This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
5ff2902a3ec062393e0570fee4f1cc86ff341942ea0f0f52a2987780cddb68ecThis Metasploit module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create and execute a PHP file in the document root. The USERNAME and PASSWORD options are only needed if the Wiki is configured as private. This vulnerability affects any MediaWiki installation with SyntaxHighlight version 2.0 installed and enabled. This extension ships with the AIO package of MediaWiki version 1.27.x and 1.28.x. A fix for this issue is included in MediaWiki version 1.28.2 and version 1.27.3.
42e48276927339958a36dbb2f1b6e10a0ccdc795bdf63b73b3596ebd982b5dacPegasus version 4.72 build 572 suffers from a mailto link remote code execution vulnerability.
4427731fa13b99b05e574e495f0ae5cbb93c76a5b78829b68f137b2e0bd8adefSecure Auditor version 3.0 suffers from a directory traversal vulnerability.
9e96947d550edd506262be8499d639f6170b5fd597c1c3c5b3b82e2f120658a4Microsoft Windows 7/2008 R2 x64 EternalBlue SMB remote code execution exploit that leverages MS17-010.
a89834c93f1d470ef6476b4a640ac5f5403058b6205f6653a27aa9c7ac53d1f4Microsoft Windows 8/2012 R2 x64 EternalBlue SMB remote code execution exploit that leverages MS17-010.
d2515a1e6d996e23c72bd9ad42e411a45def083377a039d3c6f773b7ebd85fbaThe Joomla version 3.7.0 fields component suffers from a remote SQL injection vulnerability.
914600f2292f25a5648b2ad58ced49b43809bcd44e72b9d8a1f6176e284de9f6PlaySMS version 1.4 suffers from a remote code execution vulnerability.
3c8a63c95cb5cd39de2c05874efd2f98a9c719765b28143345cabc3ef991b525D-Link DIR-600M Wireless N 150 suffers from an authentication bypass vulnerability.
d2de4c1ec6d915ce30568940e60b15df8daef411482a245f56c00ebbe5c653baManageEngine ServiceDesk Plus version 9.0 suffers from an authentication bypass vulnerability.
0b8968d2eb45a073ca7bd4ac6b7249f163568b69dd319a79d314bac27cbd48d1SAP Business One for Android version 1.2.3 suffers from an XML external entity injection vulnerability.
3257ec117b9ead701ce13e2ebd0d94106c6ccea7ddacfc94e55a7d5f53ba0456KMCIS CaseAware suffers from a cross site scripting vulnerability.
8ed17c56890bb941dc62c03f9ac26a10d3abf303ee137587b5a0126dd6299721testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
b160969dd8950f63afd57243cbbe2af0f7de9501a877e78b9b8ed9bae5405b59Asterisk Project Security Advisory - A remote memory exhaustion can be triggered by sending an SCCP packet to Asterisk system with chan_skinny enabled that is larger than the length of the SCCP header but smaller than the packet length specified in the header. The loop that reads the rest of the packet does not detect that the call to read() returned end-of-file before the expected number of bytes and continues infinitely. The partial data message logging in that tight loop causes Asterisk to exhaust all available memory.
8d5f47cf0e67ce5864a2b2a4177e62f386b1d90a8d45c93551e617023efa518cAsterisk Project Security Advisory - The multi-part body parser in PJSIP contains a logical error that can make certain multi-part body parts attempt to read memory from outside the allowed boundaries. A specially-crafted packet can trigger these invalid reads and potentially induce a crash.
dffc64dd4e5928c9a21df82604d70762c92068e2145f6bc7293d2eb080f35bbcAsterisk Project Security Advisory - A remote crash can be triggered by sending a SIP packet to Asterisk with a specially crafted CSeq header and a Via header with no branch parameter. The issue is that the PJSIP RFC 2543 transaction key generation algorithm does not allocate a large enough buffer. By overrunning the buffer, the memory allocation table becomes corrupted, leading to an eventual crash.
60ef218a0c056d6aec0776e903fa217b0958d9a103decc2e014f49f5d98412d9This bulletin summary lists one bulletin that has undergone a major revision increment.
e9644ba34af5fc468f284a8211f278b9180d4ad29b4398daec9fe8adb57be2f5Google I/O 2017 application for Android versions prior to 5.1.4 suffer from a man-in-the-middle vulnerability.
1fa0559e9edae7e21ef67d5f155d2d2b4db4d4651ee541249e1393abaf366aceIn default installations of HP SiteScope version 11.32, access to Java Management Extensions (JMX) is allowed to unauthenticated users over port 28006. This configuration allows for remote code execution exploits.
52544054868c2ef0c003c8317520227934d8c939f448bb6d5e4d362256c9015c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed