«
Expand/Collapse
126 items tagged "index"
Related tags:
privilege escalation vulnerability [+],
local privilege escalation [+],
vulnerability [+],
software index [+],
Software [+],
remote [+],
postgresql [+],
mandriva linux [+],
linux kernel [+],
linux [+],
kernel [+],
index function [+],
function [+],
php [+],
inclusion [+],
array index [+],
admin [+],
x atsserver [+],
web [+],
txt [+],
sql [+],
smartcms [+],
service vulnerability [+],
server [+],
null pointer [+],
null [+],
gitweb [+],
git [+],
disclosure [+],
cyrus imap server [+],
cyrus imap [+],
charstrings [+],
arbitrary web [+],
zylone [+],
zephyrus cms [+],
zephyrus [+],
xss [+],
wireless network adapter [+],
webmin [+],
web script [+],
vulnerabilities [+],
useradmin [+],
supernews [+],
sql commands [+],
source code [+],
script index [+],
script code [+],
script [+],
retired [+],
remote shell [+],
quickphp [+],
openpage [+],
mipstudio [+],
memory corruption [+],
koobi [+],
keyword parameter [+],
inventory [+],
idevspot [+],
html [+],
code execution [+],
cff [+],
arbitrary html [+],
apple os x [+],
apple os [+],
zero day [+],
zaki cms [+],
zaki [+],
wowd [+],
wiki [+],
werkform [+],
webasyst [+],
web solution [+],
web index [+],
web applications [+],
wafer [+],
visio [+],
virtuemart [+],
vidiscript [+],
user [+],
txt software [+],
textpattern [+],
technofact [+],
target [+],
source index [+],
source [+],
solution index [+],
solution [+],
softnsolv [+],
social [+],
smarty [+],
simpel [+],
sign [+],
side [+],
shop index [+],
shop [+],
shell [+],
sardus [+],
rw download [+],
remote file include vulnerability [+],
received [+],
realty [+],
realplayer user [+],
rad [+],
problem [+],
portal [+],
poll index [+],
poll [+],
phpmyfaq [+],
phpmv [+],
phpmoneybooks [+],
phpcms [+],
php index [+],
php files [+],
photopost [+],
particle [+],
parsing [+],
page parameter [+],
os x [+],
open ports [+],
open [+],
no brainer [+],
mymarket [+],
mybb [+],
mismatch [+],
microsoft visio [+],
microsoft [+],
metasploit [+],
member [+],
mediawiki [+],
media index [+],
media [+],
mac os x [+],
location base [+],
lionwiki [+],
lan [+],
kdpics [+],
justvisual [+],
joomla [+],
jedit [+],
isupport [+],
intera [+],
input validation [+],
index structure [+],
index pages [+],
imedia [+],
idevcart [+],
iboutique [+],
http [+],
homap cms [+],
granet [+],
gmds [+],
global event [+],
funkgallery [+],
freenas [+],
flogr [+],
fish index [+],
fish [+],
fellas [+],
event [+],
esmile [+],
emanage [+],
eclosion [+],
download [+],
domain shop [+],
domain [+],
dokuwiki [+],
different [+],
dew newphplinks [+],
dew [+],
d tekweb [+],
cve [+],
cubecart [+],
csrf [+],
cross site scripting [+],
consulweb [+],
com [+],
cgi [+],
bigthink [+],
backuppc [+],
atacimo [+],
array [+],
apple quicktime [+],
apple mac os x [+],
apple mac os [+],
anzeigenmarkt [+],
affy [+],
admin index [+],
addiction [+],
activecollab [+],
Newbie [+],
Area [+],
sql injection [+],
day [+],
cms [+]
-
-
17:00
»
SecuriTeam
This allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to calc.php, (2) chat.php, (3) register.php, or (4) index.php in libs/smarty_ajax/; or the (5) page parameter to libs/smarty_ajax/index.php.
-
-
18:06
»
SecuriTeam
The Apple Type Services is prone to memory corruption due a sign mismatch vulnerability when handling the last offset value of the CharStrings INDEX structure.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
20:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-209 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when parsing a RealMedia .IVR file containing malformed sample data. The application utilizes a index in this data stream for seeking into a list of objects. Due to the lack of constraints on this index, one can seek to an arbitrary object located in memory which will lead to code execution under the context of the currently logged in user.
-
-
19:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-178 - Multiple cross-site scripting vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via the BASE parameter, or the ega_1 parameter. Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the onglet_bis parameter. Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via multiple inventory fields to the search form, reachable through index.php; or the Software name field to the All softwares search form, reachable through index.php. This upgrade provides ocsinventory 1.02.3 which is not vulnerable for these security issues.
-
19:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-178 - Multiple cross-site scripting vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to inject arbitrary web script or HTML via the BASE parameter, or the ega_1 parameter. Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remote attackers to execute arbitrary SQL commands via the onglet_bis parameter. Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to execute arbitrary SQL commands via multiple inventory fields to the search form, reachable through index.php; or the Software name field to the All softwares search form, reachable through index.php. This upgrade provides ocsinventory 1.02.3 which is not vulnerable for these security issues.
-
-
16:47
»
Carnal0wnage
Grabbing the index pages of web servers seems like a no brainer and something every pentester is going to perform on a test. The problem I ran into is how do you get this info once your inside and using meterpreter as your pivot into the network.
Your current options are to port forward to each host or set up a route via your meterpreter session and run some sort of auxiliary module. You can tcp port scan and find open ports or use the http_version module to see server version but you don't get a feel for whats actually on the site.
I opted to write something that would scan a range, perform a HTTP GET of / on the ip, then take the resulting body from the response, which should be html, and save it to a file to look at afterwards.
Looks like this when it runs...
msf auxiliary(http_index_grabber) > set RHOSTS carnal0wnage.com/24
RHOSTS => carnal0wnage.com/24
msf auxiliary(http_index_grabber) > run
[+] Received a HTTP 200...Logging to file: /home/cg/.msf3/logs/auxiliary/http_index_grabber/209.20.85.4_20100904.4426.html
[+] Received a HTTP 200...Logging to file: /home/cg/.msf3/logs/auxiliary/http_index_grabber/209.20.85.5_20100904.4429.html
[*] Received 301 to http://drumsti.cc/ for 209.20.85.10:80/
[-] Received 403 for 209.20.85.8:80/
[+] Received a HTTP 200...Logging to file: /home/cg/.msf3/logs/auxiliary/http_index_grabber/209.20.85.12_20100904.4432.html
...
[*] Received 302 to http://209.20.85.57/apache2-default/ for 209.20.85.57:80/ [+] Received a HTTP 200...Logging to file: /home/cg/.msf3/logs/auxiliary/http_index_grabber/209.20.85.56_20100904.4503.html
[*] Received 302 to http://209.20.85.51/session/new for 209.20.85.51:80/
you can then check out the folder with the results

code is here:
http://carnal0wnage.googlecode.com/svn/trunk/msf3/modules/auxiliary/admin/random/http_index_grabber.rb
-
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
D-Tekweb (index.php) SQL Injection Vulnerability
-
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
BigThink XT (index.php) SQL Injection Vulnerability
-
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Sardus (index.php) Blind SQL Injection Vulnerability
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Granet (index.php) Blind SQL Injection Vulnerability
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Koobi CMS (index.php) SQL Injection Vulnerability
-
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Zylone IT (index.php) Blind SQL Injection Vulnerability
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Open Realty (index.php) SQL Injection Vulnerability
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Zylone IT (index.php) Blind SQL Injection Vulnerability
-
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Addiction (index.php) SQL Injection Vulnerability
-
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Consulweb (index.php) Blind SQL Injection Vulnerability
-
-
1:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
InteRa CMS (index.php) Blind SQL Injection Vulnerability
-
-
22:00
»
Packet Storm Security Recent Files
Secunia Research has discovered some vulnerabilities in TomatoCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the keyword and article-id parameters to index.php/admin/news/article/list, the keyword parameter to index.php/admin/multimedia/set/list, the keyword and fileId parameters to index.php/admin/multimedia/file/list, and the name , email , and address parameters to index.php/admin/ad/client/list is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in the users browser in context of the affected site.
-
22:00
»
Packet Storm Security Advisories
Secunia Research has discovered some vulnerabilities in TomatoCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the keyword and article-id parameters to index.php/admin/news/article/list, the keyword parameter to index.php/admin/multimedia/set/list, the keyword and fileId parameters to index.php/admin/multimedia/file/list, and the name , email , and address parameters to index.php/admin/ad/client/list is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in the users browser in context of the affected site.
-
-
11:41
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
SuperNews (index.php) SQL Injection Vulnerability
-
-
6:51
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
justVisual 2.0 (index.php)
-
-
7:59
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
CMS By SoftnSolv (index.php) SQL Injection Vulnerability
-
-
10:14
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
CMS Openpage (index.php) SQL Injection Vulnerability
-
10:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Zephyrus CMS (index.php) SQL Injection Vulnerability
-
8:39
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
Zephyrus CMS (index.php) SQL Injection Vulnerability
-
-
7:04
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
CMS Openpage (index.php) SQL Injection Vulnerability
-
-
11:00
»
0day.today (was: 1337day, Inj3ct0r, 1337db)
HoMaP-CMS 0.1 (index.php go) SQL Injection Vulnerability
-
-
11:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-034 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.
-
-
18:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-034 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. Additionally, the Linux kernel was updated to the stable release 2.6.27.45.
-
18:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-034 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. Additionally, the Linux kernel was updated to the stable release 2.6.27.45.
-
-
9:16
»
remote-exploit & backtrack
I'm trying to check out some pages to spoof on a LAN and have one little problem:
I've checked in /var/www/ and cannot find the index.html file. LOL...big problem.
Okay, so I have three folders in this location: base, squid-reports, and unicornscan. There are two .php files in these folders named index but no html files.
Please fellas, comment and help me find it!
-
-
18:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-030 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. An issue was discovered in 2.6.32.x kernels, which sets unsecure permission for devtmpfs file system by default. Additionally, it was added support for Atheros AR2427 Wireless Network Adapter.
-
18:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-030 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. An issue was discovered in 2.6.32.x kernels, which sets unsecure permission for devtmpfs file system by default. Additionally, it was added support for Atheros AR2427 Wireless Network Adapter.