Man-in-the-middle attack vulnerability in multiple Samsung Galaxy devices

The Samsung Galaxy S4 and others are smart mobile devices released by the South Korean company Samsung Samsung. A security vulnerability exists in the SwiftKey language-pack upgrade implementation process for several Samsung Galaxy devices. As the program uses HTTP to connect to the...

Cisco TelePresence SX20 HTTP Answer Splitting Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco. A security vulnerability exists in Cisco TelePresence that could be exploited by remote attackers to submit a specially crafted URL to cause the target server to return a split response, spoofing the contents of the...

Bsplayer-2.68-HTTP

Bsplayer suffers from a buffer overflow vulnerability when processing the HTTP response when opening a URL. In order to exploit this bug I partially overwrited the seh record to land at pop pop ret instead of the full address and then used backward jumping to jump to a long jump that eventually...

WordPress Mobile Pack Plugin Information Disclosure Vulnerability

WordPress Mobile Pack Plugin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Cisco IOS 11.x/12.x HTTP %% Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1154/info A denial of service attack exists in versions of Cisco IOS, running on a variety of different router hardware. If the router is configured to have a web server running for configuration and other information a...

Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities

Document Title: =============== Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1160 Release Date: ============= 2013-12-03 Vulnerability Laboratory ID VL-ID: ====================================...

Unnamed Android Vulna Ad Library Abused to Steal User Data

A popular Android mobile ad library available on Google Play can be used to collect device data or execute malicious code, security researchers have discovered. The most alarming aspect to the library is that close to 2 percent of Android apps with more than 1 million downloads on Google Play use...

Apache Tomcat / JBoss EJBInvokerServlet / JMXInvokerServlet Code Execution

php 9sgejb.php 192.168.0.1 id HTTP/1.1 200 OK Server: Apache-Coyote/1.1 X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA build: CVSTag=Branch40 date=2006101 62339/Tomcat-5.5 Set-Cookie: JSESSIONID=E9EEE1D6AD27D64ED3835C1092C4FC29; Path=/ Content-Type: text/html;charset=ISO-8859-1 Content-Length: 43 Date...

Lua-Programming Language 1.6 File Upload

TITLE: Unauthenticated Remote File Upload via HTTP for lua-Programming language 1.6 on iOS Date: 8/1/2013 Author: Larry W. Cashdollar, @larry0 Download: https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&ls=1 http://www.tayutec.com/indexen.html Description: "Please download...

D-Link DIR-645 Router Multiple Vulnerabilities (Aug 2013) - Active Check

D-Link DIR-645 Router is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:dlink:dir-645firmware...

ModSecurity Remote Null Pointer Dereference Vulnerability

When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically crash on every call to "forceRequestBodyVariable" in phase 1. This is the...

Tiny Server 1.1.5 - Arbitrary File Disclosure

!/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 Thanks : exploit-db.com use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print "\n\t\n"; print "\n\t....... Tiny Server v1.1.5...

ezCourses 'admin.asp' Security Bypass Vulnerability

ezCourses is prone to a security-bypass vulnerability because it fails to properly validate user-supplied input. Attackers could exploit the issue to bypass certain security restrictions and add or change the 'admin' account password. OpenVAS Vulnerability Test $Id: gbezcourses49907.nasl 5769...

CVE-2011-3487

Directory traversal vulnerability in CarelDataServer.exe in Carel PlantVisor 2.4.4 and earlier allows remote attackers to read arbitrary files via a .. dot dot in an HTTP GET request...

EGroupware Multiple Vulnerabilities (May 2011) - Active Check

EGroupware is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:egroupware:egroupware";...

WordPress WPtouch Plugin < 3.1.1 'wptouch_settings' Parameter XSS Vulnerability - Active Check

The WordPress WPtouch plugin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2011-1645 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA 5500 series devices versions prior to 8.32 Description: The issue concerns the Mobile User Security MUS service, which does not properly authenticate HTTP requests from a Web Security appliance WSA. This...

QuickPHP <= 1.10.0 Remote Source Code Disclosure Vulnerability - Active Check

QuickPHP is prone to a remote source code disclosure vulnerability because it fails to properly sanitize user-supplied input. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption (MS10-051)

Exploit for windows platform in category dos / poc ================================================================= Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption MS10-051 ================================================================= Sources:...

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol &amp; implementation.

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation. Synopsis Enomaly ECP up to and including v3.0.4 is believed to contain an insecure silent update mechanism that could allow a remote attacker to execute arbitrary code as root, and to inject or modify VM workloads for...