VMware Patches Workstation, Player Vulnerabilities

VMware announced today it has patched a privilege escalation vulnerability in VMware Workstation. Workstation is the hypervisor software connecting multiple virtual machines on host hardware. Compromising a hypervisor would give an attacker remote control over a number guest machines; the risk is...

Hackers can remotely control your phone – Android 4.4 break vulnerability with EXP-a vulnerability warning-the black bar safety net

Security expert Jay Freeman discovered Android 4.4 in addition a Master Key vulnerability that allows an attacker to bypass signature verification and malicious code detection, in the legal application to inject malicious code. ! “Android Master Key vulnerability”of the earliest in the last 7...

Event Easy Calendar 1.0.0 WP plugin

Details ======================== Application: Event Easy Calendar Version: 1.0.0 Type: WordPress Plugin Vendor: Adamson http://profiles.wordpress.org/adamson/ Url: http://wordpress.org/plugins/event-easy-calendar/ Vulnerability: - Improper Input Validation CWE-20 - Cross-Site Scripting CWE-79 -...

Upgrade Attack

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, HTTP requests ar...

Android Device Manager allows user to Lock, Wipe and Locate device remotely

If you lose your device, Google lets you secure it instantly from afar through Android Device Manager, that let you locate and remotely wipe your phones and tablets. The latest update to Android Device Manager enables remote password locking, overrides the built-in Pattern, PIN code, Face unlock ...

Kaspersky revealed "Kimsuky" Cyber Espionage campaign targeting South Korea

Russian Security Firm Kaspersky Lab has revealed that it has been following a sustained attack on South Korea by hackers seemingly based in North Korea., This new Cyber Espionage campaign dubbed "Kimsuky" has targeted several South Korean think tanks. Researchers believe the Kimsuky malware is mo...

Fedora Update for kremotecontrol FEDORA-2013-13112

Check for the Version of kremotecontrol OpenVAS Vulnerability Test Fedora Update for kremotecontrol FEDORA-2013-13112 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

CVE-2013-3033

SQL injection vulnerability in the server component in IBM Tivoli Remote Control 5.1.2 before 5.1.2-TIV-TRC512-IF0015 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

Sql injection

SQL injection vulnerability in the server component in IBM Tivoli Remote Control 5.1.2 before 5.1.2-TIV-TRC512-IF0015 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

CVE-2013-3033

CVE-2013-3033 affects IBM Tivoli Remote Control 5.1.2 servers. The vulnerability is an SQL injection in the server component that allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. The cited fix is 5.1.2-TIV-TRC512-IF0015, implying the issue was addressed...

CVE-2013-3033

SQL injection vulnerability in the server component in IBM Tivoli Remote Control 5.1.2 before 5.1.2-TIV-TRC512-IF0015 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

[SECURITY] Fedora 18 Update: kremotecontrol-4.10.5-1.fc18

KRemoteControl formerly known as KDELirc is a KDE frontend for your remote controls. It allows to configure actions for button presses on remotes. All types of remotes supported by the Solid module in the KDE platform are also supported by KRemoteControl e.g. with the Linux Infrared Remote Contro...

VLC Web Interface Detection

The remote web server is the web interface to VLC, a media player. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69016; scriptversion"1.2"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"VLC Web Interface Detection"; scriptsummaryenglish:"Detects the VLC Web...

IPMI Vulnerabilities on BMCs expose servers to attack

Baseboard management controllers, embedded computers present in most servers, are vulnerable to a half dozen critical vulnerabilities that could enable an attacker to gain remote control over the host machine. The vulnerabilities are in the Intelligent Platform Management Interface IPMI protocol...

Fedora Update for kremotecontrol FEDORA-2013-10130

Check for the Version of kremotecontrol OpenVAS Vulnerability Test Fedora Update for kremotecontrol FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

AndroRat - Remote Administration Tool for Android

Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server. The name Androrat is a mix of Android and RAT Remote Access Tool. It has been developed in a team of 4 for a university project. It has been realised in one month. The goal of t...

Malicious Firefox, Chrome Extensions Target Facebook Users

Facebook users are being warned of malicious Firefox and Chrome extensions that can give an attacker remote control over a Facebook profile. Microsoft has seen an increase in activity around these extensions, in particular in Brazil. The threat is detected as Trojan:JS/Febipos.A and has been...

Flightgear 2.0 / 2.4 Format String Vulnerability

Flightgear versions 2.0 and 2.4 suffer from a remote format string vulnerability. / Exploit Title: Flightgear remote format string Date: 21/04/2013 Exploit Author: Kurono email: email protected Vendor Homepage: http://www.flightgear.org/ Software Link: http://www.flightgear.org/download/ Version:...

Flightgear 2.0 / 2.4 Format String

/ Exploit Title: Flightgear remote format string Date: 21/04/2013 Exploit Author: Kurono email: [email protected] Vendor Homepage: http://www.flightgear.org/ Software Link: http://www.flightgear.org/download/ Version: Tested on versions 2.0, 2.4. Tested on: Windows Linux user assisted CVE...

Flightgear 2.0/2.4 - Remote Format String

/ Exploit Title: Flightgear remote format string Date: 21/04/2013 Exploit Author: Kurono email: [email protected] Vendor Homepage: http://www.flightgear.org/ Software Link: http://www.flightgear.org/download/ Version: Tested on versions 2.0, 2.4. Tested on: Windows Linux user assisted CVE...