This Metasploit module exploits a flaw in the new plugin component of the Sun Java Runtime Environment before v6 Update 22. By specifying specific parameters to the new plugin, an attacker can cause a stack-based buffer overflow and execute arbitrary code. When the new plugin is invoked with a "launchjnlp" parameter, it will copy the contents of the "docbase" parameter to a stack-buffer using the "sprintf" function. A string of 396 bytes is enough to overflow the 256 byte stack buffer and overwrite some local variables as well as the saved return address. NOTE: The string being copied is first passed through the "WideCharToMultiByte". Due to this, only characters which have a valid localized multibyte representation are allowed. Invalid characters will be replaced with question marks ('?'). This vulnerability was originally discovered independently by both Stephen Fewer and Berend Jan Wever (SkyLined). Although exhaustive testing hasn't been done, all versions since version 6 Update 10 are believed to be affected by this vulnerability. This vulnerability was patched as part of the October 2010 Oracle Patch release.
dfbadc6979afc5d422243d430c6c8f9d84ede4aee2963020fcf6c4c80f0ba887
This Metasploit module exploits a weakness in the Adobe Shockwave player's handling of Director movies (.DIR). A memory corruption vulnerability occurs through an undocumented rcsL chunk. This vulnerability was discovered by http://www.abysssec.com.
edbfcc271f52640c5283e776893d943627be757790c777c863e113627287a4e1
This Metasploit module exploits a command injection flaw within Oracle\\'s VM Server Virtual Server Agent (ovs-agent) service. By including shell meta characters within the second parameter to the 'utl_test_url' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root privileges. NOTE: Valid credentials are required to trigger this vulnerable. The username appears to be hardcoded as 'oracle', but the password is set by the administrator at installation time.
a344bd54fa4c477119c5044e88885c1a910d29d6cdf06faf3ada865aec5793cd
Results of a Security Assessment of the Internet Protocol version 6 (IPv6). These are the presentation slides that were used at LACNOG.
0af0fdd608e434d3e0a046b6dc8e603642e17c307867c7b1add93abca814318d
MinaliC Webserver version 1.0 suffers from a denial of service vulnerability.
3ab3f9b4f8db837e41c853797142e2f7df8a77688a4ae396d0ae8f66b544545a
MinaliC Webserver version 1.0 suffers from a directory traversal vulnerability.
ead72a6bb8f230f533f692b2b034a67c99dc4c2679e9d63e5f3f4ccf08d8e869
HP Data Protector Media Operations version 6.11 HTTP server remote integer overflow denial of service exploit.
4d3d1965bea2dedd57e80ca25e0124e7fe28ea8e1822d292ae5429b5ad45ae92
Jamb suffers from a cross site request forgery vulnerability.
f4c0b06d34c2f29e607cd3f02c3d0247b8f9d62f546671e4cb971efa0f224a3b
Secunia Security Advisory - A vulnerability has been reported in monotone, which can be exploited by malicious users to cause a DoS (Denial of Service).
9d9b6ed09b719edb988bd8e9bccf5bb6a43a7105f39a02f24c5a58f5fa2502a6
Secunia Security Advisory - Some vulnerabilities have been reported in Moodle, which can be exploited by malicious users to perform certain actions with escalated privileges, hijack another user's session, and disclose sensitive information and by malicious people to conduct cross-site scripting attacks.
b9cbec8893c16ceae6076650f4ecbea510674b8f2b043ef3473adcbf3137ceda
Secunia Security Advisory - A vulnerability has been discovered in AutoPlay Media Studio, which can be exploited by malicious people to compromise a user's system.
e25c89aef1c90cc24e5621da5158bd4bc9eb26e796eef36172644b3a3867c725
Secunia Security Advisory - Some vulnerabilities have been reported in the phpMyAdmin module for Moodle, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
3553d202364561ca10a7821cf39d238b3bff7207437b5df6d3a7e88a7e16df41
Secunia Security Advisory - A vulnerability has been discovered in Wondershare Flash Gallery Factory, which can be exploited by malicious people to compromise a user's system.
44ada75de91ebc66baa86f96eb990b3175b562fb96ca4ef14278197d537f20a9
Secunia Security Advisory - Ubuntu has issued an update for glibc. This fixes two weaknesses, which can be exploited by malicious, local users to gain escalated privileges.
f973e9e863fed5fa74407af76b6ceb6cd7bb3a49d0d899ce83c1e3b8f04a6962
Secunia Security Advisory - Debian has issued an update for glibc. This fixes two weaknesses, which can be exploited by malicious, local users to gain escalated privileges.
4011ef5daec61793dc7ab6b07a6fc59133284c3c6d980327b4384eac22d58d87
Secunia Security Advisory - Fedora has issued an update for glibc. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges.
79782c5dc9aa662d0bb98de097a487ebc890569b811796af658269e527b750e5
Secunia Security Advisory - A vulnerability has been discovered in ProShow Producer, which can be exploited by malicious people to compromise a user's system.
1b042ea8852b553329c0086dce24539fea26aae503311276b6c4622debf04626
Secunia Security Advisory - A vulnerability has been discovered in pecio cms, which can be exploited by malicious people to conduct cross-site scripting attacks.
9325f39c3e4635aeb47f923445cb6d05eae0b13b9f6f3f449038dd2762a828fb
Secunia Security Advisory - A vulnerability has been discovered in Shockwave Player, which can be exploited by malicious people to compromise a user's system.
f33d8a0f6dbbc785ff76368bda33b35d20fca1f803ca6c80e8a19c688cf2c936
Secunia Security Advisory - J. Greil has discovered a vulnerability in Sawmill, which can be exploited by malicious people to conduct cross-site request forgery attacks.
72589a8f167c9a5a1d066d3048cf533824758b0e101dbd6104fbfcdc45431f49
Secunia Security Advisory - Red Hat has issued an update for pidgin. This fixes multiple weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service).
8bb10f737aff61e9991891d172ebca0134acb04f186199d570ba23d95b51ebca
Secunia Security Advisory - Ubuntu has issued an update for libvirt and virtinst. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions.
fbfecbf82c4b4611620443dd2f937b64e222b490af9853ed8f0e3b227346994b