This Metasploit module exploits an stack based buffer overflow on Yokogawa CS3000. The vulnerability exists in the BKESimmgr.exe service when handling specially crafted packets, due to an insecure usage of memcpy, using attacker controlled data as the size count. This Metasploit module has been tested successfully in Yokogawa CS3000 R3.08.50 over Windows XP SP3 and Windows 2003 SP2.
7408ef475efc86bd8fe8b92c5ff8db48dbdc910b25fd6be4ef64b1c3255fc826HP Security Bulletin HPSBHF02946 - A potential security vulnerability has been identified with certain HP servers that use NVIDIA Computing GPU processors. The vulnerability could be exploited resulting in an elevation of privilege. Revision 1 of this advisory.
76bab84d2645fd43343e0d74bd3f521197d9410ad6afd9576db25edbcec97866HP Security Bulletin HPSBST03038 - A potential security vulnerability has been identified with certain HP H-series Fibre Channel Switches. This vulnerability could be exploited remotely to disclose information. Revision 1 of this advisory.
6837f903e2939f812c5e4f9a4f409781d0894c5cd5657d514f20fa34cba7582cDrupal Flag version 7.x-3.5 suffers from a remote command injection vulnerability.
77d2733663b72ddf1a970877c43463caf16d6a0a9fb55bede84b804ac0cefc7eHyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".
fa0f0dd00142c7e8afb79cd7f2585a81d1ad07048a94db78fb3f1d9234ea8c36Jasper Server versions 5.5 and below suffer from a session fixation vulnerability.
5a8cd75ea1fc559c5e606aa75dc868afa95e2e08f85eb9edc66906672210da21HP Security Bulletin HPSBMU03035 1 - A potential security vulnerability has been identified with HP Network Node Manager I (NNMi) on HP-UX, Linux, Solaris, and Windows. This vulnerability could be exploited remotely to allow cross-site scripting (XSS). Revision 1 of this advisory.
000aa3e36c18f6abeef7431ade00b117ae506f0f7688fd086dce0b58a27e0fccThe OnApp IaaS platform fails to remove and regenerate ECDSA host keys upon deployment.
fc8d4a81ebc0b76d674cc85691e4034840c20e9d216865f149f268eb4e4b2377Jet Audio version 8.1.1 suffers from a memory corruption vulnerability.
c52be51e49cdfa83e81d6f3b90d8fcbdff938b336d4d464fa62001436fec946aVLC Player version 2.1.3 suffers from a memory corruption vulnerability.
6792834d831a80e4ebb4ad64787a7b8546a2c954b030f0c8f1392124d68c13a5HP Security Bulletin HPSBGN03008 2 - The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. NOTE: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL cryptographic software library. This weakness potentially allows disclosure of information that is normally protected by the SSL/TLS protocol. Revision 2 of this advisory.
cb79766cc7d68b78f8c6d2610dd53ed58815893184b2f16d2494866ec3bcd023Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
2792a9e8706a516d2e81339846fc38f94fa8dd3f604b2fde9d0b07593727f62bSILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet. It can be used to send any kind of messages, in addition to normal text messages. This includes multimedia messages like images, video, and audio stream. All messages in the SILC network are encrypted and authenticated, and messages can also be digitally signed. SILC protocol supports AES, SHA-1, PKCS#1, PKCS#3, X.509, OpenPGP, and is being developed in the IETF. This tarball holds all developer related files.
34a6f1b786f5c4d4138ffc5b2596e6709531e8ce8dc1cd1764362a8329ec53dcThis Metasploit module exploits a buffer overflow vulnerability in Adobe Flash Player. The vulnerability occurs in the flash.Display.Shader class, when setting specially crafted data as its bytecode, as exploited in the wild in April 2014. This Metasploit module has been tested successfully on IE 6 to IE 10 with Flash 11 and Flash 12 over Windows XP SP3, Windows 7 SP1 and Windows 8.
6a8fa454ee9283f46ce5d01131f9d761fbf953a93ad1c6ec6a6883225ddafa72Foscam IP cameras suffer from a dynamic DNS predictable credential vulnerability. Proof of concept code included.
5baac5bc37afd3fd3aab2f95d719db3bbdda8721c33fcfdd634fce91a8ca44d0The WHQL-signed Synaptics touchpad driver delivered via Windows Update executes a rogue program C:\Program.exe with system privileges after its installation.
404715addcfed1bb09a24b3d012bd09aa7ac32c25420053cfa249818f2df19aa
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed