Local root exploit for Archlinux that allows an unprivileged user to take over control in kernel mode due to an out-of-bounds access of the sock_diag_handlers[] array. Works reliably against x86-64 3.3-3.7.
25f2aab0c8030a52582b1a4727080cb36afc4818b3e2b57e373fe61a918c940dWar FTP Daemon version 1.82 suffers from a denial of service vulnerability in the way log messages are relayed from the internal log handler to the Windows Event log when the server is running as a Windows service.
cdae585737ae9a5399b6284d3c2f475b31f3286086f62769ba975f53fa17a9adThis Metasploit module exploits a file upload vulnerability in Glossword versions 1.8.8 through 1.8.12 when run as a standalone application. This application has an upload feature that allows an authenticated user with administrator roles to upload arbitrary files to the 'gw_temp/a/' directory.
6a00fc56bffca149e62d8602fbecdb81bf01e94e53c11f7eba4da3baed5c74a4Ubuntu Security Notice 1748-1 - Bobby Holley discovered vulnerabilities in Chrome Object Wrappers (COW) and System Only Wrappers (SOW). If a user were tricked into opening a specially crafted page and had scripting enabled, a remote attacker could exploit this to bypass security protections to obtain sensitive information or potentially execute code with the privileges of the user invoking Thunderbird. Frederik Braun discovered that Thunderbird made the location of the active browser profile available to JavaScript workers. Scripting for Thunderbird is disabled by default in Ubuntu. Various other issues were also addressed.
4295ba720441084e4395afdd80a04eadc905f04335128d2e3c50297585ec504eDebian Linux Security Advisory 2629-1 - Multiple OpenJPEG issues have been addressed. Heap memory corruption leading to invalid free when processing certain Gray16 TIFF images. Huzaifa Sidhpurwala of the Red Hat Security Response Team found a heap-based buffer overflow in JPEG2000 image parsing. Huzaifa Sidhpurwala of the Red Hat Security Response Team found a heap-based buffer overflow when decoding JPEG2000 images.
f5a211f64f0275309bc3f98a01bf8d552052d9e43cec1d291991394d2ff0966eVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the "SysAllocStringLen()" function within the "Oleaut32.dll" (Object Linking and Embedding Automation) library, which could allow remote attackers to execute arbitrary code via a specially crafted web page or Office document.
8e67f8b3f49e0baf5c8cdedac5b1335d0cde5c5ed9ab9eb564c2802292ccb781Apache Maven version 3.0.4 (with Apache Maven Wagon version 2.1) has introduced a non-secure SSL mode by default. This mode disables all SSL certificate checking, including: host name verification , date validity, and certificate chain. Not validating the certificate introduces the possibility of a man-in-the-middle attack.
54b8a3c9c72b613700cbc8a0df15bda1fc8bf0236fd7a3b9243695817a44ea7fThis Metasploit module exploits a vulnerability in Kordil EDMS version 2.2.60rc3. This application has an upload feature that allows an unauthenticated user to upload arbitrary files to the '/kordil_edms/userpictures/' directory.
c33960b0a5838ddb0853afe03218b7db5ca3b95debdf3a837b3c39d718e797fcThis Metasploit module exploits a file upload vulnerability found in PolarPear CMS. By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
d370b8ce0ea599ae7baa968d4166c255fd933b5c56eb77c490c0d1b8f597ef28CONFidence 2013 Call For Papers - This conference will take place from May 28th through the 29th, 2013 in Krakow, Poland.
c86a9dd23da0a4c48dac0e9bc8e4dc21c42a5762f7246b4015319678b8fc30acMTP Poll version 1.0 suffers from multiple stored cross site scripting vulnerabilities.
fd4383d0770c3c6af8f72b9815aae12605343398154a01d43ae44636bef6dc5dMTP Guestbook version 1.0 suffers from multiple stored cross site scripting vulnerabilities.
529efdafea4eb48f880aaa208c6bdf7dfbfaa5fd4e980cf47f3d7c5e2a66616eMTP Image Gallery version 1.0 suffers from a stored cross site scripting vulnerability.
61c1d4858ce3e719e8413ba6347af8e914ac284cf57610d197eed9aef84f1294Debian Linux Security Advisory 2631-1 - Squid3, a fully featured Web proxy cache, is prone to a denial of service attack due to memory consumption caused by memory leaks in cachemgr.cgi.
62ad006b2455956a38e0d73d9d4610a63b827cbb6ef605de9084d4d383314ac6This Metasploit module abuses the JMX classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in February of 2013. Additionally, this module bypasses default security settings introduced in Java 7 Update 10 to run unsigned applet without displaying any warning to the user.
0abc5276937c182f0640b79c2c4ed49a2a0bde2a1aa762e63cc17c0ddad5fe4fphpMyRecipes version 1.2.2 suffers from multiple persistent cross site scripting vulnerabilities.
9ee74a35b8f01ce1962bdb0304e813e3d1601e6030bd495015c297cb735c1093WiFilet version 1.2 suffers from cross site request forgery, local file inclusion, and remote shell upload vulnerabilities.
9e42d3706a2f92089013ffd59637c2acb3ac7fa9a20c41a3158d9e48b2f1c6c3Mandriva Linux Security Advisory 2013-014 - Multiple security issues were identified and fixed in OpenJDK. MBeanServer access restrictions were added, improved TLS handling of invalid messages, and more.
8ac40eb4b2ce07209ddf331559853b548ca985e61c74804dcf0ddfa8c2e80994Ubuntu Security Notice 1746-1 - Chris Wysopal discovered that Pidgin incorrectly handled file transfers in the MXit protocol handler. A remote attacker could use this issue to create or overwrite arbitrary files. This issue only affected Ubuntu 11.10, Ubuntu 12.04 LTS and Ubuntu 12.10. It was discovered that Pidgin incorrectly handled long HTTP headers in the MXit protocol handler. A malicious remote server could use this issue to execute arbitrary code. Various other issues were also addressed.
cab8da5f6e98651feb98f652311a38e0a1209f3942cdce9adda737ce25ba333dUbuntu Security Notice 1747-1 - It was discovered that Transmission incorrectly handled certain micro transport protocol packets. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
f1a5e333f4463410577bb016b2bae709778d942ed9697ed337f84b18fede5ceaSecurity Explorations has discovered two new security issues in Java SE 7 Update 15.
6e34dc4dfaf21577b6c54c34aa6c280cdca75c13e6e64bafe3d587b41b47e888This is a small tool that will convert a binary to shellcode. Additional usage information can be found via the homepage link.
869ef82878ff568dd9287a18df2adef9a64feeeb4ec10d726b256ad9454f759aPorch Light Media suffers from a remote SQL injection vulnerability.
c3ef4a42129971062e2fc48aaa53cf71cf7b0e9ee59beaf43b5e106fa48ca120This Metasploit module exploits a use-after-free vulnerability in Microsoft Internet Explorer where a CParaElement node is released but a reference is still kept in CDoc. This memory is reused when a CDoc relayout is performed.
c34a481f2b8be1ac2f3b8a01e8ab562889bd7cdb4f5c7a2ba7fee1e09d0c1f5bRix4Web Portal suffers from a remote SQL injection vulnerability.
21a5c60f31cc971ba72b095390c902fc6403d9885ffdc35709a60522a7c84a89
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed