«
Expand/Collapse
62 items tagged "target system"
Related tags:
zero day [+],
vulnerability [+],
kernel [+],
hat [+],
arbitrary path [+],
file [+],
windows [+],
udf user [+],
target host [+],
target [+],
security [+],
microsoft [+],
linux [+],
system [+],
ssh [+],
port [+],
oracle [+],
fwknop [+],
document [+],
capture [+],
authorization scheme [+],
authorization [+],
unc path [+],
target systems [+],
systems solutions [+],
sql [+],
sap [+],
red hat enterprise [+],
read method [+],
protocol implementation [+],
printfile [+],
postgresql [+],
portal [+],
mysql [+],
ipv6 implementation [+],
injection [+],
heap memory [+],
filesystem structure [+],
enterprise portal [+],
enterprise [+],
distrib [+],
directory traversal [+],
data protector [+],
control string [+],
cisco webex [+],
user [+],
smb service [+],
realplayer user [+],
realnetworks [+],
invalid parameters [+],
initiative [+],
code [+],
authentication protocol [+],
attacker [+],
usa [+],
reading vulnerability [+],
problem scenarios [+],
novell iprint [+],
malware [+],
machine [+],
georg wicherski [+],
document capture [+],
dll module [+],
classic sandbox [+],
zero [+],
day [+],
kernel packages [+],
red hat security [+],
red [+]
-
-
13:01
»
Packet Storm Security Advisories
Red Hat Security Advisory 2012-0480-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw in the xfrm6_tunnel_rcv() function in the Linux kernel's IPv6 implementation could lead to a use-after-free or double free flaw in tunnel6_rcv(). A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the xfrm6_tunnel kernel module loaded, causing it to crash.
-
13:01
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2012-0480-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw in the xfrm6_tunnel_rcv() function in the Linux kernel's IPv6 implementation could lead to a use-after-free or double free flaw in tunnel6_rcv(). A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the xfrm6_tunnel kernel module loaded, causing it to crash.
-
13:01
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2012-0480-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw in the xfrm6_tunnel_rcv() function in the Linux kernel's IPv6 implementation could lead to a use-after-free or double free flaw in tunnel6_rcv(). A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the xfrm6_tunnel kernel module loaded, causing it to crash.
-
-
13:48
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-027 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc function exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by first setting the 'Text' member of the object. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
-
13:48
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-027 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc function exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by first setting the 'Text' member of the object. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
-
13:48
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-027 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc function exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by first setting the 'Text' member of the object. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
-
13:38
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-026 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Render() method exposed by the ExportHTML.dll ActiveX control. This method causes a file to be written to an arbitrary path specified by the second argument (Output). The contents of the file can be controlled by manipulating the object members 'CssLocation', 'LayoutStyle' and 'EmbedCss'. The CssLocation member can be directed to a UNC path containing a file to be included in the file generated by the call to Render(). These behaviors can be exploited by an attacker to execute arbitrary code on the target system.
-
13:38
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-026 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Render() method exposed by the ExportHTML.dll ActiveX control. This method causes a file to be written to an arbitrary path specified by the second argument (Output). The contents of the file can be controlled by manipulating the object members 'CssLocation', 'LayoutStyle' and 'EmbedCss'. The CssLocation member can be directed to a UNC path containing a file to be included in the file generated by the call to Render(). These behaviors can be exploited by an attacker to execute arbitrary code on the target system.
-
13:38
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-026 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Render() method exposed by the ExportHTML.dll ActiveX control. This method causes a file to be written to an arbitrary path specified by the second argument (Output). The contents of the file can be controlled by manipulating the object members 'CssLocation', 'LayoutStyle' and 'EmbedCss'. The CssLocation member can be directed to a UNC path containing a file to be included in the file generated by the call to Render(). These behaviors can be exploited by an attacker to execute arbitrary code on the target system.
-
-
21:23
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-020 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc and PrintFile functions exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by setting the 'Header' member and calling PrintFile() with the same path argument. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
-
21:23
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-020 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc and PrintFile functions exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by setting the 'Header' member and calling PrintFile() with the same path argument. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
-
21:23
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-020 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc and PrintFile functions exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by setting the 'Header' member and calling PrintFile() with the same path argument. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
-
21:22
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-019 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.
-
21:22
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-019 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.
-
21:22
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-019 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.
-
-
15:22
»
Packet Storm Security Tools
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
-
-
18:24
»
Packet Storm Security Recent Files
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
-
18:24
»
Packet Storm Security Tools
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
-
18:24
»
Packet Storm Security Misc. Files
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
-
-
19:59
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-341 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within atdl2006.dll. The vulnerability is caused by lack of validation when parsing WRF files. A specially crafted WRF file will cause the application to incorrectly push a size value to a memcpy, allowing for corruption of heap memory. An attacker can leverage this vulnerability to execute arbitrary code on the target system under the context of the current user.
-
19:59
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-341 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within atdl2006.dll. The vulnerability is caused by lack of validation when parsing WRF files. A specially crafted WRF file will cause the application to incorrectly push a size value to a memcpy, allowing for corruption of heap memory. An attacker can leverage this vulnerability to execute arbitrary code on the target system under the context of the current user.
-
19:59
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-341 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within atdl2006.dll. The vulnerability is caused by lack of validation when parsing WRF files. A specially crafted WRF file will cause the application to incorrectly push a size value to a memcpy, allowing for corruption of heap memory. An attacker can leverage this vulnerability to execute arbitrary code on the target system under the context of the current user.
-
-
16:35
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. A signedness issue was found in the Linux kernel's CIFS implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted.
-
16:35
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. A signedness issue was found in the Linux kernel's CIFS implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted.
-
16:35
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. A signedness issue was found in the Linux kernel's CIFS implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted.
-
-
15:58
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1386-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The maximum file offset handling for ext4 file systems could allow a local, unprivileged user to cause a denial of service. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. Various other issues in the kernel have also been addressed.
-
15:58
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1386-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The maximum file offset handling for ext4 file systems could allow a local, unprivileged user to cause a denial of service. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. Various other issues in the kernel have also been addressed.
-
15:58
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1386-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The maximum file offset handling for ext4 file systems could allow a local, unprivileged user to cause a denial of service. IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. Various other issues in the kernel have also been addressed.
-
-
13:18
»
SecDocs
Authors:
Georg Wicherski Tags:
virtual machine malware malware analysis Event:
Black Hat USA 2010 Abstract: The increasing amount of new malware each day does not only put anti-virus companies up to new limits handling these samples for detection by creating new signatures. But also for network security providers and administrators, getting information on how samples affect the networks they try to protect is an increasing problem. Dynamic analysis of malware by execution in sandboxes has been an approach that has been successfully applied in both of these problem scenarios, however classic sandbox approaches clearly suffer from severe scalability problems. Most of these rely on setting up a real target system such as the Windows XP operating system as a virtual machine with additional software that does logging of performed actions. While these are easy to develop and set up, they require a separate virtual machine instance for each malware sample to be analyzed and therefore do not scale up with today's requirements in terms of malware growth. Anti-Virus vendors tried to circumvent performance issues for file analysis by developing custom emulators that can be deployed on a customer end-host for detection and do not require a whole operating system inside a virtual machine. These emulators however often are software interpreters for the x86 instruction set and run therefore into execution speed limitations on their own. Additionally, they suffer from detectability because they try to emulate every single Windows API but suffer from accuracy issues. dirtbox is an attempt to implement a highly scalable x86/Windows emulator that can be both used for simple malware detection and detailed behavior analysis reports. Instead of emulating every single x86 instruction in software, malware instructions are executed directly on the host CPU in a per basic block fashion. A disassembling run on each basic block ensures that no privileged or control flow subverting instructions are executed. The notion of virtual memory that is separated from the emulators memory is employed by special LDT segments and switching segment selectors before executing guest instructions. Since no instrumentation alike instruction rewriting is being done, disassembler results per basic block can be cached and all execution happens in the same process without context-switches, a high grade of performance is achieved. The operating system is emulated at the syscall layer. While this layer is mostly undocumented and implementing it in an accurate fashion is a challenging task on its own, the fact that no register changes are leaked from Ring 0 thwarts a lot of detection techniques. For usage of the high-level APIs, corresponding libraries are directly mapped into the virtual memory as well.
-
-
17:57
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1212-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the Linux kernel's Stream Control Transmission Protocol implementation. A remote attacker could send a specially-crafted SCTP packet to a target system, resulting in a denial of service. A flaw in the Linux kernel's client-side NFS Lock Manager implementation could allow a local, unprivileged user to cause a denial of service.
-
17:57
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1212-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the Linux kernel's Stream Control Transmission Protocol implementation. A remote attacker could send a specially-crafted SCTP packet to a target system, resulting in a denial of service. A flaw in the Linux kernel's client-side NFS Lock Manager implementation could allow a local, unprivileged user to cause a denial of service.
-
17:57
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1212-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the Linux kernel's Stream Control Transmission Protocol implementation. A remote attacker could send a specially-crafted SCTP packet to a target system, resulting in a denial of service. A flaw in the Linux kernel's client-side NFS Lock Manager implementation could allow a local, unprivileged user to cause a denial of service.
-
-
19:21
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1106-01 - The kernel packages have been updated to address a vulnerability. A flaw allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
19:21
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1106-01 - The kernel packages have been updated to address a vulnerability. A flaw allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
19:21
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1106-01 - The kernel packages have been updated to address a vulnerability. A flaw allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
-
8:21
»
Packet Storm Security Advisories
Red Hat Security Advisory 2011-1090-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found that allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
8:21
»
Packet Storm Security Recent Files
Red Hat Security Advisory 2011-1090-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found that allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
8:21
»
Packet Storm Security Misc. Files
Red Hat Security Advisory 2011-1090-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found that allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
-
-
14:22
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-152 - This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient sanitization on user-supplied data when handling certain messages. Remote, unauthenticated attackers can exploit this vulnerability by sending crafted filename strings to the target, which would allow attackers to view or download arbitrary files on the target system.
-
14:22
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-152 - This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient sanitization on user-supplied data when handling certain messages. Remote, unauthenticated attackers can exploit this vulnerability by sending crafted filename strings to the target, which would allow attackers to view or download arbitrary files on the target system.
-
14:22
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-152 - This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient sanitization on user-supplied data when handling certain messages. Remote, unauthenticated attackers can exploit this vulnerability by sending crafted filename strings to the target, which would allow attackers to view or download arbitrary files on the target system.
-
-
6:33
»
Packet Storm Security Advisories
Onapsis Security Advisory - It has been detected that the SAP Enterprise Portal runtime presents descriptive error messages when special HTTP requests are processed, returning information about the filesystem structure were the component is deployed in the target system.
-
6:33
»
Packet Storm Security Recent Files
Onapsis Security Advisory - It has been detected that the SAP Enterprise Portal runtime presents descriptive error messages when special HTTP requests are processed, returning information about the filesystem structure were the component is deployed in the target system.
-
6:33
»
Packet Storm Security Misc. Files
Onapsis Security Advisory - It has been detected that the SAP Enterprise Portal runtime presents descriptive error messages when special HTTP requests are processed, returning information about the filesystem structure were the component is deployed in the target system.
-
-
16:59
»
Packet Storm Security Exploits
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the UPDATE pg_largeobject method of binary injection. On default Microsoft Windows installations of PostgreSQL (=
-
16:59
»
Packet Storm Security Recent Files
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the UPDATE pg_largeobject method of binary injection. On default Microsoft Windows installations of PostgreSQL (=
-
16:59
»
Packet Storm Security Misc. Files
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the UPDATE pg_largeobject method of binary injection. On default Microsoft Windows installations of PostgreSQL (=
-
-
15:30
»
Packet Storm Security Exploits
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL (=
-
15:30
»
Packet Storm Security Recent Files
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL (=
-
15:30
»
Packet Storm Security Misc. Files
This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL (=
-
-
16:35
»
SecuriTeam
EasyMail ActiveX Control (emsmtp.dll) included in Oracle Document Capture can be used to read any file in target system.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
7:33
»
Packet Storm Security Exploits
EasyMail ActiveX Control (emsmtp.dll) that included into Oracle Document Capture distrib can be used to read any file in target system. The vulnerable method is "ImportBodyText()".
-
7:33
»
Packet Storm Security Recent Files
EasyMail ActiveX Control (emsmtp.dll) that included into Oracle Document Capture distrib can be used to read any file in target system. The vulnerable method is "ImportBodyText()".
-
7:33
»
Packet Storm Security Misc. Files
EasyMail ActiveX Control (emsmtp.dll) that included into Oracle Document Capture distrib can be used to read any file in target system. The vulnerable method is "ImportBodyText()".
-
-
20:01
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-211 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the browser plugins provided by RealNetworks. The RecordClip method can be access via the ActiveX control or the Firefox plugin. By injecting a specific character into the arguments to this method, invalid parameters can be passed to a child process that is launched on the local system. This parameter injection allows an attacker to download and subsequently execute a file on a target system, thus allowing for remote code execution.
-
20:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-211 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the browser plugins provided by RealNetworks. The RecordClip method can be access via the ActiveX control or the Firefox plugin. By injecting a specific character into the arguments to this method, invalid parameters can be passed to a child process that is launched on the local system. This parameter injection allows an attacker to download and subsequently execute a file on a target system, thus allowing for remote code execution.
-
-
13:00
»
Packet Storm Security Advisories
This vulnerability allows remote attackers to delete all files on a system with a vulnerable installation of the Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the nipplib.dll module that can be reached via the ienipp.ocx ActiveX control with CLSID 36723f97-7aa0-11d4-8919-FF2D71D0D32C. The CleanUploadFiles method appears to be used to remove temporary files within a contained directory. However, due to a logic flaw a remote attacker can abuse the function to force the process to recursively delete all files on the target system.
-
-
18:00
»
Packet Storm Security Recent Files
Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.
-
18:00
»
Packet Storm Security Exploits
Flaws in Microsoft's implementation of the NTLM challenge-response authentication protocol causing the server to generate duplicate challenges/nonces and an information leak allow an unauthenticated remote attacker without any kind of credentials to access the SMB service of the target system under the credentials of an authorized user. Depending on the privileges of the user, the attacker will be able to obtain and modify files on the target system and execute arbitrary code. Proof of concept exploit included.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution