Gentoo Linux Security Advisory 201411-1 - Multiple vulnerabilities have been found in VLC, the worst of which could lead to user-assisted execution of arbitrary code. Versions less than 2.1.2 are affected.
dc80967f563bbb7cad25daadf72cf12d774e1d368369c73dbb4cb2d0f6afafb2Ubuntu Security Notice 2398-1 - It was discovered that LibreOffice incorrectly handled the Impress remote control port. An attacker could possibly use this issue to cause Impress to crash, resulting in a denial of service, or possibly execute arbitrary code.
2d4b12d6493a91f3eaa8006e193e7e2d7759c708a8395f117d5518a2272bbcdaThis tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
fb9122139453d8f4446211b8abc04b50ffab8420069b74155ee605f46c1cdf71This archive contains all of the 161 exploits added to Packet Storm in October, 2014.
d3984571a8227f9e7d13a88d6671d74cea13cecb585d4ce11eaa50e2afdfa3a3FreeBSD Security Advisory - A malicious HTTP server could cause ftp(1) to execute arbitrary commands. When operating on HTTP URIs, the ftp(1) client follows HTTP redirects, and uses the part of the path after the last '/' from the last resource it accesses as the output filename if '-o' is not specified. If the output file name provided by the server begins with a pipe ('|'), the output is passed to popen(3), which might be used to execute arbitrary commands on the ftp(1) client machine.
908b41945f4a776313f3f3dbb1964358ed272a66171fc28e7a94977708dbbae3FreeBSD Security Advisory - When setlogin(2) is called while setting up a new login session, the login name is copied into an uninitialized stack buffer, which is then copied into a buffer of the same size in the session structure. The getlogin(2) system call returns the entire buffer rather than just the portion occupied by the login name associated with the session. An unprivileged user can access this memory by calling getlogin(2) and reading beyond the terminating NUL character of the resulting string. Up to 16 (FreeBSD 8) or 32 (FreeBSD 9 and 10) bytes of kernel memory may be leaked in this manner for each invocation of setlogin(2). This memory may contain sensitive information, such as portions of the file cache or terminal buffers, which an attacker might leverage to obtain elevated privileges.
23fbb0c0a00923eafb684d61182e85209722ef19a307b518f0e37f0833b833cfHelpDEZk version 1.0.1 suffers from a remote unrestricted file upload vulnerability.
85479cd2e6c2e25ff9357f6e9ffdb13443ba588c85cf9a0ce5625914b530c690Forma Lms version 1.2.1 suffers from a cross site scripting vulnerability.
a2fd82d89af099cb808bcdd5f234d0f2dc854c7a567c21ee470c8a2d419a4013WordPress Bulletproof-Security version .51 suffers from SSRF, cross site scripting, and remote SQL injection vulnerabilities.
f48eb2e59a5e952f39b016be11e5ff6296d87aa734b6ee5886bc652f1e3ef960Softing FG-100 PB comes with a hardcoded root account with a static password that cannot be changed by the administrator.
22e4763533c7a20fc4e6a7977f464c067e829cdfcf045f51124db5c9ecfc01fdSofting FG-100 PB suffers from a cross site scripting vulnerability.
013ea4e2345f6f6e6ba59bf7a81af0215b31cb0ee702b3aa4b06d72ed20d06c0A vulnerability within the vmx86 driver allows an attacker to specify a memory address within the kernel and have the memory stored at that address be returned to the attacker. VMWare Workstation version 10.0.0.40273 is affected.
bf4905c643bfb35f7aa1fcf8969c9ca0cce46972723b84fbd81cf253c06f8385E-Bay has failed to fix six month old cross site scripting issues in Magento E-Commerce.
b6103fbae29d2285801cfb9ed7afdf2cb519b2c238e80e901a7808a266bd316eFreeBSD Security Advisory - Although OpenSSH is not multithreaded, when OpenSSH is compiled with Kerberos support, the Heimdal libraries bring in the POSIX thread library as a dependency. Due to incorrect library ordering while linking sshd(8), symbols in the C library which are shadowed by the POSIX thread library may not be resolved correctly at run time. Note that this problem is specific to the FreeBSD build system and does not affect other operating systems or the version of OpenSSH available from the FreeBSD ports tree. An incorrectly linked sshd(8) child process may deadlock while handling an incoming connection. The connection may then time out or be interrupted by the client, leaving the deadlocked sshd(8) child process behind. Eventually, the sshd(8) parent process stops accepting new connections. An attacker may take advantage of this by repeatedly connecting and then dropping the connection after having begun, but not completed, the authentication process.
8268d282b64535e24bba05832891f3e53bd3a51e05846e68a5926dd47bf5e566D-Link DAP-1360 suffers from cross site request forgery, abuse of functionality, and brute force vulnerabilities.
13f055196ecbe9cc753181069533bed0e6bb0ed7dacc0f0f288626122f658c53Red Hat Security Advisory 2014-1803-01 - mod_auth_mellon provides a SAML 2.0 authentication module for the Apache HTTP Server. An information disclosure flaw was found in mod_auth_mellon's session handling that could lead to sessions overlapping in memory. A remote attacker could potentially use this flaw to obtain data from another user's session. It was found that uninitialized data could be read when processing a user's logout request. By attempting to log out, a user could possibly cause the Apache HTTP Server to crash.
bace11b023f51bec854dbba74876c1b28bf5a08128b9b8731372afea85f15b8cDebian Linux Security Advisory 3064-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. It has been decided to follow the stable 5.4.x releases for the Wheezy PHP packages. Consequently the vulnerabilities are addressed by upgrading PHP to a new upstream version 5.4.34, which includes additional bug fixes, new features and possibly incompatible changes. Please refer to the upstream changelog for more information.
86198ac74581d1b8e64cfabee05b0965d5cbcc64967110b550e4aed43f5368d6Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
daee4486bc231e8206b8e28723806917c63d00403bd318b83e149d436f28c414Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
886c74b591706f896149fe74adb481b58c549d32243d0cf620b46dfdd25dc66dThis Metasploit module exploits a post-auth vulnerability found in X7 Chat versions 2.0.0 up to 2.0.5.1. The vulnerable code exists on lib/message.php, which uses preg_replace() function with the /e modifier. This allows a remote authenticated attacker to execute arbitrary PHP code in the remote machine.
a2b589b509418491b055a24abe22347f72177b3719a6768da42a90f3ad84e5e0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed