WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.
586fbad973ea45413a2213504358a5aee068c791511b7cdb2756e9cc84cdcf2c
There is an issue in certain HTC builds of Android that can expose the user's 802.1X Wi-Fi credentials to any program with basic WI-FI permissions. When this is paired with the Internet access permissions, which most applications have, an application could easily send all stored Wi-Fi network credentials (user names, passwords, and SSID information) to a remote server. This exploit exposes enterprise-privileged credentials in a manner that allows targeted exploitation.
0f1f884293be7c157dae7524d07b52f3e98942abbb190033ad8347e26153addc
This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below by sending an malicious packet.
511f64f5e1e6f3db59de9b6a6c43ae3aaf55d251853f709490e4c55d464cb353
This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below. When opening a malicious .pcap file in Wireshark, a stack buffer overflow occurs, resulting in arbitrary code execution.
acc61f711bf3fc96f88a363a4b7cccba3e7feabb4a6da3f77f3cf131516df027
EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system.
19646ed85ddfc22151746ef55a992a6a2d7dc26304edb39cc0f04a0afcf2ff4a
swDesk suffers from cross site scripting, PHP code injection and shell upload vulnerabilities.
fa983a2d4a4eed5643f7d022b1403ee7611d425e992bcc6fd99fcde12cf183dd
Proof of concept exploit that demonstrates the Webkit normalize bug for Android version 2.2.
244bad90d80a9f711cca8c04c923a5cf6711b19dd5d8fd825a9ff5f660d5ab2d
The Joomla Currency Converter module suffers from a cross site scripting vulnerability.
17676f0ac59ba435bf5211fec6a7531485c3d65359f7793062fbaf97594f387c
iknSupport suffers from a cross site scripting vulnerability.
d2a5015a64a7e23f82a1592c23907b912f215033d30362928b61f5d515bf791f
SmartyCMS version 0.9.4 suffers from a cross site scripting vulnerability in the template module.
3805f965b9dce94554411cc59a2a33f1e57d235ef1aa6e4fe89e2a264fc7f8c3
The Joomla BNF component suffers from a remote SQL injection vulnerability.
b81d32166fc2a54dc5ff2d39434bdc459a5bba282ae0c296123d77f375832467
OpenEMR version 4.1.0 suffers from local file inclusion and arbitrary command execution vulnerabilities.
aeb45ca876c22fbb0b013302962406c9de617641da105d221405ecc194efebf2
SiT! Support Incident Tracker version 3.64 suffers from cross site scripting, cross site request forgery and remote SQL injection vulnerabilities.
555182c560b0b38786cf6e490054714bb220159a57b8b0956fa30f34d0a07b73
Bugzilla versions 2.0 to 3.4.13, 3.5.1 to 3.6.7, 3.7.1 to 4.0.3, and 4.1.1 to 4.2rc1 suffer from account impersonation and cross site request forgery vulnerabilities.
560346be23f079df3dc6e695ad900afe6cf62f38a273b1c862bf04929d4ef911
Apache HTTP Server version 2.2.22 has been released. It addresses a wide array of vulnerabilities ranging from denial of service to integer overflow issues.
85672817e23c25e72bd6c9922fb22ec525d83fee8b06bd7f90f95794e0e9561d
phpldapadmin versions 1.2.2 and Debian build 1.2.0.5 suffer from cross site scripting vulnerabilities.
7cfe6ebd8017974a319f808c28e972c8fe247ed242b748dafce3d9cac4112c36
Red Hat Security Advisory 2012-0089-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss ON 2.4.2 release serves as a replacement for JBoss ON 2.4.1, and includes several bug fixes.
7178588f30ba4bd4d6f52da97027502090e75fdc4cc09fcce68a551d4ef378f1
Red Hat Security Advisory 2012-0086-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake.
f32422af624aca0e8358af4e1be4d6b04182fcdfd359eb13369111bdeb1e0c03
Ubuntu Security Notice 1354-1 - It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the 'usbmux' user.
ac6ebe3e80c94ef71b87596fed3b9abc035eac39b47350d22b2067cd1b78886d
Red Hat Security Advisory 2012-0085-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. The same-origin policy in Thunderbird treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
fe4d73c0e1fcfc4fc1ff96734d69098c1227b4827555ab95f7dcc0b4b1d719bf
Red Hat Security Advisory 2012-0084-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. The same-origin policy in SeaMonkey treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
39ff68cd83efc384bf01448850de7e3a08a5b5755f99a6396e8299ecd7c70391