ESET versions 5.0 through 7.0 suffer from a kernel memory leak vulnerability.
8b5888960f4d9b82098187fccdeffd23d87b222ac084d8ed2407392d581bf8272Wire Gateways suffer from a remote password reset vulnerability that allows for authentication bypass. Versions 2071 Gateway, 1800HW, and 1701HG are vulnerable.
bcf03cf41785e1546ced74abf07c45219887bda85fd037204944016c0203f0b3WordPress versions 2.8.3 and below suffer from an arbitrary administrative password reset vulnerability.
2aebade190a8d67f8fd45987340b39948b70880e72d7a23065d3f58fea507c93Secunia Security Advisory - A vulnerability has been reported in the Reset Backend Password extension for TYPO3, which can be exploited by malicious people to conduct SQL injection attacks.
fa62206185f1a005b58c96e936910da48701c1dec0ae53a89d013edc6586f6deZenPhoto Gallery version 1.2.5 administrator password reset exploit using cross site request forgery.
1a2d15c4041d20cefe60ca298054f060cd86c3a57e3568f9c13a0d676329c67bTrafscrambler is an anti-sniffer/IDS NKE (Network Kernel Extension) for Mac OS X. This initial release implements SYN-decoy, Pre/Post connections SYN, TCP reset, and zero window attacks. Author tested this on x86 OS X versions 10.5.6 and 10.5.7. It should work on PPC and older releases as well.
aab723f080dfb7656d1c9a5a1e0be87e610747f7fbbad4ff67a4c809ec5c6cf2The ESET Nod32 parsing engine can be bypassed by a specially crafted and formatted CAB archive.
1c69319e78e7b2c5cc45a466ee1778e1e75bb147ad1ae4612f28dc3cc03020ceVuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
7d4f8245de98f0a362f5ddfdeb672ee887eb54f39056764df98429d6eab4c26bSecunia Security Advisory - A vulnerability has been reported in ESET Remote Administrator, which can be exploited by malicious users to conduct script insertion attacks.
49510f2b2c934fafb2533f5d9f399da83b40c48105f349a81596b87f7d3b472dIP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
3dcfb60c6e8a9406cd0854fcce4c59cf3eaf59c17d20738cef9c5804f307cfbbSagem Router F@st version 2404 remote unauthenticated reset proof of concept exploit.
58bb0619c6d3951ccfd8aa214c710d60ae975280846c86d8fea45ac18d5153f0IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
2df257f16e934c0b0ebdd808b921e1439e1440cb8955bf5fae611757f531c71cIP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
f1e7a41179e6ca09832589705d422c58693e434faa931221bf9f2ea7591f2e6dESET Smart Security versions 3.0.672 and below privilege escalation exploit that leverages epfw.sys.
f29fe451e9890c793c7cbfb3d56fb2ee31ad02274c39d51399ff619f211206f8Secunia Security Advisory - alex has discovered a vulnerability in ESET Smart Security, which can be exploited by malicious, local users to gain escalated privileges.
6aaa28a21ff2b76dd7be3192c221b7e4af024300087511973b7818753f1bc683IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.
6cf995b16f0fd9149b418f3c1161ef0765dc172e25036a480fb83ef5869e259eGentoo Linux Security Advisory GLSA 200812-09 - Smart cards formatted using OpenSC do not sufficiently protect the PIN, allowing attackers to reset it. Chaskiel M Grundman reported that OpenSC uses weak permissions (ADMIN file control information of 00) for the 5015 directory on smart cards and USB crypto tokens running Siemens CardOS M4. Versions less than 0.11.6 are affected.
c6ee2a4b61e4dbad6fbde8d1cdb450da973718cd1afa12d10b3c625df252fae9OpenForum version 0.66 Beta remote administrator password reset exploit.
1d4378b8d1636ae75cff190e3d814c6a97a8335a4fd13f89d26c2304014a44f4AJ Square Free Polling Script suffers from blind SQL injection and vote reset vulnerabilities.
3c176e606ebe1a4b4a2150099ebcdedecd473caf35a04b13f1fae92787b06748ESET SysInpector version 1.1.0 proof of concept exploit that leverages esiadrv.sys version 3.0.65535.0.
bfd2de6ab594b4e6d3f5384c5ebde27773a28b96958a66db70d47cacbc46c50fVuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.
3de5cf32ed45de6bb8498b4a7cda9c81f1c4f999b6df520403a3c8bbd145e200Joomla versions 1.5.7 and below suffer form a weak random password reset token vulnerability.
f3a05de176b98357326a615c8a735e3cceca49d45366d2ac92f9ebe2230f981fSimple Machines Forum versions 1.1.5 and below administrative password reset exploit for win32.
11534bca49ca9deb4bea709d19e3081c15e806e759d7bf721f3b5bfeb289e208ESET Smart Security version 3.0.667.0 privilege escalation proof of concept exploit.
5c3bf3a1824badc237585c26e1c7bf2ed7e051c4b276c74596e3611ae3220a3eThe Jura Impressa F90 coffee maker allows for remote mangling of the presets and possible denial of happy coffee drinking service. We can now envision the day when coffee makers will be part of large botnets.
fcbafd1edc8a15801f0425c1cdcf27bf2f6886f95b5ae57a49ad7278cd3ed57dGentoo Linux Security Advisory GLSA 200802-03 - Ulf Harnhammar, Secunia Research discovered that the frame and frameset HTML tags are not properly filtered out. He also reported that certain HTTP requests are executed without being checked. Versions less than 4.1.6 are affected.
657780bafc3c14c287fde088770ac4afa98d98845d94b35a85ef7705bdfed87d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed