Red Hat Security Advisory 2013-0762-01 - In accordance with the Red Hat Enterprise MRG Life Cycle policy, the Red Hat Enterprise MRG products, which include the MRG-Messaging, MRG-Realtime, and MRG-Grid, Version 1 and Version 2 offerings for Red Hat Enterprise Linux 5, will be retired on March 31, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for MRG-Messaging, MRG-Realtime, and MRG-Grid on Red Hat Enterprise Linux 5 after that date. In addition, after March 31, 2014, technical support through Red Hat's Global Support Services will no longer be provided for these products on Red Hat Enterprise Linux 5.
e69ac08569aeb344eec38301651729c60d6f3695e3d1f7856967ff15f269dc75
php_rshell is a ruby script which converts a binary backdoor to hex and creates a windows php reverse backdoor that will be executed on the server.
0fecd8cff34a4c706edcda435ad534f566cb1869bf12bb112959c918e6d7771c
Janissaries Joomla Civicrm component exploitation tool that uploads a shell.
a0d2608dc143c3c9606df7b7c625c70c510de3c71f8eee4f0a1e2f23601c835a
vBilling for FreeSWITCH suffers from multiple remote SQL injection vulnerabilities.
994b7109cb3e6f3b6c77edff6f1e8d54a0117e5090c812694dab17f3c64c0b94
This archive includes the source and a binary for a small Windows reverse shell.
90b4698c98d0968c39961359e2ce541617ee746a3f9d1e360bbc5deb166b3938
Java versions 1.7.0_21-b11 and below suffers from an arbitrary code execution vulnerability.
3158f404571528b94f1fbd702d6393ab7fee07d0e1316cf499dea137b946ebac
Voipnow versions prior to 2.4 suffer from a local file inclusion vulnerability.
5f8b1e30f3b26f1cabfeb8f86d5e39caef2af77ca0acaaf3655a8471c3848751
jPlayer versions prior to 2.2.23 suffers from cross site scripting and content spoofing vulnerabilities.
f94ef8fdaa3dc74661bbc1b8766b3b3b4a20d05453c794dd0c73d914c5ee1c5e
WordPress Colormix theme suffers from cross site scripting, path disclosure, and content spoofing vulnerabilities.
1a6d8b2caf5b79f12115a437ecd623f9858b32df35626257b4cff71c1392af40
Debian Linux Security Advisory 2660-1 - Yamada Yasuharu discovered that cURL, an URL transfer library, is vulnerable to expose potentially sensitive information when doing requests across domains with matching tails. Due to a bug in the tailmatch function when matching domain names, it was possible that cookies set for a domain 'ample.com' could accidentally also be sent by libcurl when communicating with 'example.com'.
81266edfab57d31d15948cb7c43346ab48dc2550fdda9403978115e7a973b7b0
This is a brief tutorial that demonstrates how to reverse engineer an offline game (3D Pinball).
426f7edb198602eac9058b56437b9eeffe6b5b0b774f60a26ae114893d91c018
Some Netgear Routers are vulnerable to an authenticated OS command injection on their web interface. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes. This Metasploit module overwrites parts of the PPOE configuration, while the module tries to restore it after exploitation configuration backup is recommended.
91dc01de9600bf71b1bfb0fa39d3c499055961c38a5e9d02115d91d6d11e4a4d
Mandriva Linux Security Advisory 2013-147 - Fabian Yamaguchi reported a read buffer overflow flaw in libarchive on 64-bit systems where sizeof is equal to 8. In the archive_write_zip_data() function in libarchive/ archive_write_set_format_zip.c, the s parameter is of type size_t and is cast to a 64 bit signed integer. If s is larger than MAX_INT, it will not be set to zip->remaining_data_bytes even though it is larger than zip->remaining_data_bytes, which leads to a buffer overflow when calling deflate(). This can lead to a segfault in an application that uses libarchive to create ZIP archives. The updated packages have been patched to correct this issue.
5bb6edb00d4a3a97d18eff54273e8d8f6e8a9f9af0bf690de5590fd4a7f7e83b
Ubuntu Security Notice 1805-1 - Mathias Krause discovered an information leak in the Linux kernel's getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel's stack memory. Mathias Krause discovered information leaks in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel's stack memory. Various other issues were also addressed.
f8ed7e9055b2ef3f668acf428f2af9356368d82637507c163b57ec94d86ab878
Mandriva Linux Security Advisory 2013-145 - Multiple security issues were identified and fixed in OpenJDK Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. The previous default value of the java.rmi.server.useCodebaseOnly property permitted the RMI implementation to automatically load classes from remotely specified locations. An attacker able to connect to an application using RMI could use this flaw to make the application execute arbitrary code.Note: The fix for changes the default value of the property to true, restricting class loading to the local CLASSPATH and locations specified in the java.rmi.server.codebase property. Various other issues have been addressed.
f5a337abcb62a9be911da906dbbb2c5adabc27e9e1f740efcb9580a4464d520d
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an object confusion error when processing malformed Real Time Messaging Protocol (RTMP) data received during the initial phase of communication with a server, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page. Adobe Flash Player versions prior to 11.7.700.169 are affected.
a61b22a16c3befda80224c940393c4411503ad1032eee6935dce23f0995ad911
MinaliC Webserver version 2.0.0 buffer overflow exploit that binds a shell to port 4444. Works on Windows Server 2003 SP3 only.
0f734001f936a5b891c34b75bd2c451e9c1b32b8939d772c3c1bc8137fb7edaf
Mandriva Linux Security Advisory 2013-146 - Multiple vulnerabilities has been discovered and corrected in icedtea-web. It was discovered that the IcedTea-Web plug-in incorrectly used the same class loader instance for applets with the same value of the codebase attribute, even when they originated from different domains. A malicious applet could use this flaw to gain information about and possibly manipulate applets from different domains currently running in the browser. The IcedTea-Web plug-in did not properly check the format of the downloaded Java Archive files. This could cause the plug-in to execute code hidden in a file in a different format, possibly allowing attackers to execute code in the context of web sites that allow uploads of specific file types, known as a GIFAR attack. The updated packages have been upgraded to the 1.3.2 version which is not affected by these issues.
6a800acd6316f93d877e8a880e22d06e913d32abbff3cf0de8bb088e7caf5a4c
Wireless Decoder is an application that demonstrates how to recover wireless passwords on Vista/Win7/Win8. Comes with source and the binary.
a576e6dee330f135380b131a11fde69fe94d2a950eddf754394ea6db2a5eb6f6
Tienda Online CMS suffers from a cross site scripting vulnerability. The vendor has been notified of this issue. Note that this advisory has site-specific information.
93c112b74801b7c8122b5ecd4a34425111ec9659a7a46158160325e36fe93bcd
Foxit Reader versions 5.4.3.x through 5.4.5.0124 suffer from a PDF XREF parsing denial of service vulnerability.
19bacc90bb3d86146efc71f544560d5d5e3e59ead41717335c428f05caf1d821
KIK Messenger stores its password in cleartext in a plist file.
0579b4c687a6995f97f2d6c82bbc27bbe71cdfdc50cd2900d2923969eb5e3642
Crafty Syntax Live Help versions 2.x and 3.x suffer from path disclosure and remote file inclusion vulnerabilities.
9b378157ba94b5a10193ab6a2ec5d79ce9881775be424528a0b05b1ceec52d09
TP-LINK TL-WR741N / TL-WR741ND suffers from multiple remote denial of service device freezing conditions.
632658f3b24d25123b080a924d247c4f29a9d2dbca90b5a0d69e54046c595d73
nginx version 0.6.x suffers from an arbitrary code execution vulnerability due to a nullbyte injection issue.
80b271bc4dd413adecf25945a99a831e3725d128f9974c5542da05bc9ff3daf3