The tcpip.sys driver fails to sufficiently validate memory objects used during the processing of a user-provided IOCTL. By crafting an input buffer that will be passed to the Tcp device through the NtDeviceIoControlFile() function, it is possible to trigger a vulnerability that would allow an attacker to elevate privileges. Proof of concept exploit included.
9d61f1a5823955c19741ad2d57e256f3641cf2f035e04e442eac8b77fd3054eaICS-CERT Advisory ICSA-12-228-01 - Independent security researchers Billy Rios and Terry McCorkle have identified multiple vulnerabilities in the Tridium Niagara AX Framework software. The vulnerabilities include directory traversal, weak credential storage, session cookie weaknesses, and predictable session IDs, all of which can be exploited remotely. All known versions of the Tridium Niagara AX Framework software products are susceptible to these vulnerabilities.
a321597efe4a62df5a3a2266cf1f16eb392c55adffe8c8fa35b7747b79ea649bSecunia Security Advisory - Justin C. Klein Keane has reported two vulnerabilities in the HotBlocks module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and cause a DoS (Denial of Service).
fd66d289c29962cfb58bf6dff524d5a580cb93c94046532983e4247cd4e04963Secunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Custom Publishing Options module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
cc35b5266f1d0b8ceb2030857739c796b62542e3b08fdf9ae6beacedabc27687Red Hat Security Advisory 2012-1169-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.
7d5b013b987ff091dd7a23fc5f576eb318a9b088700f78e918b6ba97b41e66c5Red Hat Security Advisory 2012-1168-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.
d2ced5174e3b3e5aa23d5bb70fe45a1a71a1a33cadc9611bc0fa7bc2e78e8c66Secunia Security Advisory - Justin C. Klein Keane has discovered two vulnerabilities in Transmission, which can be exploited by malicious people to conduct script insertion attacks.
4b6d6aee454fd0db779a266bd84d34add725b93908d2d349708b61274a626fafSecunia Security Advisory - Vulnerability Laboratory Research has discovered a vulnerability in Nuked-Klan, which can be exploited by malicious people to conduct SQL injection attacks.
3511e3ab44e9f2e57f3aba27d77da69c91e4cbae9bd2f5c725c60cc699783481Nuked Klan SP CMS version 4.5 suffers from a remote SQL injection vulnerability.
ebe08aea613afd901a49b1426f4352b085f990ac993f702cda6d8c06256333e2WordPress Auctions plugin version 2.0.1.3 suffers from a remote shell upload vulnerability. The author of the plugin has quickly released version 2.0.2 to address this issue.
b07e476f45e0bbb516965528fe2a38f2945dbc825a2edd80cf86ae1c4e8f55fcBooklight suffers from a remote SQL injection vulnerability.
bbe921d900d3b3d205aab38fe306d0b1d296ce3a918bdf180fcea22c22d6ab60This Metasploit module can be used to execute a payload on LANDesk Lenovo ThinkManagement Suite 9.0.2 and 9.0.3. The payload is uploaded as an ASP script by sending a specially crafted SOAP request to "/landesk/managementsuite/core/core.anonymous/ServerSetup.asmx" , via a "RunAMTCommand" operation with the command '-PutUpdateFileCore' as the argument. After execution, the ASP script with the payload is deleted by sending another specially crafted SOAP request to "WSVulnerabilityCore/VulCore.asmx" via a "SetTaskLogByFile" operation.
0f339f9c1af48dbfe9bfacaefebfc2b71162b36ed475e3bea07c0a38fda09f1bGeeklog version 1.8.1 suffers from a remote SQL injection vulnerability.
9be3e7153df67b33b254726a14a901951aaaba4751f8049fd80f5b1eb6da025fSecunia Security Advisory - AppSec has reported a vulnerability in Blacklist for Android, which can be exploited by malicious people to bypass certain security restrictions.
37f498485bee7f9284db3fe4c60d5aa5715a8ae37320b41668ab694a8a3d3e64Secunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in Safari, which can be exploited by malicious people to compromise a user's system.
c54e4da1e7b08f80587bc88bc5632578b833387b8956ebb1ab8b0c2c2de06083Secunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in Apple Safari, which can be exploited by malicious people to conduct spoofing attacks.
6a150a968fd0a0510ccc64271206ee5d25166b732b95563ce275250c40cb6ebdSimple Fuzz is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.
a65bb4d048c713dd9ecc4b42b98cc124516fd5c1df19deddfc664476aad7caacAdsuck is a small DNS server that spoofs blacklisted addresses and forwards all other queries. The idea is to be able to prevent connections to undesirable sites such as ad servers, crawlers, etc. It can be used locally, for the road warrior, or on the network perimeter in order to protect local machines from malicious sites.
595f7b9ab3b055170bcdfc0cee03c49f559cde4e2a3910de1d8daf1161cee3f0Kloxo LxCenter CP version 6.1.10 suffers from a cross site scripting vulnerability.
514411be575c95c1a05c3894ceca60cd98fce1d8c98e02d9fdfe26c5eaf760f7Kloxo LxCenter Server CP version 6.1.10 suffers from multiple cross site scripting vulnerabilities.
a33d451cb7193212b19f52ef71ea0a69584fc6f9bc06e942ff9162339e22559cMandriva Linux Security Advisory 2012-014 - The autocompletion functionality in GLPI before 0.80.2 does not blacklist certain username and password fields, which allows remote attackers to obtain sensitive information via a crafted POST request. This advisory provides the latest version of GLPI which are not vulnerable to this issue. Additionally the latest versions of the corresponding plugins are also being provided.
f4875e63cc28c3d7e1d8921a612952ad0ff1970d34cc76aaf7e34342f3c7f682The goal of IP-Link is to show the relationships between different IP addresses from network traffic capture, thus quickly determining for a given address the IP address with which it communicates the most.
57b2023ef24ee6bf516d8fc98e8b2585756a54e46aa0be40ef0bff566c6fe2b0Secunia Security Advisory - A vulnerability has been reported in MarkLogic Server, which can be exploited by malicious people to compromise a vulnerable system.
79894a3e7fc295a62a29eebeccb5c93cddf244aae1790747e86de5395336ef20adsuck is a small DNS server that spoofs blacklisted addresses and forwards all other queries. The idea is to be able to prevent connections to undesirable sites such as ad servers, crawlers, etc. It can be used locally, for the road warrior, or on the network perimeter in order to protect local machines from malicious sites.
494f4e31c23b6682f4df4b2146cd8a5076c09846f4b6e8d2192681d2bcac7ce9Red Hat Security Advisory 2011-1806-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release serves as a replacement for JBoss Enterprise Web Platform 5.1.1. This update includes bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
5ca01c329904623d5e6111a68d50e428968b80fc0f8c56147b0a944df451d761Red Hat Security Advisory 2011-1804-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. OpenID4Java allows you to implement OpenID authentication in your Java applications. OpenID4Java is a Technology Preview. This JBoss Enterprise Web Platform 5.1.2 release for Red Hat Enterprise Linux 4 serves as a replacement for JBoss Enterprise Web Platform 5.1.1. These updated packages include bug fixes and enhancements. JBoss Enterprise Web Platform is a subset of JBoss Enterprise Application Platform. Users are directed to the JBoss Enterprise Application Platform 5.1.2 Release Notes for information on the most significant of these changes.
54d07d561f5eabfe6ad950776b8c4f7c99712d1935a323e9cf80816afadac3d8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed