This Metasploit module exploits a vulnerability found in QuickShare File Share's FTP service. By supplying "../" in the file path, it is possible to trigger a directory traversal flaw, allowing the attacker to read a file outside the virtual directory. By default, the "Writable" option is enabled during account creation, therefore this makes it possible to create a file at an arbitrary location, which leads to remote code execution.
f232667933a9b74318156ffe27e5e96cb2ePMS version 1.0 suffers from multiple remote SQL injection vulnerabilities.
42298de74f5e382122bf6d9b2440ee81WhyWeb suffers from a remote SQL injection vulnerability.
6d3ab7b3f1457ff72887080dd37aad19Santilga CMS version 1.2.6.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.
faf336b3a1b026bfc8e870b2405b19a6AzDGDatingMedium version 1.9.3 suffers from cross site request forgery, cross site scripting, php code execution, remote SQL injection, and directory traversal vulnerabilities.
6962b986c26730e365d1c16552cababaPHP List version 2.10.9 suffers from a remote PHP code injection vulnerability.
0242d7481f2a7870b00218bc4efd3a7dSmall CMS suffers from a remote PHP code injection vulnerability.
cc559ce5b66ce07d448792573d28d86dSymantec Web Gateway version 5.0.2 remote local file inclusion root exploit.
e1cd70ed9ddc7db0a7bc45a9ac537159LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.
2427d2cf98e92db38be0f21c58da1065Ubuntu Security Notice 1451-1 - Ivan Nestlerode discovered that the Cryptographic Message Syntax (CMS) and PKCS #7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack (MMA). It was discovered that an integer underflow was possible when using TLS 1.1, TLS 1.2, or DTLS with CBC encryption. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.
b8cc47d8f5416ce1152fba137dfd8f1aJaow versions 2.4.5 and below suffer from a remote blind SQL injection vulnerability.
6e6b513afde6050a95045e553840c8c1Ubuntu Security Notice 1450-1 - It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service.
fc7e4c8b3d02e35280c65897ee9c5736Supernews versions 2.6.1 and below remote SQL injection exploit.
c272b60fc77718f72831f608bdf8877dUbuntu Security Notice 1449-1 - It was discovered that feedparser did not properly sanitize ENTITY declarations in encoded fields. A remote attacker could exploit this to cause a denial of service via memory exhaustion.
62fa5a946ff08f1578a2719272157f6cPHP CGI argument injection remote exploit version 0.3. Works on versions up to 5.3.12 and 5.4.2.
7a182a7ad0b0512c4db7048ff2aba1dbNmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.
d51565cbed63a648275890cfa8415dc6Red Hat Security Advisory 2012-0683-01 - The dynamic LDAP back end is a plug-in for BIND that provides back-end capabilities to LDAP databases. It features support for dynamic updates and internal caching that help to reduce the load on LDAP servers. A flaw was found in the way bind-dyndb-ldap handled LDAP query errors. If a remote attacker were able to send DNS queries to a named server that is configured to use bind-dyndb-ldap, they could trigger such an error with a DNS query leveraging bind-dyndb-ldap's insufficient escaping of the LDAP base DN. This would result in an invalid LDAP query that named would retry in a loop, preventing it from responding to other DNS queries. With this update, bind-dyndb-ldap only attempts to retry one time when an LDAP search returns an unexpected error.
0119f80ca91861389e4fb7a59f56c437Red Hat Security Advisory 2012-0681-01 - Apache Tomcat is a servlet container. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs. It also resolves multiple flaws that weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks.
29b2cdf894331bd174765b26881055a4Red Hat Security Advisory 2012-0682-01 - Apache Tomcat is a servlet container. JBoss Enterprise Web Server includes the Tomcat Native library, providing Apache Portable Runtime support for Tomcat. This update fixes the JBPAPP-4873, JBPAPP-6133, and JBPAPP-6852 bugs. It also addresses multiple flaws that weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks.
c92823d601c7394a37351bbc1fdf71a9The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
38b0f49d62243d301a132685d7f70ab3Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).
cfdfd1bd2a625000e3184f76e8d9cdb0CHICCO SnoopyClub suffers from cross site scripting and remote SQL injection vulnerabilities.
11215544f6e99dfa8f0057a3fb597e29Double Take Design CMS suffers from a remote SQL injection vulnerability.
cbd708ce42086f04d5ffc147070c429dNogod suffers from multiple remote SQL injection vulnerabilities.
19cb9a25f7f8d8dbcae2860d3cb875a1Attractweb CMS suffers from a remote SQL injection vulnerability.
32b237f4e7ee1c7102d50bef4d0e13e5
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed