This Metasploit module exploits a use-after-free vulnerability found in Internet Explorer. The flaw was most likely introduced back in 2013, therefore only certain builds of MSHTML are affected. In our testing with IE9, these vulnerable builds appear to be between 9.0.8112.16496 and 9.0.8112.16533, which implies August 2013 until early March 2014 (before the patch).
85541f060fdc844f7022ba1f1028c17d0836c505b9c83aa7c8c91868e0d21f22
This Metasploit module exploits a php unserialize() vulnerability in Horde versions 5.1.1 and below which could be abused to allow unauthenticated users to execute arbitrary code with the permissions of the web server. The dangerous unserialize() exists in the 'lib/Horde/Variables.php' file. The exploit abuses the __destruct() method from the Horde_Kolab_Server_Decorator_Clean class to reach a dangerous call_user_func() call in the Horde_Prefs class.
29c01edc4c0a6e6872a0827d3816b1b853df5b79ddb58262cb3d16dea0cc69e5
The Shakacon 2014 Call For Papers has been announced. It will take place June 23rd through the 25th, 2014 in Honolulu, Hawaii.
7f68946c4f04763b7ca71fc657d3741acc953dcb33a1b0b35e2369a048707988
Wireless Drive version 1.1.0 suffers from local file inclusion and command injection vulnerabilities.
38941e263c811f9b54fe8df01538bf6cc8cd17eddb8519ac0483cf9e0634df15
Mandriva Linux Security Advisory 2014-066 - A vulnerability has been found and corrected in mozilla NSS. In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. The updated packages have been upgraded to the latest NSPR and NSS versions which is not vulnerable to this issue. Additionally the rootcerts package has also been updated to version 1.97, which adds, removes, and distrusts several certificates.
3744078e3d10024e3dbb4c8a6fcc1632a55fb1a945271f81437b6a35e2bcc023
Debian Linux Security Advisory 2882-1 - Multiple cross-site scripting (XSS) vulnerabilities have been discovered in extplorer, a web file explorer and manager using Ext JS. A remote attackers can inject arbitrary web script or HTML code via a crafted string in the URL to application.js.php, admin.php, copy_move.php, functions.php, header.php and upload.php.
e3053e7347129fdb8313688624203b8e5e42f057cbd0d08621883f98cf90f5f2
Mandriva Linux Security Advisory 2014-065 - Multiple vulnerabilities has been found and corrected in apache. XML parsing code in mod_dav incorrectly calculates the end of the string when removing leading spaces and places a NUL character outside the buffer, causing random crashes. This XML parsing code is only used with DAV provider modules that support DeltaV, of which the only publicly released provider is mod_dav_svn. A flaw was found in mod_log_config. A remote attacker could send a specific truncated cookie causing a crash. This crash would only be a denial of service if using a threaded MPM. The updated packages have been upgraded to the latest 2.2.27 version which is not vulnerable to these issues.
1ec6081089af1f4946cff5868c0d43bfeb1b19c4c7462f3ba46e3d8c8a2f59b2
EaseUS Todo Backup version 5.8.0.0 comes with a hardcoded administrative password that is a potential backdoor.
0cc6d6d41811254e9e104cbf690cb20d99997fc1e10e662ae84fce53fa90ec43
searcharchive.cgi from www.FastCGI.com suffers from a remote command execution vulnerability.
26e2765a41fb08ab3a22d7d3ecb52da9d29cf805f8e3194b9eb5874c4c4d8e3f
D-Link DIR-600L hardware version AX and firmware version 1.00 suffers from a cross site request forgery vulnerability.
b631009354d41628f2c1a41d39df88b0765f8bdcbeae0b5ff610a03d682399e6
OXID eSHOP versions prior to 4.7.11/5.0.11 and 4.8.4/5.1.4 suffer from cross site scripting and CRLF injection vulnerabilities.
fc197b8994d3f956db7d23e14039dc8ada100372edc278a4674596d82b02cf15
Debian Linux Security Advisory 2859-2 - Multiple vulnerabilities have been discovered in pidgin, a multi-protocol instant messaging client. In addition to fixing the vulnerabilities, this revision specific to the oldstable distribution (squeeze), reduces the supported protocols to: IRC, Jabber/XMPP, Sametime, and SIMPLE.
aba1f849829ba8b4b5d0c17cadf3cbcacb429fe9d1e6e2c22f31c36f5d4b0a25
Gentoo Linux Security Advisory 201403-5 - Two vulnerabilities have been found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. Versions less than 24.1-r1 are affected.
fcc71b90de871eaffab6688a5962d6a9a3a70a8af03b82173b7f3b5e9b07ba7f
Quantum ships a public/private key pair on DXi V1000 2.2.1 appliances that allows passwordless authentication to any other DXi box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.
c044490578edb32019383826af35b916fee53306c749cd979607ab19079e339f
This Metasploit module exploits a default hardcoded private SSH key or default hardcoded login and password in the vAPV 8.3.2.17 and vxAG 9.2.0.34 appliances made by Array Networks. After logged in as the unprivileged user, it's possible to modify the world writable file /ca/bin/monitor.sh with our arbitrary code. Execution of the arbitrary code is possible by using the backend tool, running setuid, to turn the debug monitoring on. This makes it possible to trigger our payload with root privileges.
1fae43950316e011335dde728dbaad51c106df55957d6f35e6a4c67a1ed197aa
EMC Connectrix Manager Converged Network Edition (CMCNE) version 12.1.2 contains a potential security vulnerability through the FileUploadController servlet that is used to import firmware files to Connectrix Manager's repository. Due to insufficient input validation, attackers can potentially import arbitrary files to the EMC Connectrix Manager server.
fc0ee79237ba4c04837935f03a177c4f57881d01e8283fcaacdee610eaa13586
Cisco Security Advisory - Cisco AsyncOS Software for Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) contain a vulnerability that could allow an authenticated remote attacker to execute arbitrary code with the privileges of the root user. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
4f7a4de55ce594d2a820d830d3f7961b0b2b3406ee721b3eb1b7ddb200030251
CMSimple version 3.54 suffers from a cross site scripting vulnerability.
c69a2e8bbe6fcf8ed4ef78f50033ee20cd9654bc968eb50e7e6c7488908078f3
Mohachat version 0.1.1 suffers from HTML redirection and cross site scripting vulnerabilities.
31544f29344b5ff77aae1764c63c8c10acb364b3b68b5b62806135210166a4d7
x7chat version 3.2 suffers from a cross site scripting vulnerability.
b2ae76c8b0677f18f7735fadae167a1b4a2666b2fa4eaecb92336b45c7d8621a
UAG-CMS suffers from a session fixation vulnerability.
35d537cc326636b474e15bfcc48eb62a59f4ccadbbc1f958872b79cfefaa8a78
Qe version 4.1.6 suffers from a cross site scripting vulnerability.
c8b653ae280b2fbd4f2d5d2f7af6383d253dc18b724d670a971453f1cd93a7e9
PhpSiteManager version 1.1.1 suffers from a cross site scripting vulnerability.
44c2cc7fadef53d592137e629fd069266e367989c6ae848f19b0becb28854762
No-CMS version 0.6.6 suffers from a cross site scripting vulnerability.
1ee893c6b012f5334d897b92b74b70bdb8063b1397e59ec2c71a6461629eda69
After 12 years, the full disclosure mailing list has suspended service indefinitely. This is the final message from Full Disclosure noting the closure.
33d082638b3db7b562a76817d600a262b7fc4a760bdd03c9509dbdb5c378cb00