May 7, 2012
Authored by gr00ve_hack3r

NeXus Infotech CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4102261f67b9adfce3df3dee981d8a33cea52eb43a006ebb120b0efd590aa460
Jibberbook 2.3 Administrative Bypass
Posted May 7, 2012
Authored by L3b-r1'z

Jibberbook version 2.3 suffers from an administrative bypass vulnerability.

tags | exploit, bypass
SHA-256 | b5b53e60f590f445c7ae12ebaa132d6dde7e0ddd3bbcac6745422c617c736ba3
Efront 3.6.11 Cross Site Scripting / Shell Upload
Posted May 7, 2012
Authored by L3b-r1'z

Efront version 3.6.11 suffers from cross site scripting and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, xss
SHA-256 | 5c179156a4a5a17ecc6bdbcb3aafd189cc11707ca9c531ac8383372e7c32213f
Ramui Forum Script Cross Site Scripting
Posted May 7, 2012
Authored by 3spi0n

Ramui Forum Script suffers from a cross site scripting vulnerability. The webmaster of this site has contacted us and has addressed this issue.

tags | exploit, xss
SHA-256 | bb143f148ba5864fdc8665fdc8e1b51a1816c3792af5e9cdadbd6943fa22317f
EnjoyGraph Communication SQL Injection
Posted May 7, 2012
Authored by Kalashinkov3

EnjoyGraph Communication suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6b9ac68af3f32ce61afad6dbf35317febde56226f530b7613dfc2b0fb9f157d5
Etelligence Technologies SQL Injection
Posted May 7, 2012
Authored by Kalashinkov3

Etelligence Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c7af7077b26e61cce25b85e49175127640962d67a4623489e617eaa5bbec4d7d
Magnolia Development Group CSRF / SQL Injection
Posted May 7, 2012
Authored by Kalashinkov3

Magnolia Development Group suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
SHA-256 | 0dddd55b632c330921a6380014bf5672a8699881752fd31e21554b069d0bbdd0
NetcatPHPShell 1.10
Posted May 7, 2012
Authored by Mr.H4rD3n

NetcatPHPShell is a PHP backdoor that can be leveraged to launch a connect-back shell.

tags | tool, shell, php, rootkit
systems | unix
SHA-256 | abba3db5d6d8d109c7a47018d57d39b218beaabd3f5704fd0bd207157668d4bd
Secunia Security Advisory 49039
Posted May 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Apple Mac OS X, which can be exploited by malicious people with physical access to bypass certain security restrictions.

tags | advisory
systems | apple, osx
SHA-256 | 7b21a6825ba0b9d231379812ac4eb8b4c8d2963a6ce879600d4c6b410870ea81
Secunia Security Advisory 49064
Posted May 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Symantec Web Gateway, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
SHA-256 | 6552805b175da258feff2164c2dc08bf2138f9bb86901753d358a5788c75b1ab
Secunia Security Advisory 49024
Posted May 7, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in OpenStack Dashboard (Horizon), which can be exploited by malicious users to conduct session fixation attacks.

tags | advisory
SHA-256 | d3044d91166f37ce85dbf9a0770fb1b7e30f0500b02a307bf0f186aa0a42ac80
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close