This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.007 and Load Balancer Firmware <= v5.4.0.004 by exploiting a two vulnerabilities in the web administration interface. The first bug leverages a Arbitrary File Upload vulnerability to create a malicious file containing shell commands before using a second bug meant to clean up left-over core files on the device to execute them. By sending a specially crafted requests it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.
c5cbb5353489330f723faa90c0811bb577e0e6462b9b934b977a12a22fc05e6eDebian Linux Security Advisory 3629-1 - Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs.
928596a20913fd01d3f58cfb75578feb56c3ebee5c0640ed9f639ec7fd418fa2This advisory discloses a critical severity security vulnerability which was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) and from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x) are affected by this vulnerability.
dbfb17c0ede40ea6f49b801493783efdda5b7f9fcc1178a440c9e193c5f682f4Red Hat Security Advisory 2016-1487-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
5e149d7d0af0e12329b4e2d54c27f621fef270d560e4bea0d0871820b9af36c1Red Hat Security Advisory 2016-1486-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
e4d411131b152ada7bd72521ea7818502f22e7501a4ad8fa7818025ec57a02bdRed Hat Security Advisory 2016-1485-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.82. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
79a0151a046d4d5d83278b6451a43ce51c7e4a3ae2044801f1685824657092b8Red Hat Security Advisory 2016-1484-01 - Red Hat Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and the remote management of multiple Linux deployments with a single, centralized tool. Security Fix: A stored cross-site scripting flaw was found in the way spacewalk-java displayed monitoring probes. An attacker can embed HTML and Javascript in the values for RHNMD User or Filesystem parameters in Satellite, allowing them to inject malicious content into the web page that is then displayed with that probe data.
fca385e1adee4c3355af668685e712abb94dffc828ffdb015bcc0eb5969e0c41Red Hat Security Advisory 2016-1494-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server.
ae73f277b2b57b9d044f50b51c1a5f666f6be797d89161738790ac2e2a367b22Dropbox version 6.4.14 has an installer that suffers from a dll hijacking vulnerability.
bfc55686208a6af0facb4041226b4d6d0ad4997fe3955ce1a49bfd0385b724bbMobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.
8ea6f97365251b45ba9c6309e8b51366f74ef9536f1dad257d2ef65b930d88faHP Security Bulletin HPSBGN03630 1 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed in the AdminUI of HP Operations Manager for Unix, Solaris and Linux. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.
745cf5e5dfc7c05cec2a0a06dcce95a6bd55552bd1be8b60cef63528b32d5890Secunia Research have discovered a vulnerability in Reprise License Manager (RLM), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when handling the "akey" POST parameter related to /goform/activate_doit, which can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. Successful exploitation of the vulnerability may allow execution of arbitrary code. Affected include Reprise License Manager versions 12.0BL2, 12.1BL2, and 12.1BL3.
7a44242e9092cfe02efcb8529b1f73b1e9b385b7c89ec38c3ff1c23127ffddbbSecunia Research have discovered a vulnerability in Reprise License Manager (RLM), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when handling the "actserver" POST parameter related to /goform/activate_doit, which can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. Successful exploitation of the vulnerability may allow execution of arbitrary code. Affected includes Reprise License Manager version 12.0BL2.
b433828c96e1b1a9650594e28bf347b845408926a31f2dc471d4d2c8904dabf6PHP gettext.php versions 1.0.12 and below suffer from an unauthenticated code execution vulnerability.
43700cf546cef6f888e70c5f15da849a59dd385eb6bf40696caaa8ca6d9a4a78This Metasploit module exploits a Remote Command Execution vulnerability in Drupal CODER Module. Unauthenticated users can execute arbitrary command under the context of the web server user. CODER module doesn't sufficiently validate user inputs in a script file that has the php extension. A malicious unauthenticated user can make requests directly to this file to execute arbitrary command. The module does not need to be enabled for this to be exploited This Metasploit module was tested against CODER 2.5 with Drupal 7.5 installation on Ubuntu server.
c2f68a1f88f2debe64ed7c3bfc2c1d55da4a489cfb8fa21f908ddcc48debacb0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed