This Metasploit module exploits a vulnerability found in GroundWork 6.7.0. This software is used for network, application and cloud monitoring. The vulnerability exists in the monarch_scan.cgi, where user controlled input is used in the perl qx function, which allows any remote authenticated attacker, whatever his privileges are, to inject system commands and gain arbitrary code execution. The module has been tested successfully on GroundWork 6.7.0-br287-gw1571 as distributed within the Ubuntu 10.04 based VM appliance.
4f033af844cdd623331a0bd422e02eb8ac32fdbef2908dd0e003506fe068e0b1Cisco Security Advisory - Cisco Nexus, Cisco Unified Computing System (UCS), Cisco MDS 9000 Series Multilayer Switches, and Cisco 1000 Series Connected Grid Routers (CGR) are all based on the Cisco NX-OS operating system. These products are affected by vulnerabilities such as buffer overflow and denial of service issues.
3b9bd9fefdaef3b94a763654446f7a87d023a8d89eea09bb2e691ec9aeeebd28Cisco Security Advisory - Managed and standalone Cisco Unified Computing System (UCS) deployments contain various vulnerabilities such as authentication bypass, buffer overflow, and denial of service issues.
53255273186363e00cf1aaffbcf4e4d430c1447c889e787df8d3a608768efdf0A SAP NetWeaver vulnerability allows injection of ABAP code. In SAP security, this is the equivalent of getting an ultra-reliable ring 0 exploit which works through the network and never crashes. By exploiting this vulnerability an attacker can e.g. inject code which saves the passwords of all connecting SAP GUI users in a remote file, steal or change sensitive data such as HR salary information, execute bank transactions and transfer money, or simply plant an SAP backdoor for accessing the system later. The attacker can also manipulate or corrupt ABAP programs shipped by SAP and make the system inoperable.
bef5435dd9e71bc842aef59db42966ef03ac40124905e2ccd226ca1a86276d90Red Hat Security Advisory 2013-0771-01 - cURL provides the libcurl library and a command line tool for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. A flaw was found in the way libcurl matched domains associated with cookies. This could lead to cURL or an application linked against libcurl sending the wrong cookie if only part of the domain name matched the domain associated with the cookie, disclosing the cookie to unrelated hosts.
73f2f91020506640014d072e24e8ccf64fc4ce8d2c457f7c3cdaef0e81920dbcRed Hat Security Advisory 2013-0770-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
06677a3528c530864f134b8fafc2e1294751341077971c4ef9f0fa7bea9269f4Cisco Security Advisory - Cisco Device Manager contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands on a client host with the privileges of the user. This vulnerability affects Cisco Device Manager for the Cisco MDS 9000 Family and Cisco Nexus 5000 Series Switches when it is installed or launched via the Java Network Launch Protocol (JNLP) on a host running Microsoft Windows. Cisco Device Manager installed or launched from Cisco Prime Data Center Network Manager (DCNM) or Cisco Fabric Manager is not affected. This vulnerability can only be exploited if the JNLP file is executed on systems running Microsoft Windows. The vulnerability affects the confidentiality, integrity, and availability of the client host performing the installation or execution of Cisco Device Manager via JNLP file. There is no impact on the Cisco MDS 9000 Family or Cisco Nexus 5000 Series Switches. Cisco has released free software updates that address this vulnerability in the Cisco Device Manager for Cisco MDS 9000 Family Switches. Cisco Nexus 5000 Series Switches have discontinued the support of the Cisco Device Manager installation via JNLP and updates are not available. Workarounds that mitigate this vulnerability are available.
578c40e757b0c353adc0922465a0e8993c86db06c683fad64b40139a6b84b6b4Red Hat Security Advisory 2013-0769-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the Name Server Caching Daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. A flaw was found in the regular expression matching routines that process multibyte character input. If an application utilized the glibc regular expression matching mechanism, an attacker could provide specially-crafted input that, when processed, would cause the application to crash.
64eb4276f4d6cab98919cfe1cf17b4bde978777315cfe94bc872ef3f95bb94dfCisco Linksys WRT310N version 2.0.00 suffers from a remote denial of service vulnerability.
96c706f91c3a5f744fbbc0b57a7b74560a10053170e63931f5e7a21c6402b759HP Security Bulletin HPSBHF02865 SSRT101158 - A potential vulnerability has been identified with certain HP ElitePad tablet PCs. The secure boot feature of the BIOS may not be enabled, allowing alternate operating systems to be booted in contradiction with the BIOS configuration. Secure Boot is a feature that, when enabled, prevents the system firmware from booting to unauthorized boot loaders, option ROMs and operating systems that can run in the pre-boot environment. Revision 1 of this advisory.
0a01d2d62c314de04c12d85282d5813e7def6f779255084b616f5f646041e24bHornbill Supportworks ITSM version 1.0.0 suffers from a remote SQL injection vulnerability.
2eeb3aa7245d5145d3ec988798da4951d75aef73c27a476bcea507ba736fbb89
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed