|
|
Prev week |
Colapse all |
Post message
ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability 2011-06-06 Fly, Kate (kate kate fly hp com) ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability 2011-06-06 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-178 June 6, 2011 -- CVE ID: CVE-2011-1705 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- T [ more ] [ reply ] ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability 2011-06-06 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-176 June 6, 2011 -- CVE ID: CVE-2011-1703 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- TippingPoint( [ more ] [ reply ] ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability 2011-06-06 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-175 June 6, 2011 -- CVE ID: CVE-2011-1702 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- Tip [ more ] [ reply ] ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability 2011-06-06 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-174 June 6, 2011 -- CVE ID: CVE-2011-1701 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- Tippi [ more ] [ reply ] ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability 2011-06-06 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-177 June 6, 2011 -- CVE ID: CVE-2011-1704 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- Tippi [ more ] [ reply ] ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability 2011-06-06 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-173 June 6, 2011 -- CVE ID: CVE-2011-1700 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- Tippi [ more ] [ reply ] ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability 2011-06-06 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-172 June 6, 2011 -- CVE ID: CVE-2011-1699 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell iPrint -- TippingPoint(T [ more ] [ reply ] Java HotSpot Cryptographic Provider signature verification vulnerability 2011-06-06 Zacheusz Siedlecki (Zacheusz Siedlecki gmail com) An attacker can add a cryptographic provider containing cipher implementation signed by an untrusted certificate. The attacker can also create his or her own jurisdiction policy files signed by an untrusted certificate. In order to achieve this, the attacker must first of all add a fake cryptographi [ more ] [ reply ] ESA-2011-009 (revised): RSA, The Security Division of EMC, announces new fix for potential security vulnerability in RSA(r) Access Manager Server. 2011-06-06 Security_Alert emc com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-009 (revised): RSA, The Security Division of EMC, announces new fix for potential security vulnerability in RSA® Access Manager Server. Advisories Updated June 2, 2011 Summary: RSA Access Manager Server has been updated with the [ more ] [ reply ] Squiz Matrix - Cross-Site Scripting Vulnerability 2011-06-06 Patrick Webster (patrick osisecurity com au) Squiz Matrix - Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/squiz-matrix-cross-site-scripti ng Release Date: 06-Jun-2011 Software: Squiz - Matrix http://www.squiz.net/ "Squiz Matrix delivers highly flexible and robust business integration engine and application devel [ more ] [ reply ] PopScript Multiple Vulnerabilities 2011-06-05 root d99y com ########################################################## # Exploit Title: PopScript Multiple Vulnerabilities # home : http://www.D99Y.com # Google Dork: Do as you would be done by ; ) # Date: 5/6/2011 # Author: NassRawI # Software Link: http://www.popscript.com/ ################################## [ more ] [ reply ] AppSec USA 2011 CFP Reminder, CTF Pre-Conference Challenge #2 2011-06-04 adam baso owasp org Hello netizens! This is an update about the OWASP AppSec USA 2011 software security conference in Minneapolis this September. *** CALL FOR PAPERS *** Have something important to say about software security? The OWASP AppSec USA 2011 Call for Papers is still open. We're looking for hardcore tal [ more ] [ reply ] iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability 2011-06-03 labs-no-reply (labs-no-reply ivcp vrsn com) iDefense Security Advisory 05.03.11 http://labs.idefense.com/intelligence/vulnerabilities/ May 03, 2011 I. BACKGROUND Tom Sawyer Software's GET Extension Factory is a component used for graph visualization applications development. It is included in VMWare Infrastructure Client. For more informati [ more ] [ reply ] fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947) 2011-06-06 ma+bt dt e-technik uni-dortmund de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 fetchmail-SA-2011-01: Denial of service possible in STARTTLS mode Topics: fetchmail denial of service in STARTTLS protocol phases Author: Matthias Andree Version: 1.0 Announced: 2011-06-06 Type: Unguarded blocking I/O can cause indefinite applicati [ more ] [ reply ] ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability 2011-06-03 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-171 June 3, 2011 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Sybase -- Affected Products: Sybase OneBridge -- TippingPoint(TM) [ more ] [ reply ] [security bulletin] HPSBMA02652 SSRT100432 rev.4 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure 2011-06-03 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02776387 Version: 4 HPSBMA02652 SSRT100432 rev.4 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure NOTICE: The information in this Security [ more ] [ reply ] WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Commands Injection Vulnerability 2011-06-03 nospam gmail it CFP: IEEE SocialCom11 /PASSAT11 2011-06-03 justinzzhan gmail com Call For Paper 2010 IEEE International Conference on Privacy, Security, Risk and Trust (PASSAT2011) MIT, Boston, USA, October 9-11, 2011 http://www.iisocialcom.org/conference/passat2011 2011 IEEE International Conference on Social Computing (SocialCom-2011) MIT, Boston, USA, October 9-11, 201 [ more ] [ reply ] iDefense Security Advisory 06.01.11: Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability 2011-06-02 labs-no-reply (labs-no-reply ivcp vrsn com) iDefense Security Advisory 06.01.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 01, 2011 I. BACKGROUND Cisco's AnyConnect VPN solution provides remote access to customers via the Web browser. This is accomplished through the use of an ActiveX control. The control itself is provided [ more ] [ reply ] [CVE-ID REQUEST] vBulletin - Multiple Open Redirects 2011-06-02 Robert Gilbert (rgilbert halock com) Product: vBulletin Version: 3 - 4.1.3 Release Date: 06/02/2011 Risk: Low Authentication: Not required to exploit. Remote: Yes Description: Multiple Open Redirect vulnerabilities in vBulletin version 4.1.3 and below allow remote attackers to redirect users to arbitrary web sites and conduct phishin [ more ] [ reply ] Re: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept 2011-06-02 Dan Kaminsky (dan doxpara com) Two things: 1) Are you sure a stock build of Windows doesn't pop a security warning when right clicking the file:// IFRAME? You might have munged your test OS. 2) You're getting closer with this "Send To" stuff, but you're still socially engineering. Definitely better than classic "please downloa [ more ] [ reply ] Re: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept 2011-06-02 Mitja Kolsek (mitja kolsek acros si) Dan, > 1) Are you sure a stock build of Windows doesn't pop a security > warning when right clicking the file:// IFRAME? You might have munged > your test OS. IE allows you to right-click on a folder (but not on a file or on the "background") inside a file:// iframe without popping up a securit [ more ] [ reply ] |
|
Privacy Statement |
http://www.zerodayinitiative.com/advisories/ZDI-11-179
June 6, 2011
-- CVE ID:
CVE-2011-1706
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPr
[ more ] [ reply ]