EMC Data Protection Advisor version 5.8 sp5 suffers from a DPA Illuminator EJBInvokerServlet remote code execution vulnerability. Proof of concept code included.
bec0bb61454387d713dc7ce4ade6cefcbc27df7b553ab6873ee83cad51e2a1c6This paper details a vulnerability affecting NVIDIA mental ray, which allows an attacker to take control over a mental ray based render farm.
775f48d6630d6aac147c8f09fc15e01a82cf693584d38a901be40b58fff0f320Air Gallery Air Photo Browser version 1.0 suffers from multiple command injection vulnerabilities.
1a35705f3ea7cd9bc981b6a7b0fd47f596186f8acd70761a6df2d1b90be027b8LiveZilla version 5.1.1.0 suffers from multiple stored cross site scripting issues in the web-based Operator Client and LiveZilla client.
a9a6519e8b5a96c47677b39baf14e1fa3cb06fc3188411397cdaecebcc214f3fGOM Player version 2.2.53.5169 SEH buffer overflow exploit.
09733cd92523cb7582f4b8273a90b6b602443c8f2ce4263aeb0101cbfb59425cThis Metasploit module exploits a SQL injection vulnerability found in vBulletin 5 that has been used in the wild since March 2013. This Metasploit module uses the sqli to extract the web application's usernames and hashes. With the retrieved information tries to log into the admin control panel in order to deploy the PHP payload. This Metasploit module has been tested successfully on VBulletin Version 5.0.0 Beta 13 over an Ubuntu Linux distribution.
9d8efb0cad2d070a8f7a77f67fe384b7478ccfb79465861ec1f1764abe23a5f1Red Hat Security Advisory 2013-1806-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.
776f5e06aa1d59689b658d1881b9e89a5fcea991a6537bc63833095590381b35Red Hat Security Advisory 2013-1805-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.
7a95ea07e79777b06a6fa8a5c54f5c65a0354ca7595170be622db4ed1496de04Debian Linux Security Advisory 2815-1 - Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework.
55851fa8a15306a3fd9125a88e7ee55e48f372ccc13862e3364616d8c63025c2Debian Linux Security Advisory 2814-1 - A denial of service vulnerability was reported in varnish, a state of the art, high-performance web accelerator. With some configurations of varnish a remote attacker could mount a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.
6d9b196bb178599d75a77ee1dee4a7a1609b587bc3f0fb2f12f26dd4e6929a51Debian Linux Security Advisory 2813-1 - Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code.
c06c391c3fd8c1b46bde7ad6dd5b1f16ef777d95602dea8702f26adaadf6ad83Ubuntu Security Notice 2051-1 - Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.
8493a8639e296e4dbd702fff7bd13f9491d9ab10e39063a4d86e79c6f7cec8a4Gentoo Linux Security Advisory 201312-7 - Multiple vulnerabilities have been found in OpenEXR, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.0 are affected.
061c233843f6d1e376869b86fe81a7c175184176f83d141493dd9e3aaeec9db5CGILua versions 3.0 and below suffer from a remote SQL injection vulnerability.
a2f1834f3f06371c1017c95dec7618b37b9e5d90551ca8600db7a660a364e44eDebian Linux Security Advisory 2812-1 - Two security issues were found in Samba, a SMB/CIFS file, print, and login server.
f999b212f4fc13361aae0ea94817b1f46dc2584eaa0f151337c38c12cae08445
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed