This Metasploit module allows remote attackers to execute arbitrary commands on the affected system by abusing a directory traversal attack when using the 'xf' command (execute function). An attacker can execute system() from msvcrt.dll to upload a backdoor and gain remote code execution.
802baf0283f3035901e556177c67bc14ff8b62fa5e4ccd9e691b0fd5740792beThis Metasploit module exploits a heap overflow in Realplayer when handling a .QCP file. The specific flaw exists within qcpfformat.dll. A static 256 byte buffer is allocated on the heap and user-supplied data from the file is copied within a memory copy loop. This allows a remote attacker to execute arbitrary code running in the context of the web browser via a .QCP file with a specially crafted "fmt" chunk. At this moment this module exploits the flaw on Windows XP IE6, IE7.
cce2bc3fede3c402a04087782f79fa183476cf2dbb4148275dc851a1d3272199This Metasploit module exploits a stack-based buffer overflow vulnerability in version 5.3.11.1230 of scadaTEC's ScadaPhone. In order for the command to be executed, an attacker must convince someone to load a specially crafted project zip file with ScadaPhone. By doing so, an attacker can execute arbitrary code as the victim user.
e57c5d7bb2afa78df530127adc494c09c01ecf0da39129aaa47ac10c126368d3iManager plugin version 1.2.8 suffers from a local file inclusion vulnerability / file disclosure vulnerability when input passed thru the 'lang' parameter to imanager.php, rfiles.php, symbols.php, colorpicker.php, loadmsg.php, ov_rfiles.php and examples.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.
d0cf4e6a0566ee44420d01dd97fde3f21f7a6d484e9d9448f4b1f6a0c32cc43cMandriva Linux Security Advisory 2011-134 - Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service via a long TAG in a legacy syslog message. The updated packages have been patched to correct this issue. rsyslog was upgraded to the 5.8.5 version for Mandriva Linux 2011 that brings additional fixes as well.
5fb0cbf570f769eb1d92e3de9637a534df3c78e54efc976cdc152978df69fe25Mandriva Linux Security Advisory 2011-132 - Multiple vulnerabilities have been identified and fixed in pidgin. It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load() did not properly handle certain return values from its subroutines. A remote attacker could provide a specially-crafted GIF image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially initialized pixbuf structure. Various other issues were also addressed.
eaf6bc4bf66d4b776855519d1cbcc90bbe420368f1e1d0834c2cd1a506f8aebfMandriva Linux Security Advisory 2011-130 - The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086. The updated packages have been patched to correct this issue.
5776fc8fda0accec1d7c57c764d6adb28925ae2490071ad0f2cce19d3ae5367bMandriva Linux Security Advisory 2011-133 - Security issues were identified and fixed in mozilla firefox and thunderbird. As more information has come to light about the attack on the DigiNotar Certificate Authority they have improved the protections added in MFSA 2011-34. The main change is to add explicit distrust to the DigiNotar root certificate and several intermediates. Removing the root as in their previous fix meant the certificates could be considered valid if cross-signed by another Certificate Authority.
0a097dea055a967cb8cdad2508c9fce8870afe1021950ef53b44992e01b8ecf3Secunia Security Advisory - A vulnerability has been reported in Tahoe-LAFS, which can be exploited by malicious people to manipulate certain data.
f99bd2df961be0102ac6b16852207a916ef8ec2690a1b3c4b856af970bf41c9fSecunia Security Advisory - Two vulnerabilities have been reported in multiple Cisco products, which can be exploited by malicious people to compromise a vulnerable system.
24b651ba960819aafc8f50330cad0073a4c46819c0eb3c5aa8633d2c199d12a3ClearMindGraphics suffers from a remote SQL injection vulnerability.
6834bd5a68215d01306f1da78ec02b1fe16e3f9e7dd81863302ff2793be0455d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed