This Metasploit module exploits an arbitrary PHP code upload in the WordPress Infusionsoft Gravity Forms plugin, versions from 1.5.3 to 1.5.10. The vulnerability allows for arbitrary file upload and remote code execution.
2b7754496960422648fd53d44f7c5f663f40d4e64906b1d967c380e682afd7daThis Metasploit module exploits a vulnerability found in the the WordPress theme OptimizePress. The vulnerability is due to an insecure file upload on the media-upload.php component, allowing an attacker to upload arbitrary PHP code. This Metasploit module has been tested successfully on OptimizePress 1.45.
8fe5a65ba0a48deeb6568d675a37477fe142197da4739939fdc89d00458ee2edThis Metasploit module exploits an arbitrary PHP code execution flaw in the WordPress blogging software. This vulnerability is only present when the PHP 'register_globals' option is enabled (common for hosting providers). All versions of WordPress prior to 1.5.1.3 are affected.
8029e1794748c6b847a3fcb2ff96b2b28fc0fde9bdbb4d42498a35812e402c16This Metasploit module exploits a PHP Code Injection vulnerability against WordPress plugin W3 Total Cache for versions up to and including 0.9.2.8. WP Super Cache 1.2 or older is also reported as vulnerable. The vulnerability is due to the handling of certain macros such as mfunc, which allows arbitrary PHP code injection. A valid post ID is needed in order to add the malicious comment. If the POSTID option isn't specified, then the module will automatically find or bruteforce one. Also, if anonymous comments aren't allowed, then a valid username and password must be provided. In addition, the "A comment is held for moderation" option on WordPress must be unchecked for successful exploitation. This Metasploit module has been tested against WordPress 3.5 and W3 Total Cache 0.9.2.3 on a Ubuntu 10.04 system.
bed096490dc9d7e2c3e5ae3b9e8234d981926a7705dfde36023179c919fb54aaThis Metasploit module exploits an arbitrary PHP code execution flaw in the WordPress blogging software plugin known as Foxypress. The vulnerability allows for arbitrary file upload and remote code execution via the uploadify.php script. The Foxypress plugin versions 0.4.1.1 to 0.4.2.1 are vulnerable.
b017c0df7061322735956c2e5f849f22a187dfba7fc928876d14b674c70fddd8HP Security Bulletin HPSBST03196 1 - A potential security vulnerability has been identified with HP StoreEver MSL6480 Tape Library running Bash. This is the Bash Shell vulnerability known as "Shellshock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
4be7a57fc9d180a0c2da2e754c8f966e45742fb56c2315e518187bf758764467Ubuntu Security Notice 2545-1 - A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. A flaw was discovered in the crypto subsystem when screening module names for automatic module loading if the name contained a valid crypto module name, eg. vfat(aes). A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. Various other issues were also addressed.
f0d96d401b0085cca787c43e9e7cf167b99f5f483a755be670dfc9be5e09397fUbuntu Security Notice 2546-1 - A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. A flaw was discovered in the crypto subsystem when screening module names for automatic module loading if the name contained a valid crypto module name, eg. vfat(aes). A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. Various other issues were also addressed.
e4e127ba9f45099c6fc66a9a7ccea1411fc292920595bd1a9ea9b59e851882beUbuntu Security Notice 2541-1 - The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how Thread Local Storage (TLS) is handled by the task switching function in the Linux kernel for x86_64 based machines. A local user could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. Various other issues were also addressed.
2d7e5b61dc25c61afcef553473cababbdf6689f4edd43072e65e8a190d46291bUbuntu Security Notice 2544-1 - Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. Various other issues were also addressed.
9ddf124b2f1631a25b55a6630565e4ec8e300e7cba350a78679c54da8bfe363cUbuntu Security Notice 2543-1 - Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. Various other issues were also addressed.
1d20f0a45ef3c2328018fdfae24660ad9d7b3abed4e42067fe621154e5dc00f9Ubuntu Security Notice 2542-1 - The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how Thread Local Storage (TLS) is handled by the task switching function in the Linux kernel for x86_64 based machines. A local user could exploit this flaw to bypass the Address Space Layout Randomization (ASLR) protection mechanism. Various other issues were also addressed.
6d16a19b701a03e7e17da5f559a14199c6b398ae3799e95bf7de7f4747bb2efeRed Hat Security Advisory 2015-0716-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application. An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.
9d8aee16c77d0cfe933cacb5fd802931cd9f89036d273602e014764364847f8fHP Security Bulletin HPSBGN03249 2 - Potential security vulnerabilities has been identified with HP ArcSight Enterprise Security Manager (ESM) and HP ArcSight Logger. These vulnerabilities could be exploited remotely resulting in multiple vulnerabilities. Revision 2 of this advisory.
8f4edcb3114142df1bedbb92bf3cd48730dfdc80c7ef8ea3c8bd8922da2b1202HP Security Bulletin HPSBMU03220 1 - Potential security vulnerabilities have been identified with HP Shunra Network Appliance / HP Shunra Wildcat Appliance running Bash Shell. The vulnerabilities, known as "Shellshock", could be exploited remotely to allow execution of code. Revision 1 of this advisory.
a6123d5b851b138a543e987a040efe52fa0e792954adbdefa8c34b543cc021b7HP Security Bulletin HPSBHF03289 1 - A potential security vulnerability has been identified with HP ThinPro Linux This is the glibc vulnerability known as "GHOST", which could be exploited remotely to allow execution of arbitrary code. This update also addresses other vulnerabilities in SSL that would remotely allow denial of service, disclosure of information and other vulnerabilities. Revision 1 of this advisory.
382397e1a5db4b2ad8674375cd6e6e6384288664cd896f150a77ef9a0ae8d8cdHP Security Bulletin HPSBHF03279 2 - Potential security vulnerabilities have been identified with certain HP Point of Sale PCs Running Windows with OLE Point of Sale (OPOS) Drivers. These vulnerabilities could be remotely exploited resulting in execution of code. Revision 2 of this advisory.
1036020a39ce9516aea534d077971926ce15bbc57583ad525067c387f183e6f2HP Security Bulletin HPSBGN03299 1 - Potential security vulnerabilities have been identified with HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL including: The SSL vulnerability known as "FREAK", which could be exploited remotely to allow disclosure of information. Other vulnerabilities which could be exploited remotely resulting in unauthorized access. Revision 1 of this advisory.
2bb84f4f172f79af7ec61d8661a7811600da15eaeb941f552c18a3962ffbb1f8Ubuntu Security Notice 2547-1 - It was discovered that the Mono TLS implementation was vulnerable to the SKIP-TLS vulnerability. A remote attacker could possibly use this issue to perform client impersonation attacks. It was discovered that the Mono TLS implementation was vulnerable to the FREAK vulnerability. A remote attacker or a man in the middle could possibly use this issue to force the use of insecure ciphersuites. Various other issues were also addressed.
df47982100cec85a2943f68bea9742b67b9e2b5b58f72ad84ed804375204ff53Red Hat Security Advisory 2015-0718-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
ceca8eaeb9eeb560f017b4c71d935b577a7b2b63afe6d73a4389cd3b984d33daRed Hat Security Advisory 2015-0715-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker-supplied certificate was verified by the application. An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded.
444104d5932d36fbf7dd33fbca71b225a194dc3084d7bd251d91eabd0c7f0e48A default installation of Windows 7/8 can be made to perform a NTLM reflection attack through WebDAV which allows a local user to elevate privileges to local system. It can also be used to escape application sandboxes if TCP socket access is not blocked. Microsoft will not fix this issue.
d7f65f0f6fcfb1538cdd107180c364c1d5d666cadc19162e231ebc624660d51aAnchor CMS version 0.9.2 suffers from a cross site scripting vulnerability.
1fbc46802e35a95a8200a4c6bc7e7bb4d7136136a187801b6d0ba3f9bbaab36aJoomla Random Article component suffers from a remote SQL injection vulnerability.
0a2fa879f23beb0befce309d421834e8bc1f50146c8984ae39d4d21797ea7dc8Unasjee CMS suffers from multiple cross site request forgery vulnerabilities.
9b4101394e2daa2f90d83d866085ad33416c24d0ffa44d634c30bdae9c251e17
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed