A user who creates a GCE VM with compute-rw privileges, who subsequently has that single VM compromised, can lead to a global compromise of all VMs inside of the account.
84a88f6be8ba62330e5f81858beb2371ac0e62574b8d7738caa92531e3dc04d3Bizagi BPM Suite suffers from cross site scripting and remote SQL injection vulnerabilities.
9270460f862008a3780c062263f3dff0248380f315bd941c20b565f54865f30fpam_fprintd local root proof of concept exploit that spawns a shell. pam_fprintd uses net.reactivated.Fprint service to trigger finger swiping and registers DBUS signal inside the PAM authentication function. Then, when the DBUS signal arrives, the signal argument is basically just checked to be the "verify-match" string; which however is expected to come from the legit net.reactivated.Fprint service. Since there is no message filter registered in either pam_fprintd, nor inside dbus-glib which it is using, such signals can be spoofed by anyone.
d7d878eac758bfcc9a041d7672f578aa68bacf6ae2cbd54d692e6da69a937360oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.
4a788d415f02d4f97987a35d44a8e09847f4aa6ae5247073a94952296d4b0c0bGoogle Compute Engine VMs suffer from multiple traffic-based denial of service vulnerabilities.
cb8f22bfe3b9c5b736c5f81b60d5e60ba1234e62609282b96cfcf08ecdf34c15Videos Tube version 1.0 suffers from remote SQL injection vulnerabilities.
2a0c8fbefd4cb32a3a95c179b8a11890513347579e7c81722ade6e82bc23447foclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.
14bbd77993b997efc459f12684ecec2b9fab8cc5eddaf6c4a8b04a87fc72def0Pixie CMS version 1.04 suffers from multiple POST cross site scripting vulnerabilities.
44f2f2eb8165bcff34e009a24bd9116339537e4a7a92bbd61f1e3495c632eb87This Metasploit module exploits a remote command execution vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.2.0. The bug is found in the REST API, which requires no authentication or authorization, where the search function allows dynamic scripts execution, and can be used for remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully on ElasticSearch 1.1.1 on Ubuntu Server 12.04 and Windows XP SP3.
c25b90194192ece4e2507d09180295dea5fba7ac37136f5c31b76e2291ebeeb2RedTeam Pentesting discovered an SQL injection vulnerability in the file browser component of webEdition CMS during a penetration test. Unauthenticated attackers can get read-only access on the SQL database used by webEdition and read for example password hashes used by administrative accounts. webEdition versions 6.3.8.0 svn6985 down to 6.3.3.0 is affected.
81fbc39f2a3459ae92ce585e8a2427adfa9b14d16218f83cd98c65bec9a49df0RedTeam Pentesting discovered a remote command execution vulnerability in the installer script of the webEdition CMS during a penetration test. If the installer script is not manually removed after installation, attackers cannot only reinstall webEdition, but also gain remote command execution. webEdition CMS version 2.8.0.0 is affected.
b332b23b88f8524f6cc6ee224e2fcf3d34291eb580aa3efc4d12528bed131019A vulnerability in Windows DHCP was found on Windows OS versions ranging from Windows 2000 through to Windows server 2003. This vulnerability allows an attacker to remotely overwrite DNS, Gateway, IP Addresses, routing, WINS server, WPAD, and server configuration with no user interaction. Successful exploitation of this issue will result in a remote network configuration overwrite. Microsoft acknowledged the issue but has indicated no plans to publish a patch to resolve it.
68feec1acf88fdf52a32016c6e49e528f8ca6ec2c6263a77340e61f67e88e005Sharetronix version 3.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.
d46d88dbb711265ddacc4c672a39fb54647c6147fbdecdb9a29530d5d18a6cadNICE Recording eXpress versions 6.0.x, 6.1.x, 6.2.x, 6.3.x, and 6.5.x suffer from cross site scripting, root backdoor, unauthenticated access, fail authorization, insecure cookie handling, and remote SQL injection vulnerabilities.
bdb30edda34d4ff17e66fa273b232b2211afee38439c1a357eb28084a440f5d2Fiyo CMS version 1.5.7 suffers from a cross site scripting vulnerability.
08fed02f9f2b63e9e1312b61486223ac28bb6b6a3ced74fc74a2776b5d4d06abTORQUE Resource Manager versions 2.5.x through 2.5.13 suffer from a stack buffer overflow vulnerability.
01db40756d23f2ac4bcfe60e33e9ff8f16a701a683f0b663f33585f704651449Castor Library version 1.3.3-RC1 suffers from a file disclosure vulnerability via XXE injection.
c745856a0985244400e7849e695d5c5af94674a689876f8d473e189ed7ba90caIn limited circumstances it was possible for a malicious web application to replace the XML parsers used by Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs) and tag plugin configuration files. The injected XMl parser(s) could then bypass the limits imposed on XML external entities and/or have visibility of the XML files processed for other web applications deployed on the same Tomcat instance. Versions affected include Apache Tomcat 8.0.0-RC1 to 8.0.5, Apache Tomcat 7.0.0 to 7.0.53, and Apache Tomcat 6.0.0 to 6.0.39.
b71018c17fe31cadd9009eec7e6aa8baac5fe8224526001717dfff63d30296e6The default servlet allows web applications to define (at multiple levels) an XSLT to be used to format a directory listing. When running under a security manager, the processing of these was not subject to the same constraints as the web application. This enabled a malicious web application to bypass the file access constraints imposed by the security manager via the use of external XML entities. Versions affected include Apache Tomcat 8.0.0-RC1 to 8.0.3, Apache Tomcat 7.0.0 to 7.0.52, and Apache Tomcat 6.0.0 to 6.0.39.
10f8569b889be3e5065679485f9df35a245480080081a0d21ce4014edf7c0b4aXML Security Library is a C library based on LibXML2. It provides an implementation for major XML security standards: XML Digital Signature and XML Encryption.
3221593ca50f362b546a0888a1431ad24be1470f96b2469c0e0df5e1c55e7305This Metasploit module injects a malicious udp packet to crash Wireshark 1.8.0 to 1.8.7 and 1.6.0 to 1.6.15. The vulnerability exists in the capwap dissector which fails to handle an incomplete packet.
f45824d8ae8f2f2ded6c62979f4a3f1eca4605da3e5dba3170672adc46202f24InterScan Messaging Security Virtual Appliance version 8.5.1.1516 suffers from a cross site scripting vulnerability.
1fa2cc407ed2a82d337ba4d3cae67361db3f1a6cbca2e745fe0e6c1ced5eceb3WordPress DZS Video Gallery plugin suffers from cross site scripting and content spoofing vulnerabilities.
2e373512b83a272d99befda185bacf93325506cc1ef0040fac331aedbde92dc5Easy File Sharing FTP Server version 3.5 suffers from a stack buffer overflow vulnerability.
6d4e2b3a8ea09bda8b36163e3010795b7044177b5476f516d56a6748cda9590eProtonMail.ch suffers from cross site request forgery, header injection, and out of date software vulnerabilities. Note that this finding houses site-specific data.
3d088ba11847cc70c4f57d4cfaf4266199b8c8da68a1d4fbf240d3513b40af99
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed