ISL Light - Desktop version 3.5.4 suffers from an information disclosure vulnerability. In cases where a person is hosting a sharing session and allows a remote user to see what is happening on the local PC, it has been discovered that if you locally copy something like a hidden password to the local clipboard, then the remote user will be able to directly paste it in clear text into a notepad or other form of document, effectively gaining access to the password. It is not possible to lock this functionality.
9d0c82286b45ad8906e8301b87342b3bf556f6afcccf8574e717abd46e0af646There is a format string vulnerability in Tftpd32 software. When the Tftpd server returns a string containing a specific format, the Tftpd32 client processes this string and displays it in an error message, triggering the vulnerability. This may be leveraged to perform remote command execution and denial of service attacks.
129ac1ce08dc48d6f6e5cda682240d0878e3ec98aa003011b5bd7848a62ed8a7The bn (multiprecision integer arithmetics) part of the OpenSSL library is prone to null ptr deref, off-by-one and other issues resulting in denial of service / crashes.
447ace07773c4b0ba176b6f5aae7cebe6cf056be4a8d53a22e4ef63bfdb53ae1D-Link DIR-XXX remote root access exploit.
594de7b61d549b81665048d3e28a9b723dccdd70e2cc5dc2d814621bd21dbd47TP-Link 150M Wireless Lite N router suffers from a denial of service vulnerability due to a handling issue with the Accept-Encoding header.
92fc8864aaf511c32ff5099d8b2774df485645e9b664edc9d43f5ac56007db65Firefox FBTest extension suffers from a remote command execution vulnerability.
1c3ce5379be7d4d5b47e624d71819b09a76e4463743b000eac286bbe3b6b8d30DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
71bd44d23d0cdbf638e1e585b20e569127959c03801cb318d33ce0713c4bf9adNotepad++ plugin Notepad# version 1.5 suffers from a stack buffer overflow vulnerability.
c19e052f9e15c33d328b5132adb0c3ab7f1df64331f43a92a16d5cedf1c14db6This Metasploit module exploits a vulnerability found in the the Wordpress theme OptimizePress. The vulnerability is due to an insecure file upload on the media-upload.php component, allowing an attacker to upload arbitrary PHP code. This Metasploit module has been tested successfully on OptimizePress 1.45.
d4d53ddb27b4ac9c88bb0c384c50166d149035d70c7d9ddd2d46c5aea886c1cbThis Metasploit module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in processImageSave.jsp, which can be abused through a directory traversal and a null byte injection to upload arbitrary files. The autodeploy JBoss application server feature is used to achieve remote code execution. This Metasploit module has been tested successfully on Cisco Prime Data Center Network Manager 6.1(2) on Windows 2008 R2 (64 bits).
a8b1e9381f38a27ba3bb8e6624bca069e80ca49aa765a1ba3132167371bfd9bdThis archive contains all of the 129 exploits added to Packet Storm in November, 2013.
cec1606be4b9041989a72da2a2b153b6775eb0d0a409ef48da044631596568a6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed