This document describes a method of reading and displaying previously used framebuffers from a variety of popular graphics cards. In all 4 tested laptops the content of the VRAM was not erased upon reboot. It is also possible to show that the content of the host VRAM can be accessed from a VirtualBox guest, thereby leaking possibly confidential information from a trusted host into an untrusted guest machine.
b4aaca0e9f25ac73a7469f0a528eb42aba706fce9a84dc3b2b658276a24ab28dManage Engine Device Expert version 5.9.9.0 suffers from a reflective cross site scripting vulnerability.
ac65439b324fffb863d5c254685a9bbab08bef94d462975f0196a709d8b76aaeThis Metasploit module uses Powershell Remoting (TCP 47001) to inject payloads on target machines. If RHOSTS are specified it will try to resolve the IPs to hostnames, otherwise use a HOSTFILE to supply a list of known hostnames.
81d95a12d4da050bcc3d10140dea8044b0356300805672102af4206ac0964126This Metasploit module remotely exploits CVE-2015-0235 (a.k.a. GHOST, a heap-based buffer overflow in the GNU C Library's gethostbyname functions) on x86 and x86_64 GNU/Linux systems that run the Exim mail server.
a904662b081b766808bd7e6e1ad410a102718e996535c406d1a81766eee34d73This Metasploit module exploits a remote buffer overflow vulnerability on Belkin Play N750 DB Wireless Dual-Band N+ Router N750 routers. The vulnerability exists in the handling of HTTP queries with long 'jump' parameters addressed to the /login.cgi URL, allowing remote unauthenticated attackers to execute arbitrary code. This Metasploit module was tested in an emulated environment, using the version 1.10.16.m of the firmware.
164f73d50b085d0c2335092e7f16da683c66b3f7e546e57619eee75d165cbf97This exploit gains remote code execution on Firefox 31-34 by abusing a bug in the XPConnect component and gaining a reference to the privileged chrome:// window. This exploit requires the user to click anywhere on the page to trigger the vulnerability.
13186b54048c8cc06f8faee910912cf899136fc7728d1db2115267711277790dCisco Unified Computing System Manager (UCSM) versions 1.3 through 2.2 sends local (UCSM) username and password hashes to the configured SYSLOG server every 12 hours.
f0ceac9c00ce462e0e72897f30e93bddf1642b81c987ab4e5c396f7423783888openEMR version 4.2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
136128c86a8cdf2ba34308166c5782a4d4d518a5c95d5d6c966b0e3831d31b38oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
7d4a054b62ed539ef5faf0500df2fc338e40d70e7771d5039509a0f7530113deoclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
172767a894a76890882c9c8a55edc4edcf14270dcaa3d8c77ab4400f9ba990ac
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed