Remote: Yes
Local: No
Credit: Mike Cyr, aka h00die
Vulnerable: NASU2FW41 Loader 1.17
Not Vulnerable:
Discussion:
Addonics NAS Adapter Post-Auth DoS
Addonics NAS Adapter is prone to several post authentication buffer overflows.
Each of these buffer overflows will crash the entire TCP/I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01707538
Version: 1
HPSBMA02422 SSRT080146 rev.1 - HP StorageWorks Storage Mirroring, Remote
Execution of Arbitrary Code, Denial of Service (DoS), Unauthorized Access
NOTICE: The information i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01633084
Version: 1
HPSBMA02414 SSRT080185 rev.1 - HP Storage Essentials Running Secure NaviCLI,
Remote Unauthorized Access, Gain Extended Privileges
NOTICE: The information in this Security B
URL:
http://blog.zoller.lu/2009/04/release-mode-forced-release-vendor-has.html
Update : After the reaction from avast, it is now clear that all versions
and products are affected, however there is no plan to patch, the
patch will come or will not come - sometime in the future.
You are encou
Windows Update (as well as Microsoft Update and the Automatic Update)
installs an outdated (and from its manufacturer unsupported) Flash
Player ActiveX control on Windows XP.
Although this fact is nothing really new it but shows the lack of taking
care for security problems and in general the chu
*** Salvatore "drosophila" Fresta ***
[+] Application: creasito e-commerce content manager
[+] Version: 1.3.16
[+] Website: http://creasito.bloghosteria.com
[+] Bugs: [A] Authentication Bypass
[+] Exploitation: Remote
[+] Date: 20 Apr 2009
[+] Discovered by: Salvatore "drosophila" F
--
MULTIPLE REMOTE VULNERABILITIES FunGamez-release candidate 1
--
CMS INFORMATION:
-->WEB: http://sourceforge.net/projects/fg-gsm/
-->DOWNLOAD
_| _|_|_|_|_|_|_|
_| _|_|_|
_|_|_| _|_| By: gamr
_| _| _|_|
_| _| _|_|_|_|_|_|
# Header #
Product - Banner Student System by SunGard
Specific Page - http://www.EXAMPLE.com/PATH/twbkwbis.P_Secu
*** Salvatore "drosophila" Fresta ***
[+] Application: Multi-lingual E-Commerce System
[+] Version: 0.2
[+] Website: http://sourceforge.net/projects/mlecsphp/
[+] Bugs: [A] Local File Inclusion
[B] Information Disclosure
[C] Arbitrary File Upload
[+] Exploitation:
http://IP_ADDRESS:8080/administration.cgi";
name="senha" ENCTYPE="multipart/form-data">
document.senha.submit();
!vuln
Stronghold/2.3 Apache/1.2.6 C2NetUS/2007
Previous versions may also be affected.
===
---
CLAN TIGER CMS AUTH BYPASS LOGIN FORM (SQL INJECTION)
---
CMS INFORMATION:
-->WEB: http://www.clantiger.com
-->DOWNLOA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1775-1 secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
April 20, 2009
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-18
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200904-17
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
16 matches
Mail list logo