8607 matches found
Persistent Payload in Windows Volume Shadow Copy
This module will attempt to create a persistent payload in a new volume shadow copy. This is based on the VSSOwn Script originally posted by Tim Tomes and Mark Baggett. This module has been tested successfully on Windows 7. In order to achieve persistence through the RUNKEY option, the user shoul...
Threat Outbreak Alert: Fake Bank Swift Payment Notification Email Messages on October 8, 2013
Medium Alert ID: 31182 First Published: 2013 October 9 15:37 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam e-mail messages that claim to contain bank payment information for the recipient. The text in the email message attempts to convince the recipient t...
NEW VMSA-2013-0011 VMware ESXi and ESX address an NFC Protocol Unhandled Exception
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2013-0011 Synopsis: VMware ESXi and ESX address an NFC Protocol Unhandled Exception Issue date: 2013-08-29 Updated on: 2013-08-29...
VMWare ESX / ESXi NFC DoS
Unhandled exception on Network File Copy protocol handling...
Backup Copy job report shows inflated traffic saving in the notification email
Challenge After installing Patch 1 for Veeam v7, the enhanced Backup Copy job report shows inflated traffic saving in the notification email. Cause Traffic savings ratio is incorrectly calculated off total VM size, rather than the size of changed data. Solution Please download and apply the...
php53 security, bug fix and enhancement update
5.3.3-21 - add security fix for CVE-2013-4248 5.3.3-20 - add security fix for CVE-2013-4113 5.3.3-19 - add upstream reproducer for errorhandler 951075 5.3.3-18 - add security fixes for CVE-2006-7243 5.3.3-17 - reorder security patches - add security fixes for CVE-2012-2688, CVE-2012-0831,...
sssd: TOCTOU race conditions by copying and removing directory trees
System Security Services Daemon SSSD before 1.9.4, when 1 creating, 2 copying, or 3 removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files...
CVE-2013-5129
CVE-2013-5129 affects WebKit in Apple iOS prior to 7. It describes two user-assisted XSS vectors: (1) drag-and-drop and (2) copy-and-paste, allowing an attacker to inject arbitrary script/HTML via data handled by WebKit. The vulnerability arises from how WebKit processes dragged/pasted content an...
Kernel: fanotify: info leak in copy_event_to_user
The filleventmetadata function in fs/notify/fanotify/fanotifyuser.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor...
Threat Outbreak Alert: Fake Bank Deposit Notification Email Messages on September 5, 2013
Medium Alert ID: 30680 First Published: 2013 September 6 19:52 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a bank deposit notification. The email message attempts to convince the recipient to open the attachment to...
KingView 6.53 Active-X File Copy
KingView Insecure ActiveX Control Proof of Concept - SuperGrid.ocx This proof of concept will copy any arbritrary file from one location to a second location. A malicious user may be able to use this to copy a file from an attacker controlled share to the target or from the target to an attacker...
CVE-2013-1661
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy NFC protocol, which allows man-in-the-middle attackers to cause a denial of service unhandled exception and application crash by modifying the client-server data stream...
Design/Logic Flaw
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy NFC protocol, which allows man-in-the-middle attackers to cause a denial of service unhandled exception and application crash by modifying the client-server data stream...
KingView 6.53 - SuperGrid Insecure ActiveX Control
KingView 6.53 - SuperGrid Insecure ActiveX Control KingView Insecure ActiveX Control Proof of Concept - SuperGrid.ocx This proof of concept will copy any arbritrary file from one location to a second location. A malicious user may be able to use this to copy a file from an attacker controlled sha...
KingView 6.53 - 'SuperGrid' Insecure ActiveX Control
KingView Insecure ActiveX Control Proof of Concept - SuperGrid.ocx This proof of concept will copy any arbritrary file from one location to a second location. A malicious user may be able to use this to copy a file from an attacker controlled share to the target or from the target to an attacker...
VMSA-2013-0011 VMware ESX and ESXi updates to third party libraries
VMware has updated VMware ESXi and ESX to address a vulnerability in an unhandled exception in the NFC protocol handler. OpenVAS Vulnerability Test $Id: gbVMSA-2013-0011.nasl 6079 2017-05-08 09:03:33Z teissa $ VMSA-2013-0011 VMware ESX and ESXi updates to third party libraries Authors: Michael...
[Resolver v1.0.9] The reverse/bruteforce DNS lookup
Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Resolver features: Resolve a Single IP Resolve an IP Range Resolve IP’s provided in a tex...
VMSA-2013-0011:VMware ESXi and ESX address an NFC Protocol Unhandled Exception
VMSA-2013-0011 VMware ESXi and ESX address an NFC Protocol Unhandled Exception VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0011 VMware Security Advisory Synopsis: VMware ESXi and ESX address an NFC Protocol Unhandled Exception VMware Security Advisory Issue date:...
Copy To WebDAV 1.1 LFI / Shell Upload / Command Injection
Title: ====== Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities Date: ===== 2013-08-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1044 VL-ID: ===== 1044 Common Vulnerability Scoring System: ==================================== 8.9 Introduction: =============...
[Nishang v0.3.0] The PowerShell for Penetration Testing released (introducing Powerpreter)
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests. Powerpreter is a powershell module...