This perl script leverages /proc/self/environ to attempt getting code execution out of a local file inclusion vulnerability.
bd77eecfb380be0b2302b89fd25fafe9ee987dadd671f7e40d057f74b0ce0adeSecunia Security Advisory - Some vulnerabilities have been reported in IBM WebSphere Commerce Enterprise, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of service).
1815ebeeea8924e8905d4c362093735204793497b3fc3e626166ab6f92697de4Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
059bca242001d3d7ec02e3ffd216b78d93db6108bae6a8bd3ada1151b25e4cfdSecunia Security Advisory - A vulnerability has been reported in Cerberus FTP Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.
232d93eacee901efa8f2126c0f3ccf877c08ec3c8850d1b7391f549e42ab79c5Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in OpenSSL included in Oracle SPARC Enterprise M Series, where one has unknown impacts and the others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, or cause a DoS (Denial of Service).
bbb8f8115c47841735f14d5549f49263b66c395697b00f7a8bcc60755d088918Secunia Security Advisory - Gentoo has issued an update for libtasn1. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
395a52dd6140d88555e2b444482ac6d9983d00ea5075d4902492daed2dde28cfSecunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
6b4b29e8447119f7f55a30dc0f58e34623ee22fbb1b430dff0f34556bca79725Secunia Security Advisory - A vulnerability has been reported in JAMF Casper Suite, which can be exploited by malicious people to conduct cross-site request forgery attacks.
9927943f83f5a4b8ef85c35692acc13e587dc9823f9bd6fc6bfbe31d1c91538bSecunia Security Advisory - Parvez Anwar has discovered a vulnerability in Foxit Reader, which can be exploited by malicious people to compromise a user's system.
d37d73194424e28b6a1feb17b733cace1db58d857f8acbe4d5b0d33b6ec86f2dSecunia Security Advisory - IBM has acknowledged a vulnerability in IBM Sterling Secure Proxy, which can be exploited by malicious people to cause a DoS (Denial of Service).
5472528ccad8cf16baab9e864a50a1df9be7c7b2bddf91cd70385da36612b937Secunia Security Advisory - Gentoo has issued an update for opera. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
22ea625a71571e58d9ce5bcec689dab7234f0ab30f056afe07f44e5803d44ff6Secunia Security Advisory - DigiP has reported a vulnerability in the Archin theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
824e61a84786425669df94df44c16ee4226726627aa92e53c58dbfdbb9475464Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in ViArt Shop, which can be exploited by malicious people to compromise a vulnerable system.
55aa2b397318391f2cdca2236eca2292bef03f2c0017664ae77aa713fa6587a4Secunia Security Advisory - Ubuntu has issued an update for rubygems. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
cb75af46a04c3ae8111b762246ff4b793f55b7c95f2fa17279d7e7c534dc34d7This Metasploit module exploits an arbitrary code execution backdoor placed into phpMyAdmin version 3.5.2.2 through a compromised SourceForge mirror.
59077add4c187d53c147d92602048e756381c136f672e418d6ccc8272b22fa12ViArt Shop Enterprise version 4.1 suffers from an arbitrary command execution vulnerability.
69353825c81b3b5696280fe717952c4cc87fb13200a9b37925b2a714cc7bd893ViArt Shop Enterprise version 4.1 suffers from multiple stored cross site scripting vulnerabilities.
00063469483e02daf3fcd7001cdf2570115352b637dc37bcb2e18986107d2d9cYingZhi Python version 1.9 application for iOS allows for arbitrary file uploads to the root WWW directory and also has a ftp server directory traversal vulnerability that forces no authentication.
dd481a7d02e448e69e88b80af5a9bce38fe30a0e912040a9b5f2d81914099c34ViArt Shop Evaluation version 4.1 suffers from a remote file inclusion vulnerability.
02717033383934fa8dc9251d060608c48e547159abdaef24db57a37c89e26680MaxForum version 2.0.0 suffers from a local file inclusion vulnerability.
6b6af0124afc2d1945d6ac862846413bbf00fb12e531f0e3f7b907907568a37cUbuntu Security Notice 1582-1 - John Firebaugh discovered that the RubyGems remote gem fetcher did not properly verify SSL certificates. A remote attacker could exploit this to perform a man in the middle attack to alter gem files being downloaded for installation. John Firebaugh discovered that the RubyGems remote gem fetcher allowed redirection from HTTPS to HTTP. A remote attacker could exploit this to perform a man in the middle attack to alter gem files being downloaded for installation. Various other issues were also addressed.
79ecf56741b091d23384f3f0b01eeb591f87183b1b2b9abd751baebc340bbc94Ubuntu Security Notice 1583-1 - It was discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions. John Firebaugh discovered that the RubyGems remote gem fetcher did not properly verify SSL certificates. A remote attacker could exploit this to perform a man in the middle attack to alter gem files being downloaded for installation. Various other issues were also addressed.
17fa3254c34e95071e1984fe7299767f8f45689233b1ca111a2fbb55a2aee4c5Gentoo Linux Security Advisory 201209-12 - A vulnerability in Libtasn1 might cause a Denial of Service condition. Versions less than 2.12 are affected.
736f35308c66bdc32ea63c34299f84227416289d28072988461fe864c4870e18Gentoo Linux Security Advisory 201209-11 - Multiple vulnerabilities have been found in Opera, the worst of which may allow remote execution of arbitrary code. Versions less than 12.01.1532 are affected.
fcc5726793b9ad049ddd62ce4a60198c91e0bc46e75a7f6cb68768424cea573fRed Hat Security Advisory 2012-1304-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service.
a142bf3791a46de07a78316bd0ffacb5b615630eedcad53b8fc6e486621ee2d9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed