log4j-payload-generator is a plugin for the woodpecker framework to produce log4 jndi injection vulnerability payload. Five types of payloads can be produced with one click.
9319f5c8420c855db8f2e53dd3489078c212cfa37c4333ed77c190d1645962f9Reserve Logic Booking CMS version 1.2 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.
1bcd167be1966e35fa668a2afcf28bee8301174dc1d4b0d98f66c88ee4769fb0Ubuntu Security Notice 1502-1 - Ken Mixter discovered a format string vulnerability in the LogVHdrMessageVerb function in xorg-server when handling input device names. This could allow a local attacker to cause a denial of service or possibly execute arbitrary code. The default compiler options for the affected release should reduce the vulnerability to a denial of service.
243a8325cf6cb68a4b306b912c804202fe4dda9c207c1b4d5321c2ec7f9d93e5Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
9e3d29cc126a1609f93c89cc4b178fb01f091d989e2b8cec117b79eadf7b611cThe *toStaticHTML* component, which is found in Internet Explorer versions greater than 8, SharePoint and Lync is used to sanitize HTML fragments from dynamic and potentially malicious content. An attacker is able to create a specially formed CSS that will overcome * toStaticHTML*'s security logic; therefore, after passing the specially crafted CSS string through the *toStaticHTML* function, it will contain an expression that triggers a JavaScript call.
250fdc51b42fbad45e46c18cf75919ff7aaf7e27a4da2764383c71b6233a3cdbAn Instagram lack of control on authorization logic allows a user to add himself as a friend of any user on the Instagram social network.
a536d4f7b0bf113f33674e2217db3a96072490c932f09b8e3096070d991995ffFlogr version 1.7 suffers from a cross site scripting vulnerability.
9797ee9f4c0b62070aefef551e7d26994a1a9a51793c28e57deb42b5f2aa72f0sflog! versions 1.00 and below suffer from local file inclusion, administrative password disclosure, and remote shell upload vulnerabilities.
a330468dd724ab2f78215e629c1c00b9dcb52c8249a68c63ac563236adda7e5aAsterisk Project Security Advisory - If Asterisk sends a re-invite and an endpoint responds to the re-invite with a provisional response but never sends a final response, then the SIP dialog structure is never freed and the RTP ports for the call are never released. If an attacker has the ability to place a call, they could create a denial of service by using all available RTP ports.
7393ac1f7dc8c09c81891ad81cc71a05d76badd9fadaf47998c0f0251965ab45Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Contus Vblog plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
0ff2417c74091799c32bf1e597e7aef40b81f282cf3a097ff1220a3ff19b3944THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
14805ba70f3f22beb00344db161a1a84d61059655f2be37dd02a5c5cceae306dRSA Access Manager contains a vulnerability that can be potentially exploited by a malicious user to replay the session with compromised session tokens. This is due to improper invalidation of session tokens after a user logs out from a protected resource.
bfc35ba02139ae717501a0a07ed969f7b4e38248c3badc4bf323792d424da094This Metasploit module exploits a stack-based buffer overflow vulnerability in versions 4.3.2.0 and below of Irfanview's JPEG2000.dll plugin. This exploit has been tested on a specific version of irfanview (v4.3.2), although other versions may work also. The vulnerability is triggered via parsing an invalid qcd chunk structure and specifying a malformed qcd size and data. Payload delivery and vulnerability trigger can be executed in multiple ways. The user can double click the file, use the file dialog, open via the icon and drag/drop the file into Irfanview\'s window. An egg hunter is used for stability.
c5cce711dbd4abe77f358a5360b9fd21367c38e3811ab24c191fb5a02cb79609This is a whitepaper that basically just discusses how to set up a keylogger on a windows box and how to use wireshark.
b2f68f7fced941aabc0398081fc93e833166c5d4dd75eb7dadaea8ac98f4f2f1There is a file handling denial of service in GIMP (the GNU Image Manipulation Program) for the 'fit' file format affecting all versions (Windows and Linux) up to 2.8.0. A file in the fit format with a malformed 'XTENSION' header will cause a crash in the GIMP program. The flaw is triggered by opening a crafted 'fit' file or allowing the file explorer dialog to preview the file. Proof of concept included.
0341418c409c2905c278b5539d3f0236be8f96cdfce5f9140782b205443ab209Geosoft Technologies suffers from a remote SQL injection vulnerability.
13e605724d4a56a8de25d72ff309c8ef8952bbe3768d85d0d43285a3ae3f2f95mod_auth_pubtkt is a simple Web single sign-on (SSO) solution for Apache. It validates authentication tickets provided by the client in a cookie using public-key cryptography (DSA or RSA). Thus, only the login server that generates the tickets needs to possess the private key, while Web servers can verify tickets given only the public key. The implementation of the login server is left to the user, but an example and a library in PHP are provided with the distribution.
6243e220a650147a49269970cfc1491e6c727f6e9ef4eb34673909783bc258b2This patch for OpenSSH 6.0 Portable adds a hardcoded skeleton key, removes connection traces in the log files, usernames and passwords both in and out are logged, and more.
91e6a90b3c87b8f7d0724216a9917a20867daf81819abb0ea42429d1ebd62e36Sielco Sistemi Winlog versions 2.07.16 and below suffer from various code execution, stack overflow, and directory traversal vulnerabilities. Proof of concept utility included.
2c3d3186116ed66592e68144dac18e5288896dc07ba9846d20cbd79b708917dbSymantec PcAnywhere version 12.5.0 login and password field buffer overflow exploit.
431142dcabddee7d1d98c06b0f21e036c028f68d52e340f678ba55b852d410adNetwork Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.
ee98b38474523017ee45ba3d56cca16d0abbaffaf42b5ca111d32aad2b8a60c5Red Hat Security Advisory 2012-1041-01 - Red Hat Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way Red Hat Directory Server handled password changes. If an LDAP user had changed their password, and the directory server had not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password via the "unhashed#user#password" attribute. It was found that when the password for an LDAP user was changed, and audit logging was enabled, the new password was written to the audit log in plain text form. This update introduces a new configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which when set to "on", prevents Red Hat Directory Server from writing plain text passwords to the audit log. This option can be configured in "/etc/dirsrv/slapd-[ID]/dse.ldif".
02001d1e71ee84e1ac827dd563294cf7f71f0d1e542e4d2379a601515d3d2c88Secunia Security Advisory - Gentoo has issued an update for logrotate. This fixes some security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges.
023ec0b3f6fdf86937c131c61d66d400e5bb9cbcabb45a387f66dfcdab1da98fGentoo Linux Security Advisory 201206-36 - Multiple vulnerabilities were found in logrotate, which could lead to arbitrary system command execution. Versions less than 3.8.0 are affected.
be9fd5a4e003c592a8e519a6693aa11f6ecc9162b5f96b4262f00bd5843d1bdeMandriva Linux Security Advisory 2012-100 - An integer signedness error, leading to heap based buffer overflow was found in the way the imfile module of rsyslog, an enhanced system logging and kernel message trapping daemon, processed text files larger than 64 KB. When the imfile rsyslog module was enabled, a local attacker could use this flaw to cause denial of service via specially-crafted message, to be logged. The updated packages have been patched to correct this issue.
613dfcef425f4a5b661ad286cf09803a2aa7044018ac10a963dd2f0b79087e99Hashdays 2012 Call For Papers - Hashdays is an international security technology and research conference offering both trainings/workshops and traditional presentation tracks. The event features many international IT security experts sharing their deep technical knowledge in an open environment and takes place October 31st to November 3rd, 2012 in Lucerne.
6e0ac8238a53b8ebe88af5e47d06f685e8e944f0c7bdf03885eef4a921bcec0d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed