This Metasploit module exploits an stack based buffer overflow on Yokogawa CS3000. The vulnerability exists in the service BKFSim_vhfd.exe when using malicious user-controlled data to create logs using functions like vsprintf and memcpy in a insecure way. This Metasploit module has been tested successfully on Yokogawa Centum CS3000 R3.08.50 over Windows XP SP3.
db93fbf33e9788d81fe33dcce19468109935bbe2f51ee46720d0e3980569bb49EMC Documentum Content Server contains fixes for privilege escalation vulnerabilities that could be potentially exploited by malicious users to compromise the affected system.
f325a3ed2f21489039f40780cda08a8b95fc127428b6d92df13bc26359e58257EMC DFS may be vulnerable to XXE vulnerability due to the way the JAXB XML parser handles the incoming XML from an authenticated user. This can be potentially leveraged by a malicious authenticated user to inject malicious data in the XML and retrieve information from sensitive files on the system. This may also be potentially leveraged to affect the integrity and availability of the system.
d1e1a73d1d637c161e05f25a631264752ec6586523f72bf2a11e1e625939b20dPhoto Org WonderApplications version 8.3 suffers from a local file inclusion vulnerability.
3f47df8c41dd897769a58d64e4c0cf55a5ef8585a8d2114d2582e8dbebb518feTechboard/Syac DigiEye 3G devices suffer from a backdoor access vulnerability.
33cc889ede70ca75a8c0e1208e6650725ce6572d34b522656e3ccc4be7b34240Apache Syncope versions prior to 1.1.8 suffer from insecure random implementations being used to generate passwords.
07427e4874a38a578223cafca4a59cd9cace199c27465512d0d278cda4d1ad58Joomla JChatSocial version 2.2 suffers from a stored cross site scripting vulnerability.
b60c78e7fa6f4fbc79fb6c9ac9c1acb463e37fb609f80349f6b8bd49780480e5Lime Survey version 2.05+ Build 140618 suffers from cross site scripting and remote SQL injection vulnerabilities.
28da032c6555df3973c4da790e8ab241d1408608242238f8c81cc27c1b57bd84Debian Linux Security Advisory 2972-1 - Andy Lutomirski discovered that the ptrace syscall was not verifying the RIP register to be valid in the ptrace API on x86_64 processors. An unprivileged user could use this flaw to crash the kernel (resulting in denial of service) or for privilege escalation.
abd13212bb911b20678d315d29c2d8d434dfae706531fe23b757f8e6a1abb52dRed Hat Security Advisory 2014-0843-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that JBoss Web did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web by streaming an unlimited quantity of data, leading to excessive consumption of server resources. It was found that JBoss Web did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a JBoss Web server located behind a reverse proxy that processed the content length header correctly.
a6cc1be3f1885282158acec79e328dcd8c345e4b282490b64c738d66a990afb1Red Hat Security Advisory 2014-0842-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that JBoss Web did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against JBoss Web by streaming an unlimited quantity of data, leading to excessive consumption of server resources. It was found that JBoss Web did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a JBoss Web server located behind a reverse proxy that processed the content length header correctly.
3730ead4d99e94df65ba5aed1ed73050fa6e4d03e8b6d2f9203fd8f685755368The Yahoo! Flickr API suffered from a cross site scripting vulnerability.
0a82633363f77300f20ae19f62cd3f4f98f06a8fc9e22d76720d61fa71d3f3f1Netgear WNR1000v3 suffers from a password recovery credential disclosure vulnerability.
fd3330fd142b3b449f6632005ba44c89faaee27e562f16b553e16bed506c7e7bPayPal suffered from validation and filter bypass vulnerabilities.
c814e51c561c1d4de0929e44ba0a70a8cfa1ec3ec92bb85e324688d9e58c4177Apple iTunes version 11.2.2 for Windows comes with outdated and vulnerable libraries.
06dd04f00b24ec800040eaaa5b70fc019fae6203350c787c6d149bfb0721507bAtom CMS suffers from remote shell upload and remote SQL injection vulnerabilities.
3367d61b49a725f65775627f3fdafe186679e76b1405180e66b728a04893df9axClassified Classified Script version 1.2 suffers from a remote SQL injection vulnerability.
0c10d89079cc85377c0afcce77166e3cefd368bcbaea45b7d25331a06fb11cb3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed