This Metasploit module exploits a bug in futex_requeue in the linux kernel. Any android phone with a kernel built before June 2014 should be vulnerable.
78f789dafc84bef7347723159caaa530WordPress Shopping Cart (WP EasyCart) Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /inc/amfphp/administration/banneruploaderscript.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server. In versions 3.0.8 and below authentication can be done by using the WordPress credentials of a user with any role. In later versions, a valid EasyCart admin password will be required that is in use by any admin user. A default installation of EasyCart will setup a user called "demouser" with a preset password
3b4a1be7a90f5f76e744919a1666c4c8Ubuntu Security Notice 2496-1 - Michal Zalewski discovered that the setup_group function in libbfd in GNU binutils did not properly check group headers in ELF files. An attacker could use this to craft input that could cause a denial of service (application crash) or possibly execute arbitrary code. Hanno Boeck discovered that the _bfd_XXi_swap_aouthdr_in function in libbfd in GNU binutils allowed out-of-bounds writes. An attacker could use this to craft input that could cause a denial of service (application crash) or possibly execute arbitrary code. Various other issues were also addressed.
0767f28e5395da3b8777e73edf45c05du5CMS version 3.9.3 suffers from multiple remote SQL injection vulnerabilities.
30c6bb41ddb49fe6d41990ba2286dadfu5CMS version 3.9.3 suffers from a remote arbitrary file deletion vulnerability.
505e88e353921d8947fa73420e903ea7It was possible to craft a malformed chunk as part of a chunked request that caused Tomcat to read part of the request body as a new request. Versions affected include Apache Tomcat 8.0.0-RC1 to 8.0.8, 7.0.0 to 7.0.54, and 6.0.0 to 6.0.41.
c03d0028c62118f50360caf7a44eb2d1Wireless File Transfer Pro version 1.0.1 suffers from multiple cross site request forgery vulnerabilities.
16631ccfd6f0837f933065a04d09cd66Radexscript CMS version 2.2.0 suffers from a remote SQL injection vulnerability.
06935fceb072b9d40d92922644ce60a8u5CMS version 3.9.3 suffers from multiple open redirect vulnerabilities.
18f64fdefc216470d5d4260b3bce9625WordPress Contact Form DB plugin version 2.8.26 suffers from a cross site scripting vulnerability.
fd418f1adab3041547aa1ac492442683u5CMS version 3.9.3 suffers from a local file inclusion vulnerability.
37cca676f2a740dad98721afe21a5c80WordPress Cart66 Lite plugin version 1.5.4 suffers from a cross site scripting vulnerability.
33a804924115b0f00cc6aad3ee4543c8WordPress Acobot Live Chat and Contact Form plugin version 2.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
b1502148477b4d4eecd9e1f9d6d618dcHP Security Bulletin HPSBGN03252 1 - A potential security vulnerability has been identified with HP AppPulse Active running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
63f3eec9223af975cb543593ca5cd775Debian Linux Security Advisory 3157-1 - Multiple vulnerabilities were discovered in the interpreter for the Ruby language.
d73d81cf5b01b893dcb17767e9195800Ubuntu Security Notice 2497-1 - Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. Stephen Roettger discovered that NTP incorrectly handled ACLs based on certain IPv6 addresses.
1c1066ed5e8e2f1c780fd8a97e9661fcDebian Linux Security Advisory 3156-1 - A vulnerability was found in liveMedia, a set of C++ libraries for multimedia streaming. RTSP messages starting with whitespace were assumed to have a zero length, triggering an integer underflow, infinite loop, and then a buffer overflow. This could allow remote attackers to cause a denial of service (crash) or arbitrary code execution via crafted RTSP messages.
44bd36308c84b56e2432eff8a14041ecDebian Linux Security Advisory 3154-2 - Marc Deslauriers reported that the patch applied to ntp for CVE-2014-9297 in DSA 3154-1 was incomplete. This update corrects that problem.
16064b875ef57548fef793ffbc6fe7cfHP Security Bulletin HPSBMU03216 2 - Potential security vulnerabilities have been identified with HP Service Manager running SSLv3. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), unauthorized access or disclosure of information. Revision 2 of this advisory.
b5babfa0f5e54df79df4f54e832a61bfHP Security Bulletin HPSBGN03254 1 - A potential security vulnerability has been identified with HP Service Health Analyzer running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
835535fdd9a59a2b9fe0c67d1bd2a175HP Security Bulletin HPSBMU03224 1 - A potential security vulnerability has been identified with HP LoadRunner and Performance Center, Load Generator Virtual Machine Images, running Windows. The vulnerability in Windows running in virtual machine images provided with LoadRunner and Load Generator could be exploited remotely to allow elevation of privilege. Revision 1 of this advisory.
3806f65e2b251ef4b907dba624f36a5fHP Security Bulletin HPSBGN03253 1 - A potential security vulnerability has been identified with HP Business Process Insight (BPI) running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
105ea9ce3ae48d303cb3c282833b9b73HP Security Bulletin HPSBUX03235 SSRT101750 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.
032523413e9b44fdc3628bab55e686e9HP Security Bulletin HPSBUX03166 SSRT101489 2 - A potential security vulnerability has been identified in the HP-UX running PAM using libpam_updbe in pam.conf(4). This vulnerability could allow remote users to bypass certain authentication restrictions. Revision 2 of this advisory.
bf914b2fdcc8200024fb6b5b9a0e91f9Debian Linux Security Advisory 2978-2 - It was discovered that the update released for libxml2 in DSA 2978 fixing CVE-2014-0191 was incomplete. This caused libxml2 to still fetch external entities regardless of whether entity substitution or validation is enabled.
ca3d8ab14760cab807bd38daca4989a9
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed