Showing 1 - 9 of 9

Files Date: 2015-09-19

Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow: Posted Sep 19, 2015; Authored by Shankar Damodaran | Site metasploit.com; This Metasploit module exploits an SEH overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check input size when parsing 'CWD' commands, which leads to an SEH overflow. Konica FTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability.; tags | exploit, overflow; SHA-256 | 9b4e188dfd973cb391489182e25092159a1a540a9de8fa14b7fbb50169dd49ff; Download | Favorite | View

VBox Satellite Express Arbitrary Write Privilege Escalation: Posted Sep 19, 2015; Authored by Matthew Bergin; A vulnerability within the ndvbs module allows an attacker to inject memory they control into an arbitrary location they define. This vulnerability can be used to overwrite function pointers in HalDispatchTable resulting in an elevation of privilege. suffers from code execution, and local file inclusion vulnerabilities.; tags | exploit, arbitrary, local, vulnerability, code execution, file inclusion; advisories | CVE-2015-6923; SHA-256 | f56522b7ad8171646ac1c3eea8d0052f0c4e3db5b5c86c6dd3e9b9fae91e3b70; Download | Favorite | View

Apple Security Advisory 2015-09-16-4: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-4 - OS X Server 5.0.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution; systems | apple, osx; advisories | CVE-2013-5704, CVE-2014-0067, CVE-2014-3581, CVE-2014-3583, CVE-2014-8109, CVE-2014-8161, CVE-2014-8500, CVE-2015-0228, CVE-2015-0241, CVE-2015-0242, CVE-2015-0243, CVE-2015-0244, CVE-2015-0253, CVE-2015-1349, CVE-2015-3165, CVE-2015-3166, CVE-2015-3167, CVE-2015-3183, CVE-2015-3185, CVE-2015-5911; SHA-256 | 8254c8d55f2667e65687c75dc0e4ebbbd127b907729adba11b4a141d12fc30b2; Download | Favorite | View

Apple Security Advisory 2015-09-16-3: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-3 - iTunes 12.3 is now available and addresses code execution, application termination, memory corruption, and various other vulnerabilities.; tags | advisory, vulnerability, code execution; systems | apple; advisories | CVE-2010-3190, CVE-2014-8146, CVE-2015-1152, CVE-2015-1153, CVE-2015-1157, CVE-2015-1205, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-3730, CVE-2015-3731, CVE-2015-3733, CVE-2015-3734, CVE-2015-3735, CVE-2015-3736, CVE-2015-3737, CVE-2015-3738, CVE-2015-3739, CVE-2015-3740, CVE-2015-3741, CVE-2015-3742, CVE-2015-3743, CVE-2015-3744, CVE-2015-3745, CVE-2015-3746, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749; SHA-256 | 6f990daa4923e677ff4f144e3210e8d15244910af965e15253c5d0b75d5b2f47; Download | Favorite | View

Apple Security Advisory 2015-09-16-2: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-2 - Xcode 7.0 is now available and addresses traffic inspection, access bypass, and various other vulnerabilities.; tags | advisory, vulnerability; systems | apple; advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-6394, CVE-2015-0248, CVE-2015-0251, CVE-2015-3185, CVE-2015-5909, CVE-2015-5910; SHA-256 | 7a3af52221713d401a1c4f2c0809a381ca1e1c7cc53f03c7a03efe9fde6277f6; Download | Favorite | View

Apple Security Advisory 2015-09-16-1: Posted Sep 19, 2015; Authored by Apple | Site apple.com; Apple Security Advisory 2015-09-16-1 - iOS 9 is now available and addresses denial of service, information disclosure, and various other issues.; tags | advisory, denial of service, info disclosure; systems | cisco, apple, ios; advisories | CVE-2013-3951, CVE-2014-8146, CVE-2014-8611, CVE-2015-0286, CVE-2015-0287, CVE-2015-1129, CVE-2015-1205, CVE-2015-3801, CVE-2015-5522, CVE-2015-5523, CVE-2015-5748, CVE-2015-5764, CVE-2015-5765, CVE-2015-5767, CVE-2015-5788, CVE-2015-5789, CVE-2015-5790, CVE-2015-5791, CVE-2015-5792, CVE-2015-5793, CVE-2015-5794, CVE-2015-5795, CVE-2015-5796, CVE-2015-5797, CVE-2015-5799, CVE-2015-5800, CVE-2015-5801, CVE-2015-5802; SHA-256 | 9fd697c7c99863744ab08fa1e360cde32e9825a823a4a708279ed659764693f2; Download | Favorite | View

ElasticSearch Cloud-Azure Insecure Transit: Posted Sep 19, 2015; Authored by Pedro Andujar; The connection string for ELK cloud-azure plugin contains hardcoded http url with the lack of encryption and certificate validation, therefore it is prone to sniffing and MiTM attacks. A potential attacker with the required access to the network traffic would be able to intercept the content of the indexes snapshots.; tags | advisory, web, info disclosure; SHA-256 | b9cb4d374481587d608107ba93bf30d52ff5610e4e98d41e70599fe1f0ceeca7; Download | Favorite | View

HP Security Bulletin HPSBST03418 1: Posted Sep 19, 2015; Authored by HP | Site hp.com; HP Security Bulletin HPSBST03418 1 - A potential security vulnerability has been identified with HP P6000 Command View Software. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.; tags | advisory; advisories | CVE-2014-3566; SHA-256 | 6ae337d939bf448b06c10ea85187149a2b1745cdc37402b354297b874e1fd073; Download | Favorite | View

WordPress Vertical Image Slider 1.0 CSRF / XSS: Posted Sep 19, 2015; Authored by Ehsan Hosseini; WordPress Vertical Image Slider plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | 63f064a0c336409406e1795abef613e59a229b155d2c3f25704ac46915950f95; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days