This Metasploit module exploits a memory corruption vulnerability on the Citrix NetScaler Appliance. The vulnerability exists in the SOAP handler, accessible through the web interface. A malicious SOAP requests can force the handler to connect to a malicious NetScaler config server. This malicious config server can send a specially crafted response in order to trigger a memory corruption and overwrite data in the stack, to finally execute arbitrary code with the privileges of the web server running the SOAP handler. This Metasploit module has been tested successfully on the NetScaler Virtual Appliance 450010.
bbd94c2938c7acadc669fd040b87af734ca8b8359c12bfca9b43d24c4a997c1dSymantec Endpoint Protection version 12.1.4023.4080 suffers from XXE injection, cross site scripting, and arbitrary file write vulnerabilities.
8dac04a3f8aa31944840699e39fc5cb46e42c335bda4f13704749fd690e88f91ManageEngine EventLog Analyzer suffers from SQL information and credential disclosure vulnerabilities.
ae0902d2d1251e6a705e5a528c9450f71f486b0f84a93f3094c7c09f8e7737f8Gentoo Linux Security Advisory 201411-3 - A buffer overflow in TigerVNC could result in execution of arbitrary code or Denial of Service. Versions less than 1.3.1 are affected.
b073aee4551bd72c8c4bbf7ee9d7c42615f3c8a969ea10af0a9391988833aa27Gentoo Linux Security Advisory 201411-2 - Multiple vulnerabilities have been found in the MySQL and MariaDB, possibly allowing attackers to cause unspecified impact. Versions less than 5.5.40 are affected.
5f251e50b878174d7bc4568d3ff14b1bcab1874c8fb5cf08f449d6b1e385516fDebian Linux Security Advisory 3065-1 - James Forshaw discovered that, in Apache Santuario XML Security for Java, CanonicalizationMethod parameters were incorrectly validated: by specifying an arbitrary weak canonicalization algorithm, an attacker could spoof XML signatures.
6e89175532485730458cb520d71d4b1db3edc265c80ec17d9f05f7cc7139ac15Cisco Security Advisory - The Cisco RV120W Wireless-N VPN Firewall, Cisco RV180 VPN Router, Cisco RV180W Wireless-N Multifunction VPN Router, and Cisco RV220W Wireless Network Security Firewall are affected command injection, file upload, and HTTP Referer header vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.
074c5244c703eb706e792432e8736563183ab1183dbd8911bff53a4484edeb24RSA Web Threat Detection 4.x versions 4.6.1.1 and later contain a fix for SQL injection vulnerability that could be potentially exploited by a malicious user to compromise the affected system.
1e32f5d6f291e57ecd586c69517340eb2c45d4eecf5641798bbf4008f787e27dThe Cisco RV series suffers from arbitrary file overwrite, arbitrary command execution, and cross site request forgery vulnerabilities.
ab1cc7e024746d65f1cc4a6bf8683bd942b18bb262e9cd877a1b315a168cf955The Videowhisper module for Drupal 7 suffers from a cross site scripting vulnerability.
55a4861f40bc38c6000abe600f7ee9ed4eaa6cd89d223aadc33cbc3a11d9369ei.Mage version 1.11 local crash proof of concept exploit.
86c765b9b4c7493cc65a4f4d4296a2de0d3424f1b7c6325cb4ed015dcfdea687i-Ftp version 2.2.0 SEH buffer overflow exploit.
f7332d1ce10e41508fcb2fe9005e87b836e9bf62dc75119737fe6e9ddc96d0f9i.Hex version 0.98 local crash proof of concept exploit.
b6538cb584c67bc25846bab1b7d3964fcf00e51a6b5f44d7ff51536b5bcdb80fGNU libc versions 2.12.1 and below LD_AUDIT libmemusage.so local root exploit.
b0f0cc6fe6c822efac1097b42f5743176fc7620d8aed638fb40cc3cbfc95d1e5GNU libc versions 2.12.1 and below LD_AUDIT libpcprofile.so local root exploit.
11997246f78036a9735342aed99ef6bbde5fdf224f85ba7703ee81308de43badDAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
d782a39561977125bdd2c55947528d4192d83bff98d8ce422dfff9b166ade699
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed