Zero Day Initiative Advisory 11-234 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the Cas_LogDirectInsert.aspx http handler, which listens by default on TCP port 443. A specially crafted POST request allows remote attackers to supply XML and schema information which is used within queries to the backend database. By supplying malicious values, an attacker can inject themselves a user account which can be used to execute code via the management console on the service.
cf390095e89625476a0f046f70e8bcb8ec84863ff95cb6cd3d3f36d4d1af8d7fUbuntu Security Notice 1166-1 - Stephane Chauveau discovered that OProfile did not properly perform input validation when processing arguments to opcontrol. A local user who is allowed to run opcontrol with privileges could exploit this to run arbitrary commands as the privileged user. Stephane Chauveau discovered a directory traversal vulnerability in OProfile when processing the --save argument to opcontrol. A local user could exploit this to overwrite arbitrary files with the privileges of the user invoking the program. Various other issues were also addressed.
e4e70cdf618bdeae8b00d6da6a22649d39c9176779b6d7252363d61fdc7c3d1cICMusic CMS version 1.2 suffers from a remote SQL injection vulnerability.
7c43541ceb92b83596372dad213e5f476051e16319f418205bfc878e11e5d1b0Tugux CMS version 1.2 suffers from cross site scripting and remote blind SQL injection vulnerabilities.
1f9a246f7dbc21b4b2e261cf9980dee0e0b9187890fd39200f9a627818533f85Prontus CMS suffers from a cross site scripting vulnerability.
1cb83494cb11deff0ef2e5ac4b73d4918a45fd548bac44250d3e91eb86babc02This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation.
e4427d5468cdea58f2f78c268fd4dfef942c4d3deff183d345a2ca145d77d671Mediatek Net suffers from a remote SQL injection vulnerability.
7eabafb2de111ca659c1085711677d003e2af0f1ac7adb19e74b978513e56e9301Communication suffers from a remote SQL injection vulnerability.
08c3bf88e0e9bbdcfaf198aea62c4272c02a4f470cf8d2ada55a75c3815c2358The scheda.php script provided by Dotflorence.com suffers from a remote SQL injection vulnerability.
e57b55f5f1ba9ced6e34fe9100e4f976cb9ba520ecc6d5a65bacc69b4dc2e3fcFluency suffers from a remote SQL injection vulnerability.
39ced52949d0dcdd6f720c4de229cf1d6d62e60f554023525c4537d4446ba422Debian Linux Security Advisory 2277-1 - It has been discovered that xml-security-c, an implementation of the XML Digital Signature and Encryption specifications, is not properly handling RSA keys of sizes on the order of 8192 or more bits. This allows an attacker to crash applications using this functionality or potentially execute arbitrary code by tricking an application into verifying a signature created with a sufficiently long RSA key.
671c9d059c3eb110c989e5c2032c29907a69a1738a8a70c59d9c414cfb7fe5ffDebian Linux Security Advisory 2276-1 - Paul Belanger reported a vulnerability in Asterisk identified as AST-2011-008 (CVE-2011-2529) through which an unauthenticated attacker may crash an Asterisk server remotely. A package containing a null char causes the SIP header parser to alter unrelated memory structures.
5d3e989eaa286ad0c7f2048fdbc822acd7e1fd937ef15d76ebdc387ac6c02044DNS invalid compression denial of service proof of concept exploit.
a57ca41cde4250ec1f40dc738e245387585219e4683c4c2c142bd993765af5efThis Metasploit module exploits a code execution vulnerability in Mozilla Firefox 3.6.x <= 3.6.16 and 3.5.x <= 3.5.17 found in nsTreeSelection. By overwriting a subfunction of invalidateSelection it is possible to free the nsTreeRange object that the function currently operates on. Any further operations on the freed object can result in remote code execution. Utilizing the call setup the function provides it's possible to bypass DEP without the need for a ROP. Sadly this exploit is still either dependent on Java or bound by ASLR because Firefox doesn't employ any ASLR-free modules anymore.
bd0456bbc29964266747946f68aee47392e1ba55e7169a60b1f4a5db2ea04eddSecunia Security Advisory - Fedora has issued an update for firefox, thunderbird, and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
e9e1e392ae11eb349b80b770793313e0f4727da732b0978c859f7fbdddcf489aSecunia Security Advisory - Debian has issued an update for asterisk. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
2db0eda94f1a03722c06603bc338726ba1a4c8814fcc489ca12253adcc5e026dSecunia Security Advisory - ACROS Security has discovered a vulnerability in Sun Java, which can be exploited by malicious people to compromise a user's system.
f21e1ef0240e56fa1804a85294ad65f5c9d608307a18e384aaa57a688c42f774Secunia Security Advisory - Debian has issued an update for xml-security-c. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.
2b4a6bf8ec9cb5c86e139c69baaf46872f7fa1d6875aeb20bd957b65748c0715Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
ad66a19809a75f80e342e8c8f4b0a890b6f384ae2b4dd82b5cd1ce08b17ab438JOmega CMS suffers from multiple remote SQL injection vulnerabilities.
0b23209662d046ea82494c538653f6cc17d2a7dde6822c509b166216fb2e1a25Tugux CMS version 1.2 remote arbitrary file deletion vulnerability.
b322ce3279d241071e6638005f0f9486916adab50fcebbdaf25046904c8aa330Konrad-Adenauer-Stiftung suffers from a remote SQL injection vulnerability.
aa79e78ed93b1cb1127cc7225d8736ce590f11573182eb95ec0b0c5367dc5de7FreeFloat FTP server LIST buffer overflow exploit that spawns a bindshell on port 4444.
0ed6faf86d1867d6ebbda61da064294ee31c57eccdda6380d9776864b22b4121
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed