glibc __gconv_translit_find() single-fixed-byte heap metadata overflow local root exploit for Fedora 20 32-bit. This issue is not specific to Fedora, but the proof of concept is specifically for Fedora 20 32-bit.
330176e29f7a995ed48f5d0fc2ba71392f2e4a5144f7fae13882ef998e79a6d1Grand MA 300/ID with firmware 6.60 has a weakness that allows the retrieval of the access pin from sniffed data, as well as a weakness that allows a fast brute-force attack on the pin.
c73e32f4a61efb4da53a29921041f8c4a0851a33cb60cbbd40518269570c7eb7Joomla Spider video player version 2.8.3 suffers from a remote SQL injection vulnerability.
6ed2b156ade9720a425662be9c1826fcea87daa3ea39ee657f3b9d9512527ac2vm-support version 0.88 suffers from file overwrite and sensitive information disclosure vulnerabilities.
88cde664c272d996d08d14171c3255608195c5e43983024662c4b1a6061485aeRed Hat Security Advisory 2014-1098-01 - HttpClient is an HTTP/1.1 compliant HTTP agent implementation based on httpcomponents HttpCore. It was discovered that the HttpClient incorrectly extracted host name from an X.509 certificate subject's Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. This issue was discovered by Florian Weimer of Red Hat Product Security.
7df65a02bbc1bc5f61cae3e68e09fedb553701534ae4f7610be73e42d295d8b9RSA IMG systems configured with NovellIM as the authentication source may be subject to a potential authentication bypass vulnerability due to the fact that no password is required to authenticate legitimate users. A malicious user with knowledge of a valid user name can leverage this vulnerability to perform operations with the privileges of the authenticated user and potentially cause audit-attribution problems.
7ed9817568420c9f158ee2e729151f691c893508ded59e56407c1ee1eb06110dWordPress WPtouch Mobile plugin version 3.4.5 suffers from a remote shell upload vulnerability.
7edb381dc99e6e071b376894e47673e6a5d4a2b0f2bbc8d49710cecd99b9eb26WordPress ShortCode plugin version 0.2.3 suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.
ef4485a00a05196cc2ba090494ef148cd178da683b19a50a019daa50233fd67dHP Security Bulletin HPSBMU03076 2 - Potential security vulnerabilities have been identified with HP Systems Insight Manager running on Linux and Windows which could be exploited remotely resulting in multiple vulnerabilities. Revision 2 of this advisory.
74c6011fdf049e842deed96044d5db0c591aa6e4838740959a4510208f32ffefThis is a whitepaper that touches on various cryptography and discusses hash functions at a slightly greater length.
5aa0be1d76aebe75b38c23e223c667b62f5b40c08d40af7df228f6c99c7dfcbfNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
5a5fc2543566309d14e45b5c83c93dd5d1068a2c013de120036fabfc139f5561
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed