This Metasploit module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically targeting CUPS filters through the PRINTER_INFO and PRINTER_LOCATION variables by default.
5a376a0f4e8be0b42906123abc72f100a271655c6310963fc913fc7504861155Enalean Tuleap versions 7.4.99.5 and below suffer from a remote command execution vulnerability.
86da9fb1bc835abec483555c432a4f2fdad5fb95976c56ab4f5e4085ea8b5631Enalean Tuleap versions 7.2 and below suffer from an external XML entity injection vulnerability.
ab8a77cc2eda457cf59f902478e2f9d728886f29aedb8161746791a3af1fefc2Enalean Tuleap versions 7.4.99.5 and below suffer from a remote, authenticated blind SQL injection vulnerability.
17e714a5c82970fcf9eb3939bc1da2a02d460e307f429a094407a26d9a63ff06ESET versions 5.0 through 7.0 suffer from a kernel memory leak vulnerability.
8b5888960f4d9b82098187fccdeffd23d87b222ac084d8ed2407392d581bf827HP Security Bulletin HPSBST03160 - A potential security vulnerability has been identified with HP XP Command View Advanced Edition running Apache Struts. Revision 1 of this advisory.
7347708214d9e40bfa1feac22c945e22da23247a26c666e8ec2f25128975846dMandriva Linux Security Advisory 2014-210 - Multiple vulnerabilities have been discovered and corrected in mariadb.
f7370d99fd7f151bcd3f21c1d12c24ec5d83ca6e04df9913e5031ea6bf1ea4dfUbuntu Security Notice 2390-1 - Jacob Appelbaum and an anonymous person discovered that Pidgin incorrectly handled certificate validation. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Yves Younan and Richard Johnson discovered that Pidgin incorrectly handled certain malformed MXit emoticons. A malicious remote server or a man in the middle could use this issue to cause Pidgin to crash, resulting in a denial of service. Various other issues were also addressed.
9de2fd893b05d9381e103c2fc1c9fa71c92e128c9e9885eff70ac44ee7e4e2b2Mini-stream RM-MP3 Converter version 3.1.2.1.2010.03.30 suffers from a buffer overflow vulnerability when handling .wax files.
302e7e5408a62bb0b8fa71f8365379786080916a1802f9c4f860e232d900c7e6ESTsoft ALUpdate version 8.5.1.0.0 suffers from a privilege escalation vulnerability.
2ac6441238ee7b081bebbe85cb5cc78a62c50c26bd6433f839deaadbcc8214cdThe Third International Conference on Digital Information, Networking, and Wireless Communications (DINWC2015) Call For Papers has been announced. It will be held in Moscow, Russia February 3rd through the 5th, 2015.
bf13707a2f9a9b4d2235e37a602c9334c401769c52d73a3476e0ea6cd46af777HP Security Bulletin HPSBHF03156 - A potential security vulnerability has been identified with the HP TippingPoint Intrusion Prevention System (IPS) Local Security Manager (LSM) running SSL. This is the SSLv3 vulnerability known as "POODLE" which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.
6e6c399de1b833236d40e0bbbc145b48364b6110b2c080f1fb91d4b0b75f0cbfDAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
b7b224803dde427b20c84fadc4d4ad53f93b348afa988194ca473e0809af0c57This Metasploit module exploits a NULL Pointer Dereference in win32k.sys, the vulnerability can be triggered through the use of TrackPopupMenu. Under special conditions, the NULL pointer dereference can be abused on xxxSendMessageTimeout to achieve arbitrary code execution. This Metasploit module has been tested successfully on Windows XP SP3, Windows 2003 SP2, Windows 7 SP1 and Windows 2008 32bits. Also on Windows 7 SP1 and Windows 2008 R2 SP1 64 bits.
41b7d988b197d4b07886ef236a76dda4482ef1d09d5d87eb2dbc440af8850897The CBN CH6640E/CG6640E wireless gateway series suffers from information disclosure, cross site request forgery, cross site scripting, and denial of service vulnerabilities.
2abfa7dcae36453b2de188ce94ee87d4e58078ce17f31bccfdccebada77aaca9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed