Gentoo Linux Security Advisory 201309-12 - Multiple vulnerabilities have been discovered in Apache HTTP Server, possibly allowing remote attackers to execute arbitrary code, cause a Denial of Service condition or perform man-in-the-middle attacks. Versions less than 2.2.25 are affected.
a834b8c97a0c98dcf9ffd2350ae88c9499323cf2cc10bcbb258da5bf98c05882Gentoo Linux Security Advisory 201309-11 - Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information. Versions less than 1.7.13 are affected.
bfe40a4d66f395924c269877ddf68f495d3d3de142a58bf24a97c981c9b7c9d4WordPress Bradesco Gateway plugin suffers from a cross site scripting vulnerability. Versions prior to 2.0 are affected.
0dc5dd6056d1e33ed43fe0e9d5a97c9ea97521368f17f778c62040126822602aDifferent Raidsonic NAS devices are vulnerable to OS command injection via the web interface. The vulnerability exists in timeHandler.cgi, which is accessible without authentication. This Metasploit module has been tested with the versions IB-NAS5220 and IB-NAS4220. Since this module is adding a new user and modifying the inetd daemon configuration, this module is set to ManualRanking and could cause target instability.
349e9ccfce89a895bc88301a928728a68a24c672b6744b743b04b03f181ca743Ubuntu Security Notice 1965-1 - It was discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
9a62177c15f37e7c4836b84c5bef097ee6d8aade227639bbf1331a5b2718f5f8Ubuntu Security Notice 1964-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of service.
058283230c12a801b053bf0c867c65eea622018734173ac4d9c93508f3edf518Red Hat Security Advisory 2013-1260-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state.
b6911a2d88f3383a2433d1ba0bb3834896d31dcd24d650b65d2dbfba1df22b28Debian Linux Security Advisory 2762-1 - Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code.
1f2d0e9338e4bcc954cee7d4e39d03c6db8cc45f37ce200d040a7c5838fbfaf0This is a brief whitepaper tutorial discussing stack-based buffer overflow exploitation.
11b14091592ce665a4052fa63c683bede3f54a2039f3e8ac022b17bc903078c5Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
b26e5214de3d3875ccca59d6cfbffb8dfa87ab40288d159dc5713ec7d29109ebThis is a brief whitepaper tutorial that discusses format string exploitation.
1544465d9c53bc46b45f199277e5af8bfc93c0c6d2f40f5ff2478c2db9d3714bThis whitepaper is called Off-By-One Exploitation Tutorial. The off by one vulnerability in general means that if an attacker supplied input with certain length if the program has an incorrect length condition the program will write one byte outside the bounds of the space allocated to hold this input causing one of two scenarios depending on the input.
5f0e7988d1f9efa82633300226d7ad14a89ebbc4f3ad3eb4a3d67306232ea70cWhitepaper called Return-Oriented-Programming (ROP FTW).
0df3dba7ba4fbf596b77ccb6bcaf64bddf65e2fae569ec24d7481f4b6ce3f8b6SolarWinds Server and Application Monitor version 6.0 suffers from an active-x related buffer overflow vulnerability.
841395a87d46f8aba7dd14551684fe16b9e3de8cd2cb1433a295058e36790214AspxCommerce version 2.0 suffers from a remote shell upload vulnerability.
8713bab6a79f7b5d50c2b8edad2fb8f4da89c6c5cd1a55ab350684bd6f34a372
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed