WeBaCoo (Web Backdoor Cookie) is a web backdoor script-kit, aiming to provide a stealth terminal-like connection over HTTP between client and web server. It is a post exploitation tool capable to maintain access to a compromised web server. WeBaCoo was designed to operate under the radar of modern up-to-dated AV, NIDS, IPS, Network Firewalls and Application Firewalls, proving a stealth mechanism to execute system commands to the compromised server. The obfuscated communication is accomplished using HTTP header's Cookie fields under valid client HTTP requests and relative web server's responses.
586fbad973ea45413a2213504358a5aee068c791511b7cdb2756e9cc84cdcf2cThere is an issue in certain HTC builds of Android that can expose the user's 802.1X Wi-Fi credentials to any program with basic WI-FI permissions. When this is paired with the Internet access permissions, which most applications have, an application could easily send all stored Wi-Fi network credentials (user names, passwords, and SSID information) to a remote server. This exploit exposes enterprise-privileged credentials in a manner that allows targeted exploitation.
0f1f884293be7c157dae7524d07b52f3e98942abbb190033ad8347e26153addcThis Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below by sending an malicious packet.
511f64f5e1e6f3db59de9b6a6c43ae3aaf55d251853f709490e4c55d464cb353This Metasploit module exploits a stack buffer overflow in Wireshark versions 1.4.4 and below. When opening a malicious .pcap file in Wireshark, a stack buffer overflow occurs, resulting in arbitrary code execution.
acc61f711bf3fc96f88a363a4b7cccba3e7feabb4a6da3f77f3cf131516df027EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system.
19646ed85ddfc22151746ef55a992a6a2d7dc26304edb39cc0f04a0afcf2ff4aswDesk suffers from cross site scripting, PHP code injection and shell upload vulnerabilities.
fa983a2d4a4eed5643f7d022b1403ee7611d425e992bcc6fd99fcde12cf183ddProof of concept exploit that demonstrates the Webkit normalize bug for Android version 2.2.
244bad90d80a9f711cca8c04c923a5cf6711b19dd5d8fd825a9ff5f660d5ab2dThe Joomla Currency Converter module suffers from a cross site scripting vulnerability.
17676f0ac59ba435bf5211fec6a7531485c3d65359f7793062fbaf97594f387ciknSupport suffers from a cross site scripting vulnerability.
d2a5015a64a7e23f82a1592c23907b912f215033d30362928b61f5d515bf791fSmartyCMS version 0.9.4 suffers from a cross site scripting vulnerability in the template module.
3805f965b9dce94554411cc59a2a33f1e57d235ef1aa6e4fe89e2a264fc7f8c3The Joomla BNF component suffers from a remote SQL injection vulnerability.
b81d32166fc2a54dc5ff2d39434bdc459a5bba282ae0c296123d77f375832467OpenEMR version 4.1.0 suffers from local file inclusion and arbitrary command execution vulnerabilities.
aeb45ca876c22fbb0b013302962406c9de617641da105d221405ecc194efebf2SiT! Support Incident Tracker version 3.64 suffers from cross site scripting, cross site request forgery and remote SQL injection vulnerabilities.
555182c560b0b38786cf6e490054714bb220159a57b8b0956fa30f34d0a07b73Bugzilla versions 2.0 to 3.4.13, 3.5.1 to 3.6.7, 3.7.1 to 4.0.3, and 4.1.1 to 4.2rc1 suffer from account impersonation and cross site request forgery vulnerabilities.
560346be23f079df3dc6e695ad900afe6cf62f38a273b1c862bf04929d4ef911Apache HTTP Server version 2.2.22 has been released. It addresses a wide array of vulnerabilities ranging from denial of service to integer overflow issues.
85672817e23c25e72bd6c9922fb22ec525d83fee8b06bd7f90f95794e0e9561dphpldapadmin versions 1.2.2 and Debian build 1.2.0.5 suffer from cross site scripting vulnerabilities.
7cfe6ebd8017974a319f808c28e972c8fe247ed242b748dafce3d9cac4112c36Red Hat Security Advisory 2012-0089-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss ON 2.4.2 release serves as a replacement for JBoss ON 2.4.1, and includes several bug fixes.
7178588f30ba4bd4d6f52da97027502090e75fdc4cc09fcce68a551d4ef378f1Red Hat Security Advisory 2012-0086-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake.
f32422af624aca0e8358af4e1be4d6b04182fcdfd359eb13369111bdeb1e0c03Ubuntu Security Notice 1354-1 - It was discovered that usbmuxd did not correctly perform bounds checking when processing the SerialNumber field of USB devices. An attacker with physical access could use this to crash usbmuxd or potentially execute arbitrary code as the 'usbmux' user.
ac6ebe3e80c94ef71b87596fed3b9abc035eac39b47350d22b2067cd1b78886dRed Hat Security Advisory 2012-0085-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. The same-origin policy in Thunderbird treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
fe4d73c0e1fcfc4fc1ff96734d69098c1227b4827555ab95f7dcc0b4b1d719bfRed Hat Security Advisory 2012-0084-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. The same-origin policy in SeaMonkey treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
39ff68cd83efc384bf01448850de7e3a08a5b5755f99a6396e8299ecd7c70391
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed