MS14-062 Microsoft Bluetooth Personal Area Networking (BthPan.sys) Privilege Escalation

A vulnerability within Microsoft Bluetooth Personal Area Networking module, BthPan.sys, can allow an attacker to inject memory controlled by the attacker into an arbitrary location. This can be used by an attacker to overwrite HalDispatchTable+0x4 and execute arbitrary code by subsequently callin...

KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth...

Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation

Microsoft Windows XP SP3 - BthPan.sys Arbitrary Write Privilege Escalation """ Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1...

Microsoft Windows XP SP3 - 'BthPan.sys' Arbitrary Write Privilege Escalation

""" Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth...

New Variant of Havex Malware Scans for OPC Servers at SCADA Systems

At the beginning of the month, we have reported about the new surge of a Stuxnet-like malware “Havex”, which was previously targeting organizations in the energy sector, had been used to carry out industrial espionage against a number of companies in Europe and compromised over 1,000 European and...

Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation

Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth Personal Area Networking Affected Versions: 5.1.2600.5512 Platform: Microsoft Windows XP SP3 CWE Classification: CWE-123: Write-what-where Condition Impact: Privilege Escalation Attack vector: IOCTL CVE ID:...

Moderate: Red Hat Security Advisory: openstack-neutron security, bug fix, and enhancement update

Updated openstack-neutron packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability...

UBUNTU-CVE-2014-4943

The PPPoL2TP feature in net/l2tp/l2tpppp.c in the Linux kernel through 3.15.6 allows local users to gain privileges by leveraging data-structure differences between an l2tp socket and an inet socket...

Windows 95/98 UNC Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/779/info There is a overflowable buffer in the networking code for Windows 95 and 98 all versions. The buffer is in the part of the code that handles filenames. By specifying an exceptionally long filename, an attacker ca...

alstrasoft E-Friends <= 4.98 (seid) Multiple SQL Injection Vulnerabilities

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV85$2007 ----------------------------------------------------------------------------------------- ECHOADV85$2007 alstrasoft E-Friends = 4.98 seid Multiple Remote SQL...

Rayzz Photoz Upload Vulnerability

No description provided by source. ========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

socialengine 4.2.2 - Multiple Vulnerabilities

No description provided by source. Social Engine 4.2.2 Multiples Vulnerabilities Earlier versions are also possibly vulnerable. INFORMATION Product: Social Engine 4.2.2 Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Discovered by: Tiago Natel de Moura aka i4k Discovered at: 10/04/20...

Microsoft NT 4.0 RAS/PPTP Malformed Control Packet Denial of Service Attack

No description provided by source. source: http://www.securityfocus.com/bid/2111/info Quoted from a Microsoft FAQ, Point-to-Point-Tunneling Protocol PPTP is a new networking technology that supports multiprotocol virtual private networks VPN, enabling remote users to access corporate networks...

PG Social Networking Shell Upload Vulnerabilty

No description provided by source. ============================================================== PG Social Networking --Shell upload Vulnerabilty ============================================================== Name : PG Social Networking --Shell upload Vulnerabilty Date : july 9,2010 Critical Lev...

Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3/4.0 SP4/4.0 SP5 RAS Dial-up Networking "Save Password" Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/232/info Windows NT allows users to save their RAS and/or RRAS credentials by using the 'Save Password' checkbox when making a dial-up connection. Credentials saved in this manner are stored in the...

Microsoft Windows NT 4.0 Networking Mutex DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2303/info Microsoft Windows NT 4.0 is subject to a denial of service due to the implementation of incorrect permissions in a Mutex object. A local user could gain control of the Mutex on a networked machine and deny all...

Barracuda Networks Spam & Virus Firewall <= 4.1.1.021 Remote Configuration Retrieval

No description provided by source. !/bin/bash Exploit by ShadowHatesYou [email protected] The resulting output is an SQL dump containing the Barracuda's configuration, which includes goodies such as: The administrative password for the BSFsystempassword MTA LDAP passwordsmtaldapadvancedpasswor...

Symantec PCAnywhere32 8.0 - Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/288/info Servers running PCAnywhere32 with TCP/IP networking are subject to a Denial of Service attack that will hang the server at 100% CPU utilization. A malicious user may initiate this DoS by connecting to tcp port 56...

Inout Ad server Ultimate Shell Upload Vulnerabilty

No description provided by source. ============================================================== Inout Ad server Ultimate -- Shell upload Vulnerabilty ============================================================== Name : Inout Ad server Ultimate Shell upload Vulnerabilty Date : july 9,2010...

User-Mode Linux Kernel 2.4.17 -8 Memory Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3973/info User-Mode Linux UML is a patch which allows the Linux Kernel to run as a user space process. It is currently available for the Linux operating system. It may be used as an efficient tool for kernel development, ...