This Metasploit module exploits a PHP code execution vulnerability in php-Charts version 1.0 which could be abused to allow users to execute arbitrary PHP code under the context of the webserver user. The 'url.php' script calls eval() with user controlled data from any HTTP GET parameter name.
86b5c1161bf85a443f8e4b8508791a0ee94d2cdae006c712017aee8069f71402DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts. A DNS proxy (aka "Fake DNS") is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for "badguy.com" to point to a local machine for termination or interception instead of a real host somewhere on the Internet.
9461b630b520be8b9e28b4d80ff50dc974a91014b3e3fdfb0019340b47a43306The Aloaha Credential Provider Service is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'F' flag (full) for the 'Everyone' group, for the 'AloahaCredentialProviderService.exe' binary file. The service was shipped with Aloaha PDF Saver and possibly every SmartCard Software package from Aloaha. The files are installed in the 'Wrocklage' directory which has the Everyone group assigned to it with full permissions making every single file inside vulnerable to change by any user on the affected machine. After you replace the binary with your rootkit, on reboot you get SYSTEM privileges. Version 5.0.226 is affected.
86f982e569b0f1f904c32d53114ecd09799c64e9d1da2a83c984bcc83bd4171aApache OFBiz versions 10.04.05 and below and 11.04.01 and below suffer from a reflected cross site scripting vulnerability. Full exploitation details provided.
de3b53f54188361189213bbc769aa0b03d6bdceb3374bb700d55cbda2a8f3328Adobe Experience suffers from a reflected cross site scripting vulnerability. The author contacted Adobe back in August but the issue is still not resolved so they are releasing details in hopes that Adobe will address the issue. Note that this finding houses site-specific data. Update on 01/21/2013: Adobe PSIRT has resolved the issue and the author has confirmed that this was indeed fixed.
b7ad16292219d69d31c0817f287d4e50149c4bdbd887e0e0e7282fad6aa95478IPv6 Extension Headers with Neighbor Discovery messages can be leveraged to circumvent simple local network protections, such as "Router Advertisement Guard". Since there is no legitimate use for IPv6 Extension Headers in Neighbor Discovery messages, and such use greatly complicates network monitoring and simple security mitigations such as RA-Guard, this document proposes that hosts silently ignore Neighbor Discovery messages that use IPv6 Extension Headers.
88c1519d37583c204027fbdd3ae3a25828b219b714e31c6f02daeaa96b3e1490Debian Linux Security Advisory 2605-2 - The security update released in DSA 2605 for Asterisk, caused a regression that could lead to crashes. Updated packages have now been made available to correct that behavior.
51c12efbfe4e73991557e6b2242188364e338b13b4cd3dee176fb0534ff5b3f0The WordPress Ripe HD FLV player plugin suffers from path disclosure and remote SQL injection vulnerabilities.
a1231cc70d23013c5b6dcfa56742928cb5e5ed4c728f3a8a3d6241b630481810The Joomla Collector component suffers from a remote shell upload vulnerability.
1f428d79159db8e42cd96fdac387c73fc558a4ff2f664a62900a19d970b4bf9dClassified Ultra ScriptsGenie suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
330402dcde17b2be40735b218eeb93c609a2c4bcca73aacc321f5ac416d944ad
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed