This Metasploit module exploits a stack buffer overflow in Dup Scout Enterprise version 10.0.18. The buffer overflow exists via the web interface during login. This gives NT AUTHORITY\SYSTEM access.
26ff0f7d30dcb4009b02b3daa319c7bfThis Metasploit module exploits a stack buffer overflow in Advantech WebAccess version 8.2. By sending a specially crafted DCERPC request, an attacker could overflow the buffer and execute arbitrary code.
84628f5a2ed1fc38ada967ebdff3e267This Metasploit module exploits a Clickjacking vulnerability in pfSense versions 2.4.1 and below. pfSense is a free and open source firewall and router. It was found that the pfSense WebGUI is vulnerable to Clickjacking. By tricking an authenticated admin into interacting with a specially crafted webpage it is possible for an attacker to execute arbitrary code in the WebGUI. Since the WebGUI runs as the root user, this will result in a full compromise of the pfSense instance.
88144d72abf1d2945664621d86be2cbcFortiClient stores the VPN authentication credentials in a configuration file (on Linux or Mac OSX) or in registry (on Windows). The credentials are encrypted but can still be recovered since the decryption key is hardcoded in the program and the same on all installations. Above all, the aforementioned storage is world readable, which actually lays the foundation for the credential recovery. Versions prior to 4.4.2335 on Linux, 5.6.1 on Windows, and 5.6.1 on Mac OSX are vulnerable.
515984bab47162e05e8a7da2b63fa483Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on PAN-OS versions 6.1.18 and earlier, PAN-OS versions 7.0.18 and earlier, PAN-OS versions 7.1.13 and earlier, and PAN-OS versions 8.0.5 and earlier. Full details provided.
db7bfd1aa5298db5960daae8338a30f3Qualys has discovered a memory leak and a buffer overflow in the dynamic loader (ld.so) of the GNU C Library (glibc).
627d9c13d012677a6feb6b4514cbb8e3Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an authentication bypass vulnerability.
c9529fb287c20dc6b7600d4cb6aeb966Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an arbitrary file upload vulnerability.
cea75b62b1121f93f0200e9c1039ce2eMeinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an arbitrary file read vulnerability.
936472311cac9ef43b96368a13aa0968Fisheye and Crucible did not check that the name of a file in a Mercurial repository contained argument parameters. An attacker who has permission to add a repository or commit to a mercurial repository tracked by Fisheye or Crucible, can execute code of their choice on systems that run a vulnerable version of Fisheye or Crucible. All versions of Fisheye and Crucible before 4.4.3 (the fixed version for 4.4.x) and from 4.5.0 before 4.5.1 (the fixed version for 4.5.x) are affected by this vulnerability.
1d097304cc3b2e15850838305b666f09Zivif PR115-204-P-RS cameras version 2.3.4.2103 suffer from authentication bypass, command injection, and hardcoded password vulnerabilities.
c34cc75d39516718e28358cc3f925ed6EMC Isilon OneFS versions 7.x and 8.x suffer from a privilege escalation vulnerability. They contain an issue where a 'compadmin' user can potentially run restricted system commands with elevated (root) privilege on a cluster in compliance mode.
d5de14ab1bb0cab1cd04f047522b8304Ubuntu Security Notice 3513-1 - It was discovered that libxml2 incorrectly handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
5f0c6e9dd48d371fcb17dd3dc1b03e46Red Hat Security Advisory 2017-3442-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql57-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.
62c861845805d805e1227eab185a3545Red Hat Security Advisory 2017-3427-01 - The Red Hat Enterprise Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource management, live migrations, and virtual infrastructure provisioning. The Manager is a JBoss Application Server application that provides several interfaces through which the virtual environment can be accessed and interacted with, including an Administration Portal, a User Portal, and a Representational State Transfer Application Programming Interface .
4359bb1ea597517da64eacfe0ee4da9eUbuntu Security Notice 3513-2 - USN-3513-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that libxml2 incorrectly handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. Various other issues were also addressed.
78aa525ffeec9045f494a22a36c5e7e2Red Hat Security Advisory 2017-3452-01 - Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. Security Fix: It was discovered that Lucene's XML query parser did not properly restrict doctype declaration and expansion of external entities. An attacker with access to an application using a Lucene XML query parser could exploit this flaw to perform XML eXternal Entity attacks.
0cf279b0be3ca49556ec283b8a84e4b4Red Hat Security Advisory 2017-3451-01 - Apache Lucene is a high-performance, full-featured text search engine library written entirely in Java. It is a technology suitable for nearly any application that requires full-text search, especially cross-platform. Security Fix: It was discovered that Lucene's XML query parser did not properly restrict doctype declaration and expansion of external entities. An attacker with access to an application using a Lucene XML query parser could exploit this flaw to perform XML eXternal Entity attacks.
bc6baf9fcb7346cbdd4c4cfb54217a81This Microsoft bulletin summary holds additional information regarding Microsoft security updates for December, 2017 including additional updates for patches released on the 12th.
fd5df57b0e0a9609a72e5c20a6c9b87cThis Microsoft bulletin summary holds information regarding Microsoft security updates for December, 2017.
8ebb6769176dd1c26d2c808ad1b77c27Apple Security Advisory 2017-12-12-2 - AirPort Base Station Firmware Update 7.7.9 is now available and addresses memory corruption and logic issues.
e1cdf5ab2cffd7c01cb489bb82c0defaApple Security Advisory 2017-12-12-1 - AirPort Base Station Firmware Update 7.6.9 is now available and addresses logic issues.
b078c392c424da9a2245b264d45ecec2Accesspress Anonymous Post Pro versions prior to 3.2.0 suffers from an arbitrary file upload vulnerability.
dc666e20199943e91f8df230dbe397fcJoomla! JBuildozer component version 1.4.1 suffers from a remote SQL injection vulnerability.
b95d34e92c1cc7f5191068d8cde1471bPS4 Remote Play version 2.5.0.9220 suffers from a dll hijacking vulnerability.
75dc08c32f295ed4d0c576c54e2e2294
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed