Skyjack takes over Parrot drones, deauthenticating their true owner and taking over control, turning them into zombie drones under your own control.
1b98f29ef25d025fd339b29c2523e4f447d2b77b9ad899161c58fff2e9465639This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya versions below 6.3.0.2. A malicious user can upload an ASP file to an arbitrary directory without previous authentication, leading to arbitrary code execution with IUSR privileges.
3e11070aa3e56e32d0904d26cac7cacb888f2199f24e9d97a3ad562caf0a7096CarolinaCon is now accepting speaker/paper/demo submissions for its 10th annual conference. This event will be held May 16th through the 18th, 2014 in Raleigh, NC, USA.
acb8b3b2805de5aede5ef91dba7d12252e26aab010a3b7f3f2868c6d10df5befGentoo Linux Security Advisory 201312-4 - An integer overflow in libtheora might allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.1.1 are affected.
d390899e77f08b8de159b611a17dbfc329311c29ec4bc8175c49e5c6ecf8f076Gentoo Linux Security Advisory 201312-3 - Multiple vulnerabilities have been found in OpenSSL allowing remote attackers to determine private keys or cause a Denial of Service. Versions less than 1.0.0i are affected.
380511be6e419bf1f679eb548827eea73dd38dc5884aa3ee7bdc7e4fdf03aa74Gentoo Linux Security Advisory 201312-2 - Multiple vulnerabilities have been found in BusyBox, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.21.0 are affected.
5eca61e08ab05154f1d0349dee78f810b450cc764497a9ccadb22f526df3040fGentoo Linux Security Advisory 201312-1 - Multiple vulnerabilities have been found in GNU C Library, the worst of which allowing arbitrary code execution and privilege escalation. Versions less than 2.15-r3 are affected.
93933af2bf688207043ef3e436cfab262e2d341cca4b4649e9a182df161805b5Ubuntu Security Notice 2045-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Alan Chester reported a flaw in the IPv6 Stream Control Transmission Protocol (SCTP) of the Linux kernel. A remote attacker could exploit this flaw to obtain sensitive information by sniffing network traffic. Various other issues were also addressed.
3b955b65e166e4f2040ddfae69e3db1c541111a5278e26dcfcccccb48ee75ef0Ubuntu Security Notice 2047-1 - Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash.
a357aae6b9b09987c88c4cd31510dbe7de99ecbfbd5b94647c9c2c9e69a4cdbaUbuntu Security Notice 2046-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
03785f067577ddb309b03a9c22e4a48647107a96022c5542a8d1e205dce12690Ubuntu Security Notice 2044-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
69dddc0e11072dfec4e5cfed767210007ebc58a07e36bdafb16dbcf97192b474Ubuntu Security Notice 2043-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
dc9ad1fd4040c0efabd27e3cf552fea80f91fdd21b95f70f70341c917b59fe10Ubuntu Security Notice 2042-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
480e958bba4ab37b1a3cfcf0c5a4c49492b0c37fbcdadacc0664eea458c53352Ubuntu Security Notice 2041-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Alan Chester reported a flaw in the IPv6 Stream Control Transmission Protocol (SCTP) of the Linux kernel. A remote attacker could exploit this flaw to obtain sensitive information by sniffing network traffic. Various other issues were also addressed.
d708abcfe877ba032773445e0511dc17378d60f8162e15d09f02b5c5b9158421Ubuntu Security Notice 2040-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
af9463083a622904006c60e2c6be905bedc2d93a64cda6378ec05d653f777575Ubuntu Security Notice 2039-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. A flaw was discovered in the Xen subsystem of the Linux kernel when it provides read-only access to a disk that supports TRIM or SCSI UNMAP to a guest OS. A privileged user in the guest OS could exploit this flaw to destroy data on the disk, even though the guest OS should not be able to write to the disk. Various other issues were also addressed.
d666179f4eca9accee08ccabed80dc0946e2c6fc975772befbf68c62fbea426dUbuntu Security Notice 2037-1 - A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Multiple integer overflow flaws where discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.
8f0e253f175cc8ea608aeb2f1c7e4144bf9ae632874c71cf9969b00ded4b0eabUbuntu Security Notice 2036-1 - A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. Multiple integer overflow flaws where discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.
21c2eb479517824bd539f67da0251316aa450a659091cc97743edac408323fedUbuntu Security Notice 2038-1 - An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. A flaw was discovered in the Xen subsystem of the Linux kernel when it provides read-only access to a disk that supports TRIM or SCSI UNMAP to a guest OS. A privileged user in the guest OS could exploit this flaw to destroy data on the disk, even though the guest OS should not be able to write to the disk. Various other issues were also addressed.
8672520ae920f177437eb9025de7403e71472862cc712f76f38682792e48acfcRed Hat Security Advisory 2013-1778-01 - The GIMP is an image composition and editing program. A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. The CVE-2013-1913 and CVE-2013-1978 issues were discovered by Murray McAllister of the Red Hat Security Response Team.
f90f3af27391971a54981a287302303009d3861c6452111b82d0990fdc3fb626Red Hat Security Advisory 2013-1779-01 - The mod_nss module provides strong cryptography for the Apache HTTP Server via the Secure Sockets Layer and Transport Layer Security protocols, using the Network Security Services security library. A flaw was found in the way mod_nss handled the NSSVerifyClient setting for the per-directory context. When configured to not require a client certificate for the initial connection and only require it for a specific directory, mod_nss failed to enforce this requirement and allowed a client to access the directory when no valid client certificate was provided.
11da3fc780b577187d52bda2b10168ed860f497d9a4968d5550fb6aec3d36cc2Debian Linux Security Advisory 2808-1 - Several vulnerabilities have been discovered in OpenJPEG, a JPEG 2000 image library, that may lead to denial of service (CVE-2013-1447) via application crash or high memory consumption, possible code execution through heap buffer overflows (CVE-2013-6045), information disclosure (CVE-2013-6052), or yet another heap buffer overflow that only appears to affect OpenJPEG 1.3 (CVE-2013-6054).
14dda50208ad19e04dbcb02a62bc341611cd1315e90ec977171b10fb4b986734
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed