Different D-Link Routers are vulnerable to OS command injection via the web interface. The vulnerability exists in tools_vct.xgi, which is accessible with credentials. This Metasploit module has been tested with the versions DIR-300 rev A v1.05 and DIR-615 rev D v4.13. Two target are included, the first one starts a telnetd service and establish a session over it, the second one runs commands via the CMD target. There is no wget or tftp client to upload an elf backdoor easily. According to the vulnerability discoverer, more D-Link devices may affected.
9d58ec6df990b7786634d5c2bda806a6512ca58a1d498965975b3ba04c0ab5c4This Metasploit module exploits a vulnerability found on Firefox 17.0.6, specifically an use after free of a DocumentViewerImpl object, triggered via an specially crafted web page using onreadystatechange events and the window.stop() API, as exploited in the wild on 2013 August to target Tor Browser users.
e39e25d6845ff273ea20decb29f0fdfaca25648ab187f57278e8c2b631ce94c2Drupal Monster Menus third party module versions 6.x and 7.x suffer from an access bypass vulnerability.
7fb2c6eae9f60e15363d5c38f33457952348d27b086229fe30b748cd0f032469Drupal Organic Groups third party module version 7.x suffers from access bypass and information disclosure vulnerabilities.
64c8074669e4282c4ae41a821ed5a2319b610f4414b29b97de3986788f96eb26PHPFox version 3.6.0 build 3 suffers from multiple remote SQL injection vulnerabilities.
4cf237ed2cef291f424e07c47a37d6fb5149703bfeb2f9de694762fed5576060Drupal Mozilla Persona third party module version 7.x suffers from a cross site request forgery vulnerability.
de5866c021082ed1759ffd6d9f150bed928dd41269a5fe08bec4bd41d12e95a1Drupal Authenticated User Page Caching third party module version 7.x suffers from an information disclosure vulnerability.
da21ad32bdc5b8f39e6fa2645c41be2c88e5b3b14b3455eff3be5f47262807bcDrupal RESTful Web Service third party module version 7.x suffer from a remote access bypass vulnerability.
44976492ccf59db238880406de2d2b95d0c6019dc79d634c3bdf3770e3571cbaCisco Security Advisory - A vulnerability in Cisco TelePresence System could allow a remote attacker to access the web server via a user account that is created with default credentials. The vulnerability is due to a default user account being created at installation time. An attacker could exploit this vulnerability by remotely accessing the web server and using the default account credentials. An exploit could allow the attacker to log in with the default credentials, which gives them full administrative rights to the system. Workarounds that mitigate this vulnerability are available.
2ea6d0b1e64581d52717ea1757cc8500805b2b67cfb999703c1df4b10a59e436Apache suEXEC suffers from privilege escalation and information disclosure vulnerabilities.
6eddc12273e6a9546d9219b053ff012eff046f9697318a4bec44daadab5df846BigTree CMS version 4.0 RC2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
9da95b8db9bd5d7ab61e1c4e5943ab6b7fb602a7159e15bbacf88d7869e408c4Trustport Webfilter version 5.5.0.2232 suffers from a remote file disclosure and traversal vulnerability.
0a40dc9d70c4a31728c655ee319583daaaf44b92e79022f423a8adb2d1a6e46fAdvanced Guestbook version 2.4.3 suffers from a remote shell upload vulnerability.
29a77059e18d788d602a7ca2a5a627fa3676928f33b6bbe62e2d2ade7590b632Open and Compact FTP server version 1.2 authentication bypass and directory traversal SAM retrieval exploit.
0aa630f3b70ad7a6a9b5a6a29346d0cca04ee11570d82597dcfe2a39b5d05d09Included in this archive is a presentation of Android Weblogin: Google's Skeleton Key along with various proof of concept code from the talk presented at DefCon 21.
917ef9c7b31e3a0e0835376c951d3aec56779e5a92b79073ee01261b4a737f47Ubuntu Security Notice 1925-1 - Jeff Gilbert and Henrik Skupin discovered multiple memory safety issues in Thunderbird. If the user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Thunderbird. It was discovered that a document's URI could be set to the URI of a different document. If a user had scripting enabled, an attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. Various other issues were also addressed.
4840655df1aa4f3384933ccb3c2e90a78306e806597ac7d624680ac7c17cdc1aRed Hat Security Advisory 2013-1140-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox generated Certificate Request Message Format requests. An attacker could use this flaw to perform cross-site scripting attacks or execute arbitrary code with the privileges of the user running Firefox.
d1ea76370636127b4864079e126d370741fa0005db39cf1d9669d415ea313881Red Hat Security Advisory 2013-1144-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. nss-softokn provides an NSS softoken cryptographic module. It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle.
140a763fee0b505fdf0106a347f42680f7e1f7ae60671abfe1f48a21a770b565Red Hat Security Advisory 2013-1145-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 5.6 is retired as of August 7, 2013, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages after the final errata release, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 5.6 EUS after this date. In addition, technical support through Red Hat's Global Support Services will no longer be provided after August 7, 2013. Note: This notification applies only to those customers subscribed to the Extended Update Support channel for Red Hat Enterprise Linux 5.6.
eb89e214c02bcebfea25aa39eec5760624e5b556df0f77e016d2c52b2d093bf9Red Hat Security Advisory 2013-1142-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird generated Certificate Request Message Format requests. An attacker could use this flaw to perform cross-site scripting attacks or execute arbitrary code with the privileges of the user running Thunderbird.
6e679b599e006bf8213654491aeb2584f7fe6c4b42178ee60bdfac7f93a22313Red Hat Security Advisory 2013-1143-01 - Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue only affected the JBoss Web Services Native stack as Red Hat JBoss SOA Platform 4 and Red Hat JBoss Portal 4 do not use JBoss Web Services CXF.
b8d8b481f4dd2da7259425c0482c7654327f99b3327dce6c13b76d8dcb336eb2Debian Linux Security Advisory 2735-1 - Multiple security issues have been found in Iceweasel, Debian's version missing permission checks and other implementation errors may lead to the execution of arbitrary code, cross-site scripting, privilege escalation, bypass of the same-origin policy or the installation of malicious addons.
7aaf510fafe53ade56d45dadc0e018b9cc4df241abe27e5dd5d98ed9b2e52245Mandriva Linux Security Advisory 2013-210 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Mozilla security researcher moz_bug_r_a4 reported that through an interaction of frames and browser history it was possible to make the browser believe attacker-supplied content came from the location of a previous page in browser history. This allows for cross-site scripting attacks by loading scripts from a misrepresented malicious site through relative locations and the potential access of stored credentials of a spoofed site. Mozilla security researcher moz_bug_r_a4 reported a mechanism to execute arbitrary code or a cross-site scripting attack when Certificate Request Message Format request is generated in certain circumstances. Security researcher Cody Crews reported that some Javascript components will perform checks against the wrong uniform resource identifier before performing security sensitive actions. This will return an incorrect location for the originator of the call. This could be used to bypass same-origin policy, allowing for cross-site scripting or the installation of malicious add-ons from third-party pages. Mozilla community member Federico Lanusse reported a mechanism where a web worker can violate same-origin policy and bypass cross-origin checks through XMLHttpRequest. This could allow for cross-site scripting attacks by web workers. Security researcher Georgi Guninski reported an issue with Java applets where in some circumstances the applet could access files on the local system when loaded using the a file:/// URI and violate file origin policy due to interaction with the codebase parameter. This affects applets running on the local file system. Mozilla developer John Schoenick later discovered that fixes for this issue were inadequate and allowed the invocation of Java applets to bypass security checks in additional circumstances. This could lead to untrusted Java applets having read-only access on the local files system if used in conjunction with a method to download a file to a known or guessable path. The mozilla firefox packages has been upgraded to the latest ESR version which is unaffected by these security flaws.
06e1eccc8317c48199bbdf0816b441552d6c5a399b5a21ddd3ebe80a6bcf1ac9The Brick7 search engine suffers from multiple cross site scripting vulnerabilities. The vendor has not responded to the author for more than two months. Note that this advisory has site-specific information.
3dbced1ac11434f635065a12378197cc099a391f90a57d9c4d743660dc05b8f0PHP VID suffers from cross site scripting, remote SQL injection, and CRLF injection vulnerabilities.
6c7f7345977e15097b906b10ba4a8141dc3482c98eca4df98a497d15d7ec4dd8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed