Ruby Gem Fastreader version 1.0.8 suffers from a remote code execution vulnerability.
89b87fccb71d43cbfd06695564eb38fc2b65d8c3efba57236545d8452c11b607This document provides the technical details of Issue 54 that was reported to Oracle on Feb 25, 2013 and that was evaluated by the company as the "allowed behavior".
d4c8c1fc0df190e76d87001b6555555bff504a8c763720dc1de1548590119edcRuby Gem Command Wrap suffers from a remote code execution vulnerability.
28a0b4a6c633d5625d572416f7ec1b3eca1a2045358cc07c0078fd6cd2d57065Internet Census 2012 - Port scanning /0 using insecure embedded devices. This write up discusses the Carna Botnet that was created and leveraged to scan all IPv4 addresses. It made use of 420 thousand insecure devices to complete the effort.
6f8dddcbe67cdf06b94ff3bbc4cfb0155b758391e222e39ae7b631a097f931eeThe call for papers for H2HC 10th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 3rd through the 8th, 2013.
dcbf39f1eb4e116b4b5a9b01db020a79ce6b5adbc164a6031f5aa4225ae443deNOPcon is a free non-profit hacker conference without any sales pitches. The second edition has released its call for papers and will take place June 6, 2013 in Istanbul, Turkey.
006aa8f5ccc3ea31b1104b889e20324ca46ff51ec9d247b1905d339f9bb0386cIn this paper the authors uncover and demonstrate an interesting way to convert local bugs and features in remotely exploitable security vulnerabilities by using the well known EA Origin platform as an attack vector against remote systems. The attack proposed in this paper is similar to the attack targeting the Steam platform that they detailed in their previous research. The Origin attack detailed in this paper affects more than 40 million Origin users.
49def0264cec468ffef03ccdced1ff431068dffff126aca570d55caf707dd49fRebus:list suffers from a remote SQL injection vulnerability.
346eae0666cf8b6d57c06d6863f4273a4dc4aad8a7f734a187ea2a43318b2d8aipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
fa75ff80e88714e0dba7cc8711f2d7e884bf7242c078f1702bf344b78ef179faNCC Group has discovered a USB RNDIS driver kernel pool overflow in Microsoft Windows. Unfortunately, as usual, the NCC group are withholding any details for three months.
b67f78c8f27b85aad58afde12e4da95467a1c87bf89d8c723683988c3105422cThis papers discusses a new way to attack Android applications for bypassing password authentication.
4132d9e71ac1fd9c393ea9bc250f95b0a17cdfbbd0646e28fbc5128e126e40e9The Joomla RSfiles component suffers from a remote SQL injection vulnerability.
878f37ba2d41f24faeb5ec2926a1b3e8e8e8dae83c8e76e91355b9fa3d139eadWordPress Simply Poll third party plugin version 1.4.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
ddddad68953e748aca3717d171b456e43176604fc0cffd022c7d37a8ba52922eSami FTP server version 2.0.1 PUT command buffer overflow exploit with DEP bypass. Written in Python.
8159a50021210d0417c9c4dfb1db9a6b41e41225e88e15e69485e9a6794eb4d2Debian Linux Security Advisory 2650-2 - The recent security update for libvirt was found to cause a regression. The kvm/qemu processes weren't run as the `kvm` user anymore in order to fix the file/device ownership changes, but the processes where not correctly configured to use the `kvm` group either. When the user would try to run a virtual machine, the process was denied access to the /dev/kvm device node, preventing the virtual machine to run.
ba083b83252d717a51f6b269fc6d80bf4b8fd29504ca0936af5e421e28e0a86eScripteen FunPhoto Mix suffers form a cross site scripting vulnerability.
e8c7ce5534c56e058f80854b0ef2e32456a54d16c50b0b3203dd20fef2710264
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed