HP Security Bulletin HPSBST02890 3 - A potential security vulnerability has been identified with HP StoreOnce D2D Backup System. The vulnerability could be exploited remotely resulting in unauthorized access, modification, and escalation of privilege. Please note that this issue does not affect HP StoreOnce Backup systems that are running software version 3.0.0 or newer. Devices running software version 3.0.0 or newer do not have a HPSupport user account with a pre-set password configured. Revision 3 of this advisory.
422b3375eb717c521ae8728e85ffcb04eb02f34f89ad0731bdbeff7ba22d3908ZedLog is a robust cross-platform input logging tool (or key logger). It is based on a flexible data logging system which makes it easy to get the required data. It captures all keyboard and mouse events, has a full GUI, and supports logging to a file and basic hiding.
0de4d2153f3495331a767eb87f5a3d42e7bd5e87d00251f505f42ba34c93e0a0This Metasploit module exploits a buffer overflow in MediaCoder 0.8.22. The vulnerability occurs when adding an .m3u, allowing arbitrary code execution under the context of the user. DEP bypass via ROP is supported on Windows 7, since the MediaCoder runs with DEP. This Metasploit module has been tested successfully on MediaCoder 0.8.21.5539 to 0.8.22.5530 over Windows XP SP3 and Windows 7 SP0.
7d841ff629512953fde2ad0b9d42720ffd2fc843859e5ee5bfe58e990084b709This Metasploit module exploits a stack-based buffer overflow vulnerability in version 1.11 of Corel PDF Fusion. The vulnerability exists while handling a XPS file with long entry names. In order for the payload to be executed, an attacker must convince the target user to open a specially crafted XPS file with Corel PDF Fusion. By doing so, the attacker can execute arbitrary code as the target user.
916643fb975e5382aef5b8e8b08179bdf4cfd923b7b247577966efc132ea1fa0BMC Service Desk Express (SDE) version 10.2.1.95 suffers from cross site scripting and remote SQL injection vulnerabilities.
74e4eb8d243a17c5340d032406938b29866d6db49d3fd71d6544cb957ed04e2eMcAfee ePO version 4.6.6 Build 176 suffers from cross site scripting and remote SQL injection vulnerabilities.
5bc2c2825a2b841fc950d28fa7e61d6b5aadf005eca175d8a43288f8aebc17b2Serendipity version 1.6.2 suffers from multiple cross site scripting vulnerabilities.
481030d108ff5fb5beee22933c98925f5eef0b088e04471fe3ccaba9809718d3Gentoo Linux Security Advisory 201307-1 - Multiple vulnerabilities have been found in HAProxy, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.24 are affected.
6fbe65c7f8c455d91fb9793263cbcd363c732b4b7cf6a52f71982d44d7efc8bbMiniBB version 3.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
60efdb16bbc0c67a01ff8f726472ed1cccf342759ebc5a483ba9586b56560491MintBoard version 0.3 suffers from cross site scripting vulnerabilities.
0174d84652ee11ebd0d8df03e6ea9c0f95630c6d3a8b6ca085db8d8d8df10b24Mediacoder version 0.8.23.5530 SEH buffer overflow exploit that spawns calc.exe.
f9059da4b8565d2a2be053e35a764c75974e90bcf82f6ad60e76c537d880d579Linksys WRT110 suffers from root shell command injection and cross site request forgery vulnerabilities.
850308c35db1a6b6413065eb09749bb1a66bb16d4e5f80c535788b446adada12Ultra Mini HTTPd version 1.21 suffers from a stack buffer overflow vulnerability. This exploit binds a shell.
b39d7035823d90ebf298af86caffb2621a6df69d4546157dd8458dfb62f0ac9aCamuflage is a short shellscript that makes AES encryption/decryption operations with OpenSSL easier.
77a5d5c0b689028319d8a3180931df3bf00aa5038570239dac656b70d7e35de4DD-WRT suffers from cross site request forgery and remote command injection vulnerabilities.
71cefeed41482f3cd8e7f0937d18ccfcff76e6e7d15e71a4d8ebe20319e20870
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed