GNU Bash versions 4.3 and below remote command injection exploit that leverages the REFERER header on vulnerable CGI scripts. Launches a connect-back shell. Written in Perl.
19dfcfb3d85be26b41d2f9316ffaebf7de4fe7c3b8fd4d6b1cf6a55a6f1ba395Typo3 JobControl version 2.14.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Typo3 no longer provides updates for this extension and it is considered unsafe to use.
fd26ba8328d734e82a7dea5f7dff200a5a1a0a8862c060bfd070948aa195c3dbGnu Bash versions 4.3 and below remote command injection exploit that leverages the User-Agent header via vulnerable CGI scripts. Written in Python.
057996be27a48a42909a085ad63607f515c2c4f7a1da1dc7eddd802689cd126cSmarterTools Smarter Track versions 6 through 10 suffer from an information disclosure vulnerability.
b41e89efc3bbbdee6f8f96f9d1f50dd467ded58b5ee3d8c3c7c09b0cfc00832fGS Foto Uebertraege version 3.0 suffers from a local file inclusion vulnerabilities.
94fa4864b4a48c57985de0ba4158bbfed8cf5005eedcc0ac60d2c0633d2247ecRed Hat Security Advisory 2014-1307-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS.
08a1d6314655253f277428022a1688098423cb33c9f35cce58d396cb4045d729Ubuntu Security Notice 2363-2 - USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the patch for CVE-2014-7169 didn't get properly applied in the Ubuntu 14.04 LTS package. This update fixes the problem. Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. Various other issues were also addressed.
3e18a143d3f887e0e17c89d032327a608ab2beec642f3e1e91e5bfef9721dfccRed Hat Security Advisory 2014-1306-01 - The GNU Bourne Again shell is a shell and command language interpreter compatible with the Bourne shell. Bash is the default shell for Red Hat Enterprise Linux. It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue.
88d35c967bdafa1462b50e6b3d195bb62db44e287d9df7085810180afa4b143fUbuntu Security Notice 2363-1 - Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions.
f5f456c7e48c7214e00ff053cd9387307f5241a9d083c936d0541e007cdceb1aMandriva Linux Security Advisory 2014-190 - It was found that the fix for was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. Additionally bash has been updated from patch level 37 to 48 using the upstream patches at ftp://ftp.gnu.org/gnu/bash/bash-4.2-patches/ which resolves various bugs.
ae4a2ddbddcc61c6966f4694c639082e3489b84bee7732ae063725dab98b2b3cSlackware Security Advisory - New bash packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.
ef15a9f5d74abb68daa1dd4cfbf2c7875ecd047088315d90b16cfabda7880efdDebian Linux Security Advisory 3036-1 - It was discovered that MediaWiki, a wiki engine, did not sufficiently filter CSS in uploaded SVG files, allowing for cross site scripting.
031db5fef5a40b83c3d7dbe498d63b05566f4feaddd502aa306ab324b04e7cc6Debian Linux Security Advisory 3035-1 - Tavis Ormandy discovered that the patch applied to fix CVE-2014-6271 released in DSA-3032-1 for bash, the GNU Bourne-Again Shell, was incomplete and could still allow some characters to be injected into another environment (CVE-2014-7169). With this update prefix and suffix for environment variable names which contain shell functions are added as hardening measure.
c9152f57044050f4b25ba7c86fda6196e8a06bf2e8ec64116ec765e8c2243201Slackware Security Advisory - New bash packages are available for Slackware 13.0 to fix a security issue.
c5aa03ec719896cf77ac684a412556993a10649e75080a6763d5b213ed7066daHakabana is an open source monitoring tool that helps you visualize network traffic using Haka and Kibana.
ce0904f3c36adae66096e0a19b14753576c6466069d78f567e1e4ea1600594ebNucom ADSL ADSLR5000UNv2 suffers from a remote credential disclosure vulnerability.
da83a0d2bd47f65c4b82b5e8c00ad0d11927797bb63d8dd1c8dd3f69bcaf59b1This abuses the bug in bash environment variables (CVE-2014-6271) to get a suid binary inside of VMWare Fusion to launch our payload as root.
f04f53cef923e1ebad417dccfb1f6d01ee754b3ddac0ef16fcb609fa3f055392Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
99b15c6858c04e93a31d3ae90dd69f5021faa2237da93a24fbd246f4f1670ad1LibVNCServer versions 0.9.9 and below suffer from memory management handling, buffer overflow, and denial of service vulnerabilities.
7119467df020792576889e8a01b9e775d65a326b0070c018b47a7524af569c5bCisco Security Advisory - A vulnerability in the Network Address Translation (NAT) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper translation of IP version 4 (IPv4) packets. Cisco has released free software updates that address this vulnerability.
63ec1698c6f3c1763eb3e90238c8c14bb13ab2307119a50dc21da378dde9e0b4A stack overflow was discovered when serializing data via the Data::Dumper extension which is part of Perl-Core. By using the "Dumper" method on a large Array-Reference which recursively contains other Array-References, it is possible to cause many recursive calls to the DD_dump native function and ultimately exhaust all available stack memory.
5739d0c214a552e16df8c1827940aaed394eeceffff1b5e158eb34f54598672aCisco Security Advisory - A vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device. To exploit this vulnerability, affected devices must be configured to process SIP messages. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to this vulnerability.
f38f520a86845654ee88d37dbd04daa74d66c5fde6e5c1c88e6b483ec7217fadCisco Security Advisory - A vulnerability in the DHCP version 6 (DHCPv6) server implementation of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper parsing of malformed DHCPv6 packets. An attacker could exploit this vulnerability by sending malformed DHCPv6 packets to be processed by an affected device. An exploit could allow the attacker to cause a memory leak and eventual reload of an affected device.
e93171093b995dcfbce411a598dfdb3fd5744117c4e5f800cdb73e8f76d5a63cWordPress All In One WP Security plugin version 3.8.2 suffers from multiple remote SQL injection vulnerabilities.
a719c00b89342dc8c43e26900af10153fcbe37cf3ff5a29d9e9d752b29e03e85bashedCgi is a quick and dirty Metasploit module to send the BASH exploit payload (CVE-2014-6271) to CGI scripts that are BASH-based or invoke BASH, to execute an arbitrary shell command.
917183304ff31e505f18d434fcc284d5fe270c928e0cc5e96231c14eabb1aae3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed