The Atmel AT91SAM7XC series of microprocessors suffer from a cryptography key recovery vulnerability due to poor memory management.
80605c235bcc22f94440751343582715f585c992b025d852b58958950e3b68cbipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.
7d12affbeb448d8cdc343a6ae9a8e3aad5f2c829a8a167c1843d16a143ec3840ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
b14d55bcbf2ebebae3e1b719fc2ad988219a10b7aecce8ba4af114f09c41461dThis tool is a wrapper for the reaver WPS attack toolkit. As there is no automatic way to prescan, decide, and then start the attack, this wrapper takes care of it. Written in perl.
77f6680aaa3369a21bf84af444e0c5a958ed4d7faae9912a95ebde099266e156Brother HL5370 printers suffer from arbitrary command execution and trivial password guessing.
bb7dcc80515b1fae40d34587ce5811e48bdec93f2a09a9cdafe16aaaa95990b4Apache CXF suffers from a UsernameToken WS-SecurityPolicy bypass vulnerability. This vulnerability affects all versions of Apache CXF prior to 2.5.9, 2.6.6 and 2.7.3.
4eaa2f6027239acfb181ad63ada1307b505ff3e1a2a33005786ae1d6605024a0Apache CXF suffers from a vulnerability when a simple SOAP service is secured with the WSS4JInInterceptor, which enables WS-Security processing of the request. WS-Security processing is completely bypassed in the case of a HTTP GET request, and so access to the service can be enabled by the URIMappingInterceptor. This vulnerability affects all versions of Apache CXF prior to 2.5.8, 2.6.5 and 2.7.2. CXF 2.7.1 is not affected by default, however the vulnerability exists if you are explicitly adding the URIMappingInterceptor to the default chain.
db48a46ed14115b58114df032443a8b3b6b13b1175a368c2efb1110f6877b6fdThis Metasploit module exploits a vulnerability in the Novell GroupWise Client gwcls1.dll ActiveX. Several methods in the GWCalServer control use user provided data as a pointer, which allows to read arbitrary memory and execute arbitrary code. This Metasploit module has been tested successfully with GroupWise Client 2012 on IE6 - IE9. The JRE6 needs to be installed to achieve ASLR bypass.
2bb2812e974be928ec96a6f900361814c1ad01f386937d1ecad587eb0c260f83Mandriva Linux Security Advisory 2013-010 - Multiple security issues were identified and fixed in OpenJDK. The updated packages provides icedtea6-1.11.6 which is not vulnerable to these issues.
c969e5649ff8c0438fc75c05091dea0b22ca3f91072532f86108cdc5f23005c4Mandriva Linux Security Advisory 2013-009 - The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service via a Client: Diffie-Hellman Key Exchange Init packet. The updated packages have been upgraded to the 0.5.4 version which is not affected by this issue.
73870dce1b583b2ef4bd04b7c63752c6b3bffe0ed145b165bcd9794b9ffe441bosCommerce version 2.3.3 suffers from a cross site request forgery vulnerability.
6899dfd0aba24fae96fc8aca3b04644601579d6527c6c1b6a86f31ffeb009adeThis is a simple utility for exploiting command injection vulnerabilities in web applications. Supports POST and GET requests. Can deliver an "inline shell" or a (python) reverse shell.
2c82dcde1a7835fac49946c2d7c022271f0105c0e8c280133632994e909508cd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed