A critical security vulnerability that allows a remote unauthenticated attacker to remotely execute arbitrary code under root privileges has been discovered in Broadcom's UPnP software.
a9af7d158bb390ad756245dc9d569c020c94e28b5576407cf6cf4b7fe4378cd8TorBrowser versions 7.0.8 and below for Mac OS X and Linux are affected by a critical security issue. According to the Tor Project, further details will be released in the near future. Due to a Firefox bug in handling file:// URLs it is possible on both systems that users leak their IP address. Once an affected user navigates to a specially crafted web page, the operating system may directly connect to the remote host, bypassing Tor Browser.
98ad8fa1e2be0c10bbbb3b46fcb9cb4ff3e65dec0ce7c05e95e2dbb0691343c0VMware Security Advisory 2016-0004 - VMware vCenter Server, vCloud Director (vCD), vRealize Automation (vRA) Identity Appliance, and the Client Integration Plugin (CIP) updates address a critical security issue.
bd56155a16a9898620437b43f01ad1f323acba62d3f1fc3b322b4be0caad980bHP Security Bulletin HPSBMU03190 1 - A potential security vulnerability has been identified with HP Helion Cloud Development Platform Community Edition and HP Helion Cloud Development Platform Commercial Edition. The vulnerability could be exploited remotely to allow Unauthenticated access. Note: On October 28, 2014, HP identified a critical security vulnerability in the v1.0 release of the HP Helion Development Platform. The vulnerability is in our Application Lifecycle Service (ALS) and requires immediate attention. Vulnerability background: During the development process, valid user and host security keys were unintentionally left on the ALS Seed Node image. These keys are thus universal on all virtual machines created using the ALS Seed Node image. If an attacker has a virtual machine (VM) created from the ALS seed node image, they could potentially use that VM to connect (without giving a password) to any other VM in any ALS cluster (including ones the attacker does not own) if the attacker obtains a valid cluster VM IP address and the cluster was created with an ALS seed node image containing the vulnerability. Revision 1 of this advisory.
38dde2ca0ee61192adb6609d5eba20d0a98df126cf600057924d3e3c114e5f51VMware Security Advisory - Updated VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability. A critical vulnerability in the virtual machine display function might allow a guest operating system to run code on the host.
ded0d04acbe4c8b889c0e5575d735098c83e86bfdfa2bfcf6b60809b3bf1577eVMware Security Advisory - VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2.
31c6abc34ab54b63be1f222d1e69ab8c92a9f8ac0630c89314450bdf34c106c2A critical security vulnerability has been found in the Windows NT Message compiler. Arbitrary code execution might be possible.
24b0f5f728cee15387b8047715df914ab990567e58c6afa386a553921a92bc84A critical security vulnerability has been found in FreeRadius version 1.1.3. Arbitrary code execution is possible due to improper bounds-checking.
ef790c0434ea07cb947825b2c0788c76495d888a8818315d76eb07a0583c5e04SUSE Security Announcement - SUSE-SA:2006:015 - A critical security vulnerability has been identified in the Adobe Macromedia Flash Player that allows an attacker who successfully exploits these vulnerabilities to take control of the application running the flash player.
f186d9f33539a24b0938e1c3428dc4538701eb0fa381bcf2354d6acba542c975Multiple SQL injection vulnerabilities in metacart2 for payflow. Example exploit URL included in advisory.
91a62b15583088eafdf55e57ac53a4580189ef41a7ca845c6184ff7996ea6447Metabid contains multiple SQL injection vulnerabilities. Username / Password verification can be bypassed via SQL injection, and more issues exist. Advisory contains example exploit URL.
67ee02e0b5694b14f0011efc0a8cb3134f865a21e9fd86180e92abd4be94ca7aBK Forum v.4 is vulnerable to multiple SQL injection vulnerabilities. Advisory includes example exploit URL.
88e22bd5f279a93f88df060dd312cb550288bf0e52da84bda4720bf69379b432Multiple SQL injection and Cross-site Scripting issues in phpBB versions 1.52 and below. Example exloit URLs included in advisory.
9ed61fb9b6bddef6a6fbcc172a966e32b1952757835f428dc9b3ec91afbb9023Easy Community Management System Forum (E-XOOPS) contains multiple SQL injection and cross-site scripting vulnerabilities. Some of these may not be exploitable depending on how PHP, Apache, and MySQL have been configured. Advisory contains proof-of-concept exploit URLs.
383b99f55a4400a2bec840c614876918516b6901632de122f0ebc7126617cb4fE-Store Kit-2 PayPal Edition is susceptible to file include and cross site scripting vulnerabilities.
ac872074f1d371f1d96de015fc38c149d3b951e1b6eb8d240882fa2604fa3f38Various cross-site scripting and (possible) SQL injection vulnerabilities exist in ESMIstudio's PayPal storefront scripts. It may not always be possible to exploit some of these depending on how PHP, Apache, and MySQL have been configured, however.
d03061ea7d5a7ea3eb1416dbdfa817a53389af20ae542ec03be5886d095afffaDownload Center Lite (DCL) versions 1.5 and below are susceptible to remote file inclusion.
43f57b913db929992724eae47a2728e399d2130c988a03d52f0a704688c56390Local root exploit for /usr/sbin/iwconfig.
10b71b48cb5e4b165f212352a02ef424f83595d0dcaf1c2619779a0133ef61f9Local root exploit for /sbin/ifenslave.
8fbd7a93da6b7b610698f7b15ec38201522ff308b0dee9883544408815519bfcA critical security vulnerability has been found in the Linux kernel code handling 64bit file offset pointers. Successful exploitation allows local users to have access to kernel memory. Kernel series affected are 2.4.26 and below and 2.6.7 and below. Full exploit provided.
92706af943a287522ac0045554f0149a454453a2c0f2f0482f4e4f98d714283aA critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2.
483ed3b485fe72175ca9d4f6e07e3c8cc8998ed7ee2f98e6a72a1016b9373ac3A critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2.
15e57e93f04e6f6e219e6d6e4da2f41a33f772b68029df65fa0dcaf3e0bde0a7The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access. Updated version of the original release of this document.
0a4e3c81dc818181f880893f3f4e1c339b5517ada7d7b0d09c8ac1ddf34cbe95The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access.
1f3565207e96102d6a63c660b43ba3e8e06061f744c34c3ff6a6df7a1d02e5efDCAM webcam versions 8.2.5 and below suffer from a directory traversal attack that allow a remote attacker to access any file available to the webserver uid.
3100d7453b6443b31ae5e4981c57020c628cd6fe3e5be2d1e7ef034ab11dcc3eDcom RPC remote win32 exploit, ported to Windows for compilation with VC++ 6. Uses "magic keys" to find the offset. Ported by Lordy
132c24caa22412268215f455fb5e2eb14b4e96dd8f2b7f5f467245ef0395479e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed