Allied Telesis AT-RG634A ADSL broadband router has hidden administrative unauthenticated webshell that allows for command injection.
e3656907ce60bc967c703eead969f7f9b2ab164514e55b51d9246f8a9fad51caCore Security Technologies Advisory - A vulnerability was found in CitectSCADA that could allow a remote un-authenticated attacker to force an abnormal termination of the vulnerable software (Denial of Service) or to execute arbitrary code on vulnerable systems to gain complete control of the software. To accomplish such goal the would-be attacker must be able to connect to the vulnerable service on a TCP high-port.
19bd45b897c6982edbb11d71c9c88e4b43443d02180be90c94917a52bf3de427Core Security Technologies Advisory - The Borland Interbase 2007 database server is vulnerable to an integer overflow when a malformed packet is sent to the default TCP port 3050. The integer overflow can cause a stack overflow, which allows arbitrary code execution with system privileges. Service pack 2 (0.1.0.256) on Solaris and Windows are both vulnerable.
162a64117efd8eb84f7236e3d10643be16aefc4e640167283fec90fcd738ad1aCore Security Technologies Advisory - A vulnerability was found in Wonderware SuiteLink Service ('slssvc.exe') that could allow an un-authenticated remote attacker with the ability to connect to the SuiteLink service TCP port to shutdown the service abnormally by sending a malformed packet. Exploitation of the vulnerability for remote code execution has not been proven, but it has not been eliminated as a potential scenario.
cc0017282284a81e4c1b8b21a4c4538842f8dc45ce9d672ef98b6df5d880f5e1Core Security Technologies Advisory - MacOS X Server 10.5, also known as Leopard Server, features a Wiki Server, which is a multiuser web application written in Python. The Wiki Server is vulnerable to a path traversal attack, which can be exploited by non-privileged system users via a forged file upload to write arbitrary files on locations in the server filesystem, restricted only by privileges of the Wiki Server application.
c67ec7aad2757e9458328c5a8740092dd9f2f141c751d7cdcaf51eb246f95da2Core Security Technologies Advisory - Timbuktu Pro suffers from remote path traversal and log injection vulnerabilities.
d86243f80adb465a8eb0832d5b4b1a1dc8921c5e790c1bef0c2f4f28fc78447cCore Security Technologies Advisory - Lotus Notes suffers from a buffer overflow vulnerability in the Lotus WorkSheet file processor.
def9e3f9e9a61d8f256c986eaf93946e126019f6138919a51a98b739d7e78cb8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed