This Metasploit module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise version 10.4.18, caused by improper bounds checking of the request sent to the built-in server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
c4a63ea927eadbd15aa533b676da7de90e2feda0be34e3eccaea539cebab75b2This Metasploit module exploits a stack-based buffer overflow vulnerability in the CloudMe Sync version 1.10.9 client application. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
e772df2bb9bc2559a8e1ce1faef1106d0f6d2691866412f3c6f64ad143790589The HTTP server in AsusWRT has a flaw where it allows an unauthenticated client to perform a POST in certain cases. This can be combined with another vulnerability in the VPN configuration upload routine that sets NVRAM configuration variables directly from the POST request to enable a special command mode. This command mode can then be abused by sending a UDP packet to infosvr, which is running on port UDP 9999 to directly execute commands as root. This exploit leverages that to start telnetd in a random port, and then connects to it. It has been tested with the RT-AC68U running AsusWRT Version 3.0.0.4.380.7743.
6da7c92100a89101fa69018aa3816aa9505957ebeb1384b2e303db3bf235ef0cGnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
3fa189a32d4fb62147874eb1389047c267d9ba088f57ab521cb0df46f08aef57The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
6223d8f9dd9274732fdb0ce5d6524039a1911623ecfd29abec243383e30d5926Asterisk Project Security Advisory - When reading a websocket, the length was not being checked. If a payload of length 0 was read, it would result in a busy loop that waited for the underlying connection to close.
5fc36cc2204c4418ee1467bbb96d683c0c2675703deb973b6bc63daea6083afdOn February 22, fixes for CVE-2017-5715 were released into the Ubuntu Xenial kernel version 4.4.0-116.140. This CVE, also known as "Spectre," is caused by flaws in the design of speculative execution hardware in the computer's CPU, and could be used to access sensitive information in kernel memory.
72d363acb6dc156e006e909ac1b2d43d8475b46890268147bf31b5fba6a2cc9eGroupon Clone Script version 3.0.2 suffers from a persistent cross site scripting vulnerability.
0e0291279108a230482831e4b2e6678298d51081fca33ab2532ea047e9a6394bAlibaba Clone Script version 1.0.2 suffers from a persistent cross site scripting vulnerability.
b684b52121c8d927111c94546a4ec8dba8a0a9663d6ddff591752d5ee977224cLearning and Examination Management System Script version 2.3.1 suffers from a persistent cross site scripting vulnerability.
3e86e109c9aa4784cd93c3df718cff09633565a675113773767a8f55abbd367cJoomla! OS Property Real Estate component version 3.12.7 suffers from a remote SQL injection vulnerability.
f59c7e43ecda7ba9e158b234321de00a506b5062d2a908c1cec78db5ff8ac9b7Joomla! Proclaim component version 9.1.1 suffers from a remote shell upload vulnerability.
d3b42aaa935a602216f97367a67d5d5b6e3b1969c555ea94c199e20b378e888dJoomla! CheckList component version 1.1.1 suffers from a remote SQL injection vulnerability.
eaf5e0233f4ffa866d363218ecb74330e94ba0f9e76ac4f11c1aea57cdbea862Joomla! Alexandria Book Library component version 3.1.2 suffers from a remote SQL injection vulnerability.
0c4a5560666446e8e35e424c4526fc6910a2fde6cdfc5a13bff3ecf0c08b9a7eJoomla! Ek Rishta component version 2.9 suffers from a remote SQL injection vulnerability.
b6997acc9145dcfa4761c77d8c9e451de71ec7326b4c4e1161b759da35d7f6d7Joomla! PrayerCenter component version 3.0.2 suffers from a remote SQL injection vulnerability.
476e66115641917c493d8bb111d9fa9fa7e61b3fad74a7392c2809c85f209af9Joomla! Proclaim component version 9.1.1 suffers from a backup disclosure vulnerability.
8d8fa03d56de3952240f153b75360b96780bb2cfd04cb0f4ff396259c7507ff9Joomla! CW Tags component version 2.0.6 suffers from a remote SQL injection vulnerability.
ace504ca4e70303c687d36116a9cb7bd94365938298748fc06abf227a4fb2293NoMachine versions prior to 6.0.80 (x64) suffer from an nxfuse privilege escalation vulnerability.
3f84d30a64a0b65edd648d59774c17780e9ca1c4062f2b18efa2c18e9c851e22Armadito Antivirus version 0.12.7.2 suffers from a detection bypass vulnerability.
9e8a4402af43db4c792e85a002c8ab2b85674ffd06feb1b9c84f33cbe2a44ddbDisk Pulse Enterprise version 10.4.18 suffers from an import command buffer overflow vulnerability.
e307de6489283b8b1af2c0fffeb4c6bc4cd2451976ad9a55965eb047eda2f56cDisk Savvy Enterprise version 10.4.18 suffers from a buffer overflow vulnerability.
dd90908461a70ffb033221b05079a153d313a0f457e111ed680c67fc2c96cec1Wavpack version 5.1.0 suffers from a denial of service vulnerability.
3b6f7db32cf7bfe1affc114a011eb1154963dbd10687688830a645a53a63b94eAsterisk Project Security Advisory - A crash occurs when a number of authenticated INVITE messages are sent over TCP or TLS and then the connection is suddenly closed. This issue leads to a segmentation fault.
a4a7459638ce3f3a2f66643377d5f17ef2db0d79f31570e23b023b87b15030c9Asterisk Project Security Advisory - When processing a SUBSCRIBE request the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed despite having a fixed limit of 32. If more than 32 Accept headers were present the code would write outside of its memory and cause a crash.
2ca83ced6bedaa74703ffe260735d9b6a5f8e6d560c01ef31601708735e0b831
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed