Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
4a2e4f0cd41e62adb5a713b4a1857c49145cd09a69957e6d946ecad575206dd6Claromentis Discuss module version 1.2.1 suffers from a stored cross site scripting vulnerability.
62a89f3e71faa9b2c915aa46d1ffafee1eff19c64d7bfa67798379b30cd4c981It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system. UEB v9 runs the api under root privileges and api/storage is vulnerable. UEB v10 runs the api under limited privileges and api/hosts is vulnerable.
26c3d9da1b69eb5067bf4415e099c1d16549287987fd59097875111bb16caf69This Metasploit module exploits a stack buffer overflow in Zahir Enterprise Plus version 6 build 10b and below. The vulnerability is triggered when opening a CSV file containing CR/LF and overly long string characters via Import from other File. This results in overwriting a structured exception handler record.
c51c1d1c21392204bf387a607e386388a6773f8a710db6706b904d643e98b8f9The Fourth International Conference on Information Security and Digital Forensics Call For Papers has been announced. It will take place at the Metropolitan College, Thessaloniki, Greece December 7th through the 9th, 2018.
64f94224eaa5dc0fbe7abb819a7cc7b722cd8e76964e085013f2136116718639This program takes a payload and does a single offset on the payload (ceaser cypher encryption) and allows you to take the payload and decrypt and execute it in memory to bypass signature detection of currently detectable payloads.
ee91aa4bcf011dce33164aea66f95934fa966286bcdc399e592508141b7f0adcThis Metasploit module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8 and prior, to bypass authentication. The module then uses a path traversal vulnerability in navigate_upload.php that allows authenticated users to upload PHP files to arbitrary locations. Together these vulnerabilities allow an unauthenticated attacker to execute arbitrary PHP code remotely. This Metasploit module was tested against Navigate CMS 2.8.
22f02998938d92be75a2c237be95f9c8c05395976f93aa44cc1307be7bab509bNetis ADSL Router DL4322D RTK 2.1.1 suffers from a cross site request forgery vulnerability.
2afed676f48b1723ef3a3bc8f517ae5e57680d7512a2ce2adc3e5fdc4dc80742This Metasploit module utilizes the Net-NTLMv2 reflection between DCOM/RPC to achieve a SYSTEM handle for elevation of privilege. Currently the module does not spawn as SYSTEM, however once achieving a shell, one can easily use incognito to impersonate the token.
10aca5238c09e9bf6cc039620feb2267cc144082ac9a5d8868637ad860f00b93The Linux kernel suffers from a ptr leak via BPF due to a broken subtraction check.
d4223122e1ab1a77d32acc8af4e3ea5de0baa00f18f85d466df55a31d545bf23Whitepaper called WordPress Penetration Testing Using WPScan and Metasploit. Written in English.
40d6ad648ac7360b313cbb38733b52a8bf9a680e252b22d792e7b8db54f89a9dChamilo LMS version 1.11.8 suffers from a cross site scripting vulnerability.
145fae68ce6b0f21f4470e872a1562c21b4c0a371856b527f88314d9a984fd26Chrome OS suffers from a /sbin/crash_reporter symlink traversal vulnerability.
41e32bd294ce06037cae654ccff52add6f9d2e7cd27c6acfc1cf1da49939a2e6Easy File Sharing Web Server version 7.2 suffers from a domain name buffer overflow vulnerability.
990167b6d68856ee0ab3783f765cfe65eb415de259a4a2920ad90c83a33921b8This is a whitepaper that provides an overview on WordPress Security. Written in Persian.
d22218ad1594c053cb1ee1157adae795a1d60e443169f78cd2050fa557349319
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed