FreeBSD local denial of service exploit that causes a forced reboot.
74e9ff916c830d783aa31aad9f51279b50bb6492d981404c7bf0b44fa6c5ff5428 bytes small execve(/bin/sh) Linux/x86 shellcode.
f110cec41bd0509221fb58aebe8b1f0931c65ac9acecece227d1817f7628559ePHP Script Directory Software suffers from a remote SQL injection vulnerability.
5f253844aa6aaf6311db2795e28e8fb5ca53f9a19c227fa6c0a8a6f488101fe3WM Downloader version 3.1.2.2 2010.04.15 .m3u file buffer overflow exploit with DEP bypass.
7cadac710a443dbd30fcec1a6323a195ed9936803f39c055d005ea763e3bbd23PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
e06110e2b20079e0d9fb1b832cdcf370b6219a06289390dfd813e33087d1d1f6Zero Day Initiative Advisory 11-033 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Realnetworks Realplayer SP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the vidplin.dll module. A buffer is allocated according to the user supplied length value. User supplied data is then copied into the allocated buffer, without verifying length, allowing the data to be written past the bounds of the previously allocated buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user running RealPlayer.
4f7950d9ccf3d68425f9191e5a7209d82c5c781ecff8aa6a2fee13835b4b1f2bDebian Linux Security Advisory 2152-1 - Sebastian Krahmer discovered a buffer overflow in the SNMP discovery code of the HP Linux Printing and Imaging System, which could result in the execution of arbitrary code.
0df6f5b11ac25a100ac343d9019576add718e67970fb289d33591ed5333270e8Zero Day Initiative Advisory 11-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of multiple Symantec products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Intel Alert Originator (iao.exe) service. While processing messages sent from the msgsys.exe process a size check can be bypassed and a subsequent stack-based buffer overflow can be triggered. This can be leveraged by remote attackers to execute arbitrary code under the context of the Alert service.
c66e997ca909ee69d691b418c9af54257ad3ef41ac951045ce3fe41ece7cfba0Zero Day Initiative Advisory 11-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. The DLL allocates a fixed length stack buffer and subsequently copies a user-supplied pin number string using sprintf without validating the size. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the vulnerable daemon.
9103f2f8bde5dc8bae7d14c1434a934a1d5d3d0af76a5626963e2a56a0d79579Zero Day Initiative Advisory 11-030 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. The DLL allocates a fixed length stack buffer and subsequently copies a user-supplied modem string without validating the size. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the vulnerable daemon.
5582eb66895609940331c18a336a7faf107bac4bf5c35e9a3be4db447ed8e117Ubuntu Security Notice 1052-1 - It was discovered that the JNLP SecurityManager in IcedTea for Java OpenJDK in some instances failed to properly apply the intended security policy in its checkPermission method. This could allow an attacker execute code with privileges that should have been prevented.
7b17cc6f05973bd79811492179b2b66c2f3275af2843ddc9ebae4ac3103af427Zero Day Initiative Advisory 11-029 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HDNLRSVC.EXE service while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. This process passes user-supplied data directly to a CreateProcessA call. By supplying a UNC path to a controlled binary a remote attacker can execute arbitrary code under the context of the vulnerable daemon.
7374c4395937828b4c9608b5274a8438294d68ae60ae99dea9195de9b79871b6Zero Day Initiative Advisory 11-028 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AMSLIB.dll module while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. The DLL allocates a fixed length stack buffer and subsequently copies a user-supplied string using memcpy without validating the size. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the vulnerable daemon.
089534d8e241bfd9582905aa5c96f9b5ef41c1541a8cdde40fa0a1612acdc0daVUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "gwwww1.dll" module when processing the "TZID" variable within VCALENDAR data, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges. Novell GroupWise versions 8.02 HP 1 (Hot Patch 1) and prior are affected.
557a0d52962a3aa35a46283e0d6a0cfda538de61310dc2fbd2a456f7e11679c3HP Security Bulletin HPSBMA02626 SSRT100301 - A potential security vulnerability has been identified with HP OpenView Storage Data Protector. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
6a5d144de2e59fa328472770123f025419e67db0b1c7bb92a5d2f72a8366cd20The OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
9de08a12ff30a6bd1ca1d89eaf33d5e028b028bc4a19f273f13850688bea32fdA vulnerability exists in EMC NetWorker which can be exploited to potentially create a denial of service condition or eavesdrop on process communications. EMC Networker uses an RPC library to provide a portmapper service within nsrexecd. The portmapper restricts access for service commands to the localhost. However, the UDP protocol allows malicious users to spoof the source address of the network packet making it appear it originated from the localhost. This potentially may allow a remote malicious user to unregister existing NetWorker RPC services or register new RPC services. EMC NetWorker versions 7.5.3.5, 7.5 SP4 and later, and 7.6.1.2 and later are affected.
21660399dbf1d185b83eda092d0c5dc4da4a6779f9b2ea910ce9b02233783449KaiBB version 1.0.2 suffers from a cross site request forgery vulnerability.
7a28f4a1fe10f764356da1f62bcbd1a7999df21aad02f80f0146a1c8bd0ba117Lomtec ActiveWeb Professional 3.0 CMS allows for arbitrary file upload and execution as SYSTEM in ColdFusion.
78494c3386ff463a2ce2a536380cd254dc574d5098b1fb4f4bc4d3c6534f5261Polycom SoundPoint IP devices (IP phones) are vulnerable to denial of service attacks. Sending a HTTP GET request with a broken Authorization header causes a device restart after ~60 seconds.
a78894c7aae31beb25c89dc9a45ca6c2fbe30f26982a9bda17bb1eb156c2a216Comerciosonline CMS 5.6 suffers from a remote SQL injection vulnerability.
1dfdfb268510b8f456f24a42c54a0275f03ddcb1dd8a0af65a52d5b3f323c834Vanilla Forums version 2.0.16 suffers from a cross site scripting vulnerability.
e37155777c542c0a1b82329070dda63bce568aa31bb562e2a85892d2601dbb9eHycus CMS version 1.0.3 suffers from a path disclosure vulnerability.
9e9b7e185377ac957dede68c122016d64c6b2ae8dba8e47d305e96c975286831BLOG:CMS version 4.2.1.f suffers from a path disclosure vulnerability.
5a0e18a8fedf71824436e0362bf68c2075ddda6dddf1cca7aca4ea9446ddec0c71 different applications suffer from path disclosure vulnerabilities.
c09bd612dececc35c3aa2ed7ac7408eb5e85dcc00323899f103b29c64722dd94
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed