«
Expand/Collapse
153 items tagged "arbitrary files"
Related tags:
zero day [+],
directory traversal [+],
zero [+],
puppet [+],
initiative [+],
day [+],
ssrt [+],
server [+],
ryan lortie [+],
ricky zhou [+],
lortie [+],
hpsbma [+],
attackers [+],
activex [+],
user [+],
security restrictions [+],
potential security vulnerability [+],
gentoo linux security [+],
vulnerability [+],
file [+],
escalation [+],
web edition [+],
web [+],
vtiger crm [+],
vtiger [+],
vrt [+],
version 6 [+],
vanilla [+],
update [+],
spa [+],
security advisory [+],
securetransport [+],
secunia [+],
sap gui [+],
sap [+],
root privileges [+],
rhinos [+],
proof of concept [+],
pppd [+],
plus [+],
phpmychat [+],
performance [+],
oscss [+],
orangehrm [+],
openview [+],
openemr [+],
messenger version [+],
messenger [+],
manifests [+],
man in the middle attack [+],
malicious server [+],
local [+],
linux [+],
keys files [+],
jcow [+],
java class [+],
interphoto [+],
icq [+],
icona [+],
ice [+],
guestbook [+],
gpg signature [+],
getsimple [+],
gentoo [+],
forum version [+],
forum [+],
egroupware [+],
efront [+],
edition [+],
dolibarr [+],
dmrc [+],
directory [+],
digital [+],
defense [+],
david black [+],
crm [+],
control [+],
colin watson [+],
code execution [+],
bus interface [+],
black ice [+],
black [+],
batavi [+],
axway [+],
automated system [+],
arbitrary configuration [+],
application database [+],
angora [+],
alcatel lucent [+],
account [+],
ubuntu [+],
inclusion [+],
security [+],
wvdial [+],
war [+],
usb [+],
uploaded files [+],
upload [+],
unix extensions [+],
temporary files [+],
symlink attack [+],
symlink [+],
server versions [+],
server environment [+],
security bulletin [+],
sebastian krahmer [+],
modeswitch [+],
malicious users [+],
krahmer [+],
java applet [+],
hp power [+],
homebase [+],
filenames [+],
fence [+],
esa [+],
download [+],
directory traversal vulnerability [+],
deploymentfilerepository [+],
database environment [+],
attack [+],
article [+],
arbitrary data [+],
apc [+],
akamai [+],
notice [+],
txt [+],
security notice [+],
titanftp [+],
source ports [+],
setup wizard [+],
server version [+],
security vulnerabilities [+],
security issue [+],
research [+],
novell [+],
mdvsa [+],
mandriva linux [+],
mandriva [+],
lts [+],
linux security [+],
libvirt [+],
jeremy nickurak [+],
itf [+],
gain unauthorized access [+],
deletion [+],
dan rosenberg [+],
backing store [+],
arbitrary [+],
attacker [+],
usn [+],
arbitrary code [+]
-
-
18:44
»
Packet Storm Security Advisories
Ubuntu Security Notice 1399-2 - Ryan Lortie discovered that a guest session script bundled in the Light Display Manager package improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files.
-
18:44
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1399-2 - Ryan Lortie discovered that a guest session script bundled in the Light Display Manager package improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files.
-
18:44
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1399-2 - Ryan Lortie discovered that a guest session script bundled in the Light Display Manager package improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files.
-
18:43
»
Packet Storm Security Advisories
Ubuntu Security Notice 1399-1 - Ryan Lortie discovered that gdm-guest-session improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files.
-
18:43
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1399-1 - Ryan Lortie discovered that gdm-guest-session improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files.
-
18:43
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1399-1 - Ryan Lortie discovered that gdm-guest-session improperly cleaned out certain guest session files. A local attacker could use this issue to delete arbitrary files.
-
-
19:51
»
Packet Storm Security Advisories
Ubuntu Security Notice 1372-1 - It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions (typically root). It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. Various other issues were also addressed.
-
19:51
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1372-1 - It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions (typically root). It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. Various other issues were also addressed.
-
19:51
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1372-1 - It was discovered that Puppet did not drop privileges when executing commands as different users. If an attacker had control of the execution manifests or the executed command, this could be used to execute code with elevated group permissions (typically root). It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files and escalate privileges. Various other issues were also addressed.
-
-
18:34
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability in Icona SpA C6 Messenger version 1.0.0.1. The vulnerability is in the Downloader ActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.
-
18:34
»
Packet Storm Security Recent Files
This Metasploit module exploits a vulnerability in Icona SpA C6 Messenger version 1.0.0.1. The vulnerability is in the Downloader ActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.
-
18:34
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability in Icona SpA C6 Messenger version 1.0.0.1. The vulnerability is in the Downloader ActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.
-
-
20:15
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201201-11 - Insecure temporary file usage in Firewall Builder could allow attackers to overwrite arbitrary files. Versions less than 3.0.7 are affected.
-
20:15
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201201-11 - Insecure temporary file usage in Firewall Builder could allow attackers to overwrite arbitrary files. Versions less than 3.0.7 are affected.
-
20:15
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201201-11 - Insecure temporary file usage in Firewall Builder could allow attackers to overwrite arbitrary files. Versions less than 3.0.7 are affected.
-
-
15:46
»
Packet Storm Security Exploits
When using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
-
15:46
»
Packet Storm Security Recent Files
When using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
-
15:46
»
Packet Storm Security Misc. Files
When using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.
-
-
15:53
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-01 - This vulnerability allows remote attackers to remotely manipulate the application database and delete arbitrary files on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability.
-
15:53
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-01 - This vulnerability allows remote attackers to remotely manipulate the application database and delete arbitrary files on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability.
-
15:53
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-01 - This vulnerability allows remote attackers to remotely manipulate the application database and delete arbitrary files on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability.
-
-
11:56
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-354 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char truncation and directory traversal. Null injection and directory traversal can be used in the form data passed to \Inetpub\wwwroot\hpmpa\jobDelivery\Default.asp to remotely create arbitrary files.
-
11:56
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-354 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char truncation and directory traversal. Null injection and directory traversal can be used in the form data passed to \Inetpub\wwwroot\hpmpa\jobDelivery\Default.asp to remotely create arbitrary files.
-
11:56
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-354 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char truncation and directory traversal. Null injection and directory traversal can be used in the form data passed to \Inetpub\wwwroot\hpmpa\jobDelivery\Default.asp to remotely create arbitrary files.
-
11:42
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-352 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char truncation and directory traversal. Null injection and directory traversal can be used in the form data passed to MPAUploader.Uploader.1.UploadFiles() to remotely create arbitrary files.
-
11:42
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-352 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char truncation and directory traversal. Null injection and directory traversal can be used in the form data passed to MPAUploader.Uploader.1.UploadFiles() to remotely create arbitrary files.
-
11:42
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-352 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char truncation and directory traversal. Null injection and directory traversal can be used in the form data passed to MPAUploader.Uploader.1.UploadFiles() to remotely create arbitrary files.
-
-
16:17
»
Packet Storm Security Advisories
Ubuntu Security Notice 1284-1 - David Black discovered that Update Manager incorrectly extracted the downloaded upgrade tarball before verifying its GPG signature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to replace arbitrary files. David Black discovered that Update Manager created a temporary directory in an insecure fashion. A local attacker could possibly use this flaw to read the XAUTHORITY file of the user performing the upgrade. Various other issues were also addressed.
-
16:17
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1284-1 - David Black discovered that Update Manager incorrectly extracted the downloaded upgrade tarball before verifying its GPG signature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to replace arbitrary files. David Black discovered that Update Manager created a temporary directory in an insecure fashion. A local attacker could possibly use this flaw to read the XAUTHORITY file of the user performing the upgrade. Various other issues were also addressed.
-
16:17
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1284-1 - David Black discovered that Update Manager incorrectly extracted the downloaded upgrade tarball before verifying its GPG signature. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to replace arbitrary files. David Black discovered that Update Manager created a temporary directory in an insecure fashion. A local attacker could possibly use this flaw to read the XAUTHORITY file of the user performing the upgrade. Various other issues were also addressed.
-
-
20:39
»
Packet Storm Security Advisories
Ubuntu Security Notice 1262-1 - It was discovered that Light Display Manager incorrectly handled privileges when reading .dmrc files. A local attacker could exploit this issue to read arbitrary configuration files, bypassing intended permissions. It was discovered that Light Display Manager incorrectly handled links when adjusting permissions on .Xauthority files. A local attacker could exploit this issue to access arbitrary files, and possibly obtain increased privileges. In the default Ubuntu installation, this would be prevented by the Yama link restrictions. Various other issues were also addressed.
-
20:39
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1262-1 - It was discovered that Light Display Manager incorrectly handled privileges when reading .dmrc files. A local attacker could exploit this issue to read arbitrary configuration files, bypassing intended permissions. It was discovered that Light Display Manager incorrectly handled links when adjusting permissions on .Xauthority files. A local attacker could exploit this issue to access arbitrary files, and possibly obtain increased privileges. In the default Ubuntu installation, this would be prevented by the Yama link restrictions. Various other issues were also addressed.
-
20:39
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1262-1 - It was discovered that Light Display Manager incorrectly handled privileges when reading .dmrc files. A local attacker could exploit this issue to read arbitrary configuration files, bypassing intended permissions. It was discovered that Light Display Manager incorrectly handled links when adjusting permissions on .Xauthority files. A local attacker could exploit this issue to access arbitrary files, and possibly obtain increased privileges. In the default Ubuntu installation, this would be prevented by the Yama link restrictions. Various other issues were also addressed.
-
-
16:11
»
Packet Storm Security Advisories
Ubuntu Security Notice 1235-1 - Colin Watson discovered that iscsi_discovery in Open-iSCSI did not safely create temporary files. A local attacker could exploit this to to overwrite arbitrary files with root privileges.
-
16:11
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1235-1 - Colin Watson discovered that iscsi_discovery in Open-iSCSI did not safely create temporary files. A local attacker could exploit this to to overwrite arbitrary files with root privileges.
-
16:11
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1235-1 - Colin Watson discovered that iscsi_discovery in Open-iSCSI did not safely create temporary files. A local attacker could exploit this to to overwrite arbitrary files with root privileges.
-
-
18:54
»
Packet Storm Security Advisories
Ubuntu Security Notice 1223-2 - USN-1223-1 fixed vulnerabilities in Puppet. A regression was found on Ubuntu 10.04 LTS that caused permission denied errors when managing SSH authorized_keys files with Puppet. This update fixes the problem. It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. Ricky Zhou discovered that Puppet did not drop privileges when creating SSH authorized_keys files. A local attacker could exploit this to overwrite arbitrary files as root. It was discovered that Puppet used a predictable filename when using the --edit resource. A local attacker could exploit this to edit arbitrary files or run arbitrary code as the user invoking the program, typically root. Various other issues were also addressed.
-
18:54
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1223-2 - USN-1223-1 fixed vulnerabilities in Puppet. A regression was found on Ubuntu 10.04 LTS that caused permission denied errors when managing SSH authorized_keys files with Puppet. This update fixes the problem. It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. Ricky Zhou discovered that Puppet did not drop privileges when creating SSH authorized_keys files. A local attacker could exploit this to overwrite arbitrary files as root. It was discovered that Puppet used a predictable filename when using the --edit resource. A local attacker could exploit this to edit arbitrary files or run arbitrary code as the user invoking the program, typically root. Various other issues were also addressed.
-
18:54
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1223-2 - USN-1223-1 fixed vulnerabilities in Puppet. A regression was found on Ubuntu 10.04 LTS that caused permission denied errors when managing SSH authorized_keys files with Puppet. This update fixes the problem. It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. Ricky Zhou discovered that Puppet did not drop privileges when creating SSH authorized_keys files. A local attacker could exploit this to overwrite arbitrary files as root. It was discovered that Puppet used a predictable filename when using the --edit resource. A local attacker could exploit this to edit arbitrary files or run arbitrary code as the user invoking the program, typically root. Various other issues were also addressed.
-
-
11:18
»
Packet Storm Security Advisories
Ubuntu Security Notice 1223-1 - It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. Ricky Zhou discovered that Puppet did not drop privileges when creating SSH authorized_keys files. A local attacker could exploit this to overwrite arbitrary files as root. It was discovered that Puppet used a predictable filename when using the --edit resource. A local attacker could exploit this to edit arbitrary files or run arbitrary code as the user invoking the program, typically root. Various other issues were also addressed.
-
11:18
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1223-1 - It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. Ricky Zhou discovered that Puppet did not drop privileges when creating SSH authorized_keys files. A local attacker could exploit this to overwrite arbitrary files as root. It was discovered that Puppet used a predictable filename when using the --edit resource. A local attacker could exploit this to edit arbitrary files or run arbitrary code as the user invoking the program, typically root. Various other issues were also addressed.
-
11:18
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1223-1 - It was discovered that Puppet unsafely opened files when the k5login type is used to manage files. A local attacker could exploit this to overwrite arbitrary files which could be used to escalate privileges. Ricky Zhou discovered that Puppet did not drop privileges when creating SSH authorized_keys files. A local attacker could exploit this to overwrite arbitrary files as root. It was discovered that Puppet used a predictable filename when using the --edit resource. A local attacker could exploit this to edit arbitrary files or run arbitrary code as the user invoking the program, typically root. Various other issues were also addressed.
-
-
10:22
»
Packet Storm Security Advisories
The Axway SecureTransport device contains a directory traversal in the '/icons/' directory. An unauthenticated remote attacker can use this vulnerability to obtain arbitrary files from the root file system of the vulnerable host.
-
10:22
»
Packet Storm Security Recent Files
The Axway SecureTransport device contains a directory traversal in the '/icons/' directory. An unauthenticated remote attacker can use this vulnerability to obtain arbitrary files from the root file system of the vulnerable host.
-
10:22
»
Packet Storm Security Misc. Files
The Axway SecureTransport device contains a directory traversal in the '/icons/' directory. An unauthenticated remote attacker can use this vulnerability to obtain arbitrary files from the root file system of the vulnerable host.
-
-
1:30
»
Packet Storm Security Exploits
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0).
-
1:30
»
Packet Storm Security Recent Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0).
-
1:30
»
Packet Storm Security Misc. Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "DownloadImageFileURL" method in the Black Ice BIImgFrm.ocx ActiveX Control (BIImgFrm.ocx 12.0.0.0).
-
-
18:47
»
Packet Storm Security Advisories
Ubuntu Security Notice 1136-1 - It was discovered that rdesktop incorrectly handled specially crafted paths when using disk redirection. If a user were tricked into connecting to a malicious server, an attacker could access arbitrary files on the user's filesystem.
-
18:47
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1136-1 - It was discovered that rdesktop incorrectly handled specially crafted paths when using disk redirection. If a user were tricked into connecting to a malicious server, an attacker could access arbitrary files on the user's filesystem.
-
18:47
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1136-1 - It was discovered that rdesktop incorrectly handled specially crafted paths when using disk redirection. If a user were tricked into connecting to a malicious server, an attacker could access arbitrary files on the user's filesystem.
-
-
14:11
»
Packet Storm Security Exploits
This Metasploit module exploits a hidden account in the com.trinagy.security.XMLUserManager Java class. When using this account, an attacker can abuse the com.trinagy.servlet.HelpManagerServlet class and write arbitrary files to the system allowing the execution of arbitrary code. NOTE: This Metasploit module has only been tested against HP OpenView Performance Insight Server 5.41.0.
-
14:11
»
Packet Storm Security Recent Files
This Metasploit module exploits a hidden account in the com.trinagy.security.XMLUserManager Java class. When using this account, an attacker can abuse the com.trinagy.servlet.HelpManagerServlet class and write arbitrary files to the system allowing the execution of arbitrary code. NOTE: This Metasploit module has only been tested against HP OpenView Performance Insight Server 5.41.0.
-
14:11
»
Packet Storm Security Misc. Files
This Metasploit module exploits a hidden account in the com.trinagy.security.XMLUserManager Java class. When using this account, an attacker can abuse the com.trinagy.servlet.HelpManagerServlet class and write arbitrary files to the system allowing the execution of arbitrary code. NOTE: This Metasploit module has only been tested against HP OpenView Performance Insight Server 5.41.0.
-
-
14:20
»
Packet Storm Security Advisories
The Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal. This flaw allows remote unauthenticated attackers to retrieve arbitrary files from a vulnerable system.
-
14:20
»
Packet Storm Security Recent Files
The Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal. This flaw allows remote unauthenticated attackers to retrieve arbitrary files from a vulnerable system.
-
14:20
»
Packet Storm Security Misc. Files
The Alcatel-Lucent OmniVista 4760 NMS is vulnerable to a directory traversal. This flaw allows remote unauthenticated attackers to retrieve arbitrary files from a vulnerable system.
-
15:23
»
Packet Storm Security Advisories
Ubuntu Security Notice 1068-1 - Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files.
-
15:23
»
Packet Storm Security Recent Files
Ubuntu Security Notice 1068-1 - Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files.
-
15:23
»
Packet Storm Security Misc. Files
Ubuntu Security Notice 1068-1 - Sergey Nizovtsev discovered that Aptdaemon incorrectly filtered certain arguments when using its D-Bus interface. A local attacker could use this flaw to bypass security restrictions and view sensitive information by reading arbitrary files.
-
-
8:22
»
Packet Storm Security Exploits
ICQ 7 does not check the identity of the update server or the authenticity of the updates that it downloads through its automatic update mechanism. By impersonating the update server (think DNS spoofing), an attacker can act as an update server of its own and deliver arbitrary files that are executed on the next launch of the ICQ client. Since ICQ is automatically launched right after booting Windows by default and it checks for updates on every start, it can be attacked very reliably.Proof of concept code included.
-
8:22
»
Packet Storm Security Recent Files
ICQ 7 does not check the identity of the update server or the authenticity of the updates that it downloads through its automatic update mechanism. By impersonating the update server (think DNS spoofing), an attacker can act as an update server of its own and deliver arbitrary files that are executed on the next launch of the ICQ client. Since ICQ is automatically launched right after booting Windows by default and it checks for updates on every start, it can be attacked very reliably.Proof of concept code included.
-
8:22
»
Packet Storm Security Misc. Files
ICQ 7 does not check the identity of the update server or the authenticity of the updates that it downloads through its automatic update mechanism. By impersonating the update server (think DNS spoofing), an attacker can act as an update server of its own and deliver arbitrary files that are executed on the next launch of the ICQ client. Since ICQ is automatically launched right after booting Windows by default and it checks for updates on every start, it can be attacked very reliably.Proof of concept code included.
-
-
16:13
»
Packet Storm Security Exploits
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "Comp_Download" method in the SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41).
-
16:13
»
Packet Storm Security Recent Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "Comp_Download" method in the SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41).
-
16:13
»
Packet Storm Security Misc. Files
This Metasploit module allows remote attackers to place arbitrary files on a users file system by abusing the "Comp_Download" method in the SAP KWEdit ActiveX Control (kwedit.dll 6400.1.1.41).
-
-
22:00
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02605 SSRT100238 - A potential security vulnerability has been identified in HP Insight Managed System Setup Wizard for Windows. The vulnerability could be exploited remotely to download arbitrary files. Revision 1 of this advisory.
-
22:00
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02606 SSRT100321 - Potential security vulnerabilities have been identified in HP Insight Orchestration software for Windows. The vulnerabilities could be exploited remotely to download arbitrary files or gain unauthorized access. Revision 1 of this advisory.
-
-
20:03
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02599 SSRT100235 - A potential security vulnerability has been identified in HP Virtual Server Environment for Windows. The vulnerability could be exploited remotely to download arbitrary files. Revision 1 of this advisory.
-
20:01
»
Packet Storm Security Advisories
Ubuntu Security Notice 1008-3 - USN-1008-1 fixed vulnerabilities in libvirt. The update for Ubuntu 10.04 LTS reverted a recent bug fix update. This update fixes the problem. It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor profile which provided partial protection against this flaw. It was discovered that libvirt would create new VMs without setting a backing store format. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue did not affect Ubuntu 8.04 LTS. In Ubuntu 9.10 and later guests are confined by an AppArmor profile which provided partial protection against this flaw. Jeremy Nickurak discovered that libvirt created iptables rules with too lenient mappings of source ports. A privileged attacker in the guest could bypass intended restrictions to access privileged resources on the host.
-
20:01
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02599 SSRT100235 - A potential security vulnerability has been identified in HP Virtual Server Environment for Windows. The vulnerability could be exploited remotely to download arbitrary files. Revision 1 of this advisory.
-
-
17:02
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02593 SSRT100237 - A potential security vulnerability has been identified in HP Virtual Connect Enterprise Manager (VCEM) for Windows. The vulnerability could be exploited remotely to download arbitrary files. Revision 1 of this advisory.
-
17:01
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02593 SSRT100237 - A potential security vulnerability has been identified in HP Virtual Connect Enterprise Manager (VCEM) for Windows. The vulnerability could be exploited remotely to download arbitrary files. Revision 1 of this advisory.
-
-
20:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-205 - freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the package, require modules or functions. The updated packages have been upgraded to v2.2.1 which is not vulnerable to this issue.
-
-
20:01
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201009-9 - fence contains multiple programs containing vulnerabilities that may allow local users to overwrite arbitrary files via a symlink attack. The fence_apc, fence_apc_snmp (CVE-2008-4579) and fence_manual (CVE-2008-4580) programs contain symlink vulnerabilities. Versions less than 2.03.09 are affected.
-
20:00
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201009-9 - fence contains multiple programs containing vulnerabilities that may allow local users to overwrite arbitrary files via a symlink attack. The fence_apc, fence_apc_snmp (CVE-2008-4579) and fence_manual (CVE-2008-4580) programs contain symlink vulnerabilities. Versions less than 2.03.09 are affected.
-
-
22:01
»
Packet Storm Security Recent Files
Ubuntu Security Notice 971-1 - It was discovered that the IcedTea plugin did not correctly check certain accesses. If a user or automated system were tricked into running a specially crafted Java applet, a remote attacker could read arbitrary files with user privileges, leading to a loss of privacy.
-
22:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 971-1 - It was discovered that the IcedTea plugin did not correctly check certain accesses. If a user or automated system were tricked into running a specially crafted Java applet, a remote attacker could read arbitrary files with user privileges, leading to a loss of privacy.
-
-
0:01
»
Packet Storm Security Recent Files
Akamai's Download Manager allows attackers to download arbitrary files onto a user's desktop. Using a so-called blended threat attack it is possible to execute arbitrary code. This attack affects the ActiveX control as well as the Java applet. This was fixed in version 2.2.5.4.
-
0:01
»
Packet Storm Security Exploits
Akamai's Download Manager allows attackers to download arbitrary files onto a user's desktop. Using a so-called blended threat attack it is possible to execute arbitrary code. This attack affects the ActiveX control as well as the Java applet. This was fixed in version 2.2.5.4.
-
-
1:01
»
Packet Storm Security Advisories
Ubuntu Security Notice 953-1 - Dan Rosenberg discovered that fastjar incorrectly handled file paths containing .. when unpacking archives. If a user or an automated system were tricked into unpacking a specially crafted jar file, arbitrary files could be overwritten with user privileges.
-
-
22:01
»
Packet Storm Security Exploits
TitanFtp Server version 8.10.1125 suffers from a traversal vulnerability which will allow an attacker to download and delete arbitrary files from the server.
-
-
22:00
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in TomatoCMS, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused by an error in the validation of uploaded image files while adding a new article. This can be exploited to upload arbitrary files inside the webroot and e.g. execute arbitrary PHP code. Successful exploitation requires Add new article , Upload file to server , and Browse uploaded files permissions. Version 2.0.6 is affected.
-
22:00
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in TomatoCMS, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused by an error in the validation of uploaded image files while adding a new article. This can be exploited to upload arbitrary files inside the webroot and e.g. execute arbitrary PHP code. Successful exploitation requires Add new article , Upload file to server , and Browse uploaded files permissions. Version 2.0.6 is affected.
-
-
10:01
»
Packet Storm Security Recent Files
This Metasploit module exploits a directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5. This vulnerability allows remote authenticated (and unauthenticated) users to read or modify arbitrary files, and possibly execute arbitrary code.
-
10:00
»
Packet Storm Security Exploits
This Metasploit module exploits a directory traversal vulnerability in the DeploymentFileRepository class in JBoss Application Server (jbossas) 3.2.4 through 4.0.5. This vulnerability allows remote authenticated (and unauthenticated) users to read or modify arbitrary files, and possibly execute arbitrary code.
-
-
18:00
»
Packet Storm Security Recent Files
Ubuntu Security Notice 932-1 - Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.
-
18:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 932-1 - Sebastian Krahmer discovered a race condition in the KDE Display Manager (KDM). A local attacker could exploit this to change the permissions on arbitrary files, thus allowing privilege escalation.
-
-
22:44
»
Packet Storm Security Recent Files
Ubuntu Security Notice 922-1 - Stephane Chazelas discovered that libnss-db did not correctly set up a database environment. A local attacker could exploit this to read the first line of arbitrary files, leading to a loss of privacy and possibly privilege escalation.
-
22:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 922-1 - Stephane Chazelas discovered that libnss-db did not correctly set up a database environment. A local attacker could exploit this to read the first line of arbitrary files, leading to a loss of privacy and possibly privilege escalation.
-
-
9:33
»
Packet Storm Security Recent Files
Ubuntu Security Notice 917-1 - It was discovered that Puppet did not drop supplementary groups when being run as a different user. A local user may be able to use this flaw to bypass security restrictions and gain access to restricted files. It was discovered that Puppet did not correctly handle temporary files. A local user can exploit this flaw to bypass security restrictions and overwrite arbitrary files.
-
9:33
»
Packet Storm Security Recent Files
Ubuntu Security Notice 918-1 - It was discovered the Samba handled symlinks in an unexpected way when both wide links and UNIX extensions were enabled, which is the default. A remote attacker could create symlinks and access arbitrary files from the server.
-
9:32
»
Packet Storm Security Advisories
Ubuntu Security Notice 917-1 - It was discovered that Puppet did not drop supplementary groups when being run as a different user. A local user may be able to use this flaw to bypass security restrictions and gain access to restricted files. It was discovered that Puppet did not correctly handle temporary files. A local user can exploit this flaw to bypass security restrictions and overwrite arbitrary files.
-
9:32
»
Packet Storm Security Advisories
Ubuntu Security Notice 918-1 - It was discovered the Samba handled symlinks in an unexpected way when both wide links and UNIX extensions were enabled, which is the default. A remote attacker could create symlinks and access arbitrary files from the server.
-
-
0:00
»
Packet Storm Security Recent Files
EMC HomeBase Server contains a vulnerability that may allow an unauthenticated remote user to upload arbitrary files on the affected HomeBase Server. Versions 6.2.x and 6.3.x are affected.
-
-
23:00
»
Packet Storm Security Advisories
EMC HomeBase Server contains a vulnerability that may allow an unauthenticated remote user to upload arbitrary files on the affected HomeBase Server. Versions 6.2.x and 6.3.x are affected.
-
-
18:00
»
Packet Storm Security Advisories
Secunia Research has discovered a security issue in Bournal, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The script uses temporary files in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks when running the update check via the --hack_the_gibson parameter. Version 1.4 is affected.
-
-
0:00
»
Packet Storm Security Recent Files
Ubuntu Security Notice 899-1 - It was discovered that Tomcat did not correctly validate WAR filenames or paths when deploying. A remote attacker could send a specially crafted WAR file to be deployed and cause arbitrary files and directories to be created, overwritten, or deleted.
-
0:00
»
Packet Storm Security Advisories
Ubuntu Security Notice 899-1 - It was discovered that Tomcat did not correctly validate WAR filenames or paths when deploying. A remote attacker could send a specially crafted WAR file to be deployed and cause arbitrary files and directories to be created, overwritten, or deleted.
-
-
18:00
»
Packet Storm Security Recent Files
Secunia Research has discovered a vulnerability in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input sanitation error when handling fileName parameters passed to /goform/formExportDataLogs. This can be exploited to overwrite arbitrary files with almost arbitrary data via directory traversal attacks. Successful exploitation allows execution of arbitrary code. Version 4.2.9 is affected.
-
18:00
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input sanitation error when handling fileName parameters passed to /goform/formExportDataLogs. This can be exploited to overwrite arbitrary files with almost arbitrary data via directory traversal attacks. Successful exploitation allows execution of arbitrary code. Version 4.2.9 is affected.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution