This Metasploit module exploits a use-after-free vulnerability found in Internet Explorer. The flaw was most likely introduced back in 2013, therefore only certain builds of MSHTML are affected. In our testing with IE9, these vulnerable builds appear to be between 9.0.8112.16496 and 9.0.8112.16533, which implies August 2013 until early March 2014 (before the patch).
85541f060fdc844f7022ba1f1028c17d0836c505b9c83aa7c8c91868e0d21f22This Metasploit module exploits a php unserialize() vulnerability in Horde versions 5.1.1 and below which could be abused to allow unauthenticated users to execute arbitrary code with the permissions of the web server. The dangerous unserialize() exists in the 'lib/Horde/Variables.php' file. The exploit abuses the __destruct() method from the Horde_Kolab_Server_Decorator_Clean class to reach a dangerous call_user_func() call in the Horde_Prefs class.
29c01edc4c0a6e6872a0827d3816b1b853df5b79ddb58262cb3d16dea0cc69e5The Shakacon 2014 Call For Papers has been announced. It will take place June 23rd through the 25th, 2014 in Honolulu, Hawaii.
7f68946c4f04763b7ca71fc657d3741acc953dcb33a1b0b35e2369a048707988Wireless Drive version 1.1.0 suffers from local file inclusion and command injection vulnerabilities.
38941e263c811f9b54fe8df01538bf6cc8cd17eddb8519ac0483cf9e0634df15Mandriva Linux Security Advisory 2014-066 - A vulnerability has been found and corrected in mozilla NSS. In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. The updated packages have been upgraded to the latest NSPR and NSS versions which is not vulnerable to this issue. Additionally the rootcerts package has also been updated to version 1.97, which adds, removes, and distrusts several certificates.
3744078e3d10024e3dbb4c8a6fcc1632a55fb1a945271f81437b6a35e2bcc023Debian Linux Security Advisory 2882-1 - Multiple cross-site scripting (XSS) vulnerabilities have been discovered in extplorer, a web file explorer and manager using Ext JS. A remote attackers can inject arbitrary web script or HTML code via a crafted string in the URL to application.js.php, admin.php, copy_move.php, functions.php, header.php and upload.php.
e3053e7347129fdb8313688624203b8e5e42f057cbd0d08621883f98cf90f5f2Mandriva Linux Security Advisory 2014-065 - Multiple vulnerabilities has been found and corrected in apache. XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn. A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM. The updated packages have been upgraded to the latest 2.2.27 version which is not vulnerable to these issues.
1ec6081089af1f4946cff5868c0d43bfeb1b19c4c7462f3ba46e3d8c8a2f59b2EaseUS Todo Backup version 5.8.0.0 comes with a hardcoded administrative password that is a potential backdoor.
0cc6d6d41811254e9e104cbf690cb20d99997fc1e10e662ae84fce53fa90ec43searcharchive.cgi from www.FastCGI.com suffers from a remote command execution vulnerability.
26e2765a41fb08ab3a22d7d3ecb52da9d29cf805f8e3194b9eb5874c4c4d8e3fD-Link DIR-600L hardware version AX and firmware version 1.00 suffers from a cross site request forgery vulnerability.
b631009354d41628f2c1a41d39df88b0765f8bdcbeae0b5ff610a03d682399e6OXID eSHOP versions prior to 4.7.11/5.0.11 and 4.8.4/5.1.4 suffer from cross site scripting and CRLF injection vulnerabilities.
fc197b8994d3f956db7d23e14039dc8ada100372edc278a4674596d82b02cf15Debian Linux Security Advisory 2859-2 - Multiple vulnerabilities have been discovered in pidgin, a multi-protocol instant messaging client. In addition to fixing the vulnerabilities, this revision specific to the oldstable distribution (squeeze), reduces the supported protocols to: IRC, Jabber/XMPP, Sametime, and SIMPLE.
aba1f849829ba8b4b5d0c17cadf3cbcacb429fe9d1e6e2c22f31c36f5d4b0a25Gentoo Linux Security Advisory 201403-5 - Two vulnerabilities have been found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. Versions less than 24.1-r1 are affected.
fcc71b90de871eaffab6688a5962d6a9a3a70a8af03b82173b7f3b5e9b07ba7fQuantum ships a public/private key pair on DXi V1000 2.2.1 appliances that allows passwordless authentication to any other DXi box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.
c044490578edb32019383826af35b916fee53306c749cd979607ab19079e339fThis Metasploit module exploits a default hardcoded private SSH key or default hardcoded login and password in the vAPV 8.3.2.17 and vxAG 9.2.0.34 appliances made by Array Networks. After logged in as the unprivileged user, it's possible to modify the world writable file /ca/bin/monitor.sh with our arbitrary code. Execution of the arbitrary code is possible by using the backend tool, running setuid, to turn the debug monitoring on. This makes it possible to trigger our payload with root privileges.
1fae43950316e011335dde728dbaad51c106df55957d6f35e6a4c67a1ed197aaEMC Connectrix Manager Converged Network Edition (CMCNE) version 12.1.2 contains a potential security vulnerability through the FileUploadController servlet that is used to import firmware files to Connectrix Manager's repository. Due to insufficient input validation, attackers can potentially import arbitrary files to the EMC Connectrix Manager server.
fc0ee79237ba4c04837935f03a177c4f57881d01e8283fcaacdee610eaa13586Cisco Security Advisory - Cisco AsyncOS Software for Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) contain a vulnerability that could allow an authenticated remote attacker to execute arbitrary code with the privileges of the root user. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
4f7a4de55ce594d2a820d830d3f7961b0b2b3406ee721b3eb1b7ddb200030251CMSimple version 3.54 suffers from a cross site scripting vulnerability.
c69a2e8bbe6fcf8ed4ef78f50033ee20cd9654bc968eb50e7e6c7488908078f3Mohachat version 0.1.1 suffers from HTML redirection and cross site scripting vulnerabilities.
31544f29344b5ff77aae1764c63c8c10acb364b3b68b5b62806135210166a4d7x7chat version 3.2 suffers from a cross site scripting vulnerability.
b2ae76c8b0677f18f7735fadae167a1b4a2666b2fa4eaecb92336b45c7d8621aUAG-CMS suffers from a session fixation vulnerability.
35d537cc326636b474e15bfcc48eb62a59f4ccadbbc1f958872b79cfefaa8a78Qe version 4.1.6 suffers from a cross site scripting vulnerability.
c8b653ae280b2fbd4f2d5d2f7af6383d253dc18b724d670a971453f1cd93a7e9PhpSiteManager version 1.1.1 suffers from a cross site scripting vulnerability.
44c2cc7fadef53d592137e629fd069266e367989c6ae848f19b0becb28854762No-CMS version 0.6.6 suffers from a cross site scripting vulnerability.
1ee893c6b012f5334d897b92b74b70bdb8063b1397e59ec2c71a6461629eda69After 12 years, the full disclosure mailing list has suspended service indefinitely. This is the final message from Full Disclosure noting the closure.
33d082638b3db7b562a76817d600a262b7fc4a760bdd03c9509dbdb5c378cb00
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed