620 matches found
JVN#94002296: FFFTP may insecurely load executable files
FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest versio...
Трояним эльфов
Трояним эльфов Задача: Вставить в elf-файл возможность, при указании пароля, запуска произвольных команд. Размер и функционал исходного elf-файла остаются неизменными. Часть 1. Трояним /bin/su из BackTrack 5 R1 x86 образ VMWare BT5R1-GNOME-VM-32.7z 1. ELF и его анатомия в контексте используемой...
CVE-2011-3502
The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing 1 space or 2 %2e encoded dot...
Design/Logic Flaw
The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing 1 space or 2 %2e encoded dot...
Amoy Royal Taobao guest security vulnerabilities and fixes-vulnerability warning-the black bar safety net
Official website: http://www.taodisoft.com 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshe...
Dig Emperor Management Platform security vulnerabilities-vulnerability warning-the black bar safety net
Official website: 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshell directly after is a...
PHP Nuke 8.3 MT Shell Upload
Iranian Pentesters Home Title : PHP Nuke 8.3 MT Arbitrary File Upload Vulnerability Author : Pentesters.ir Exploits Coded by : b3hz4d & 4n0nym0us Tested on: PHP Nuke 8.3 Vendor : http://phpnuke.ir Specially Thanks To: Navid, Hossein, Ahmad, vahid, daryoush and all of the pentesters.ir members...
Threat Outbreak Alert: Fake DHL Package Delivery Notification Email Messages on March 20, 2015
Medium Alert ID: 23104 First Published: 2011 May 9 12:53 GMT Last Updated: 2015 March 20 12:50 GMT Version: 13 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a DHL package delivery notification. The text in the email message instructs...
EMC Data Protection Advisor Collector weak security permissions
Weak permissions for executable files...
JVN#38362957: Lunascape may insecurely load executable files
Lunascape is a web browser. Lunascape loads certain executables when using the "script" function. Lunascape contain an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Upda...
JVN#33880169: Opera may insecurely load executable files
Opera loads certain executables .exe when opening the folder where downloaded contents are stored. Opera contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update...
JVN#02175694: AttacheCase may insecurely load executable files
AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code wi...
Alleged Mega-D Botnet Controller Pleads Not Guilty
The man accused of running the Mega-D spam-spewing botnet has pleaded not guilty to charges that he was using the botnet to send millions of spam messages a day, some of them laden with malware. Oleg Nikolaenko was arraigned in U.S. District Court in Wisconsin on Friday on charges that he violate...
Hackers Use Google Code to Distribute Malware, zScaler Reports
Last year, there were discussions about Google Code—a platform that lets developers host their projects—being exploited to distribute malware. Research by zScaler has identified yet another instance where this platform has been misused. According to the Google Code site: "Project Hosting on Googl...
JVN#89272705: Sleipnir and Grani may insecurely load executable files
Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani load certain executables when displaying the source code of the HTML file currently being viewed. Sleipnir and Grani contain an issue with the file search path, which may insecurely load executables. Impact An attacker may...
JVN#71138390: Apsaly may insecurely load executable files
Apsaly is a text editor that can interact with other applications. Apsaly loads certain executables when opening the folder that contains the file that is being edited, or when a particular sequence of actions are performed. Apsaly contains an issue with the file search path, which may insecurely...
Explzh may insecurely load executable files
Overview Explzh may use unsafe methods for determining how to load executables .exe. Explzh is a file compression/extraction software supporting multiple file formats. Explzh loads certain executables .exe when extracting files. Explzh contains an issue with the file search path, which may...
JVN#85599999: Explzh may insecurely load executable files
Explzh is a file compression/extraction software supporting multiple file formats. Explzh loads certain executables .exe when extracting files. Explzh contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privile...
JVN#68536660: Archive Decoder may insecurely load executable files
Archive Decoder is a file extraction software that supports multiple file formats. Archive Decoder loads certain executables .exe when extracting files. Archive Decoder contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary cod...
JVN#18774708: Lhaplus may insecurely load executable files
Lhaplus is a file compression/extraction software supporting multiple file formats. Lhaplus loads certain executables .exe when extracting files. Lhaplus contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the...