2293 matches found
Perl DBD-Pg Module: Arbitrary code execution
Background DBD-Pg is a PostgreSQL interface module for Perl. Description Format string vulnerabilities have been found in the the "pgwarn" and "dbdstprepare" functions in dbdimp.c. Impact A remote PostgreSQL server could send specially crafted database warnings or DBD statements, possibly resulti...
Legacy Native Malware in Angry Birds Space to pwn your Android !
Legacy Native Malware in Angry Birds Space to pwn your Android A new malware threatens phones and tablets running Google's OS by hiding inside a copy of the popular game. Researchers at the mobile security firm Lookout identified the reworked malware as Legacy Native LeNa, which poses as a...
HP Data Protector DPNECentral Web Service Detection
HP Data Protector DPNECentral Web Service, a component of HP Data Protector for managing backup policies, is hosted on the remote web server. This service is installed with HP Data Protector for PCs, HP Data Protector Notebook Extension, and possibly other HP Data Protector software. C Tenable...
Tiny Server 1.1.5 - Arbitrary File Disclosure
!/usr/bin/perl -w Title : Tiny Server v1.1.5 Arbitrary File Disclosure Exploit Author : KaHPeSeSe Test : PERFECT XP PC1 / SP3 Date : 15/03/2012 Thanks : exploit-db.com use LWP::Simple; use LWP::UserAgent; system'color','A'; system'cls'; print "\n\t\n"; print "\n\t....... Tiny Server v1.1.5...
Android Malware Stealing Online Banking Credentials
Malware that targets Android phones has been on a steady rise for the last couple of years, and much of it has come in the form of compromised apps or outright malicious apps disguised as games or utilities. But now researchers have come across a new Android threat that is designed specifically t...
Waves of Attacks Target Adobe Reader Bug From 2010
Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a...
OpenSSL < 0.9.2b Session Reuse
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.2b. A remote attacker could reuse an SSL session under a different context and bypass access control mechanisms based on client certificates. C Tenable Network Security, Inc. include"compat.inc"; i...
OpenSSL < 0.9.7m / 0.9.8e Buffer Overflow (deprecated)
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7m or 0.9.8e. A remote attacker could trigger a one-byte buffer overflow. The real impact is unknown. Arbitrary code could be run but no functional exploit was published. This plugin has been...
OpenSSL < 0.9.8p / 1.0.0b Buffer Overflow
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8p / 1.0.0b. If a TLS server is multithreaded and uses the SSL cache, a remote attacker could trigger a buffer overflow and crash the server or run arbitrary code. C Tenable Network Security, Inc...
OpenSSL < 0.9.8p / 1.0.0e Double Free Vulnerability
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8p / 1.0.0e. A remote attacker could crash client software when using ECDH. The impact of this vulnerability is not clear; arbitrary code could be run too. Note that OpenSSL changelog only reports ...
OpenSSL < 0.9.8 Weak Default Configuration
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.8. The default configuration uses MD5 instead of a stronger hash algorithm. An attacker could forge certificates. If you never generate certificates on this machine, you may ignore this warning. C...
OpenSSL < 0.9.6b Predictable Random Generator
According to its banner, the remote web server is running a version of OpenSSL that is earlier than 0.9.6b and allows remote attackers to predict the output of the pseudo-random generator. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17745; scriptversion"1.11";...
OpenSSL < 0.9.7l / 0.9.8d Multiple Vulnerabilities
According to its banner, the remote server is running a version of OpenSSL that is earlier than 0.9.7l or 0.9.8d. As such, it is affected by multiple vulnerabilities : - A remote attacker could trigger a denial of service, either via malformed ASN.1 structures or specially crafted public keys...
OpenSSL 1.0.0 < 1.0.0-beta2 DoS
According to its banner, the remote server is running a version of OpenSSL 1.0.0 prior to 1.0.0 beta 2. A remote attacker can crash the server by sending an out-of-sequence DTLS handshake message. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17768;...
Plone and Zope - Remote Command Execution
Exploit Title: Plone - Remote Command Execution Date: 12/21/2011 Author: Nick Miles www.npenetrable.com Tested on: 12/21/2011 CVE : CVE-2011-3587 Versions Affected without hotfix: Plone 4.0 through 4.0.9; Plone 4.1; Plone 4.2 a1 and a2; Zope 2.12.x and Zope 2.13.x. Versions Not Affected: Versions...
TFTP File Transfer Utility
This module will transfer a file to or from a remote TFTP server. Note that the target must be able to connect back to the Metasploit system, and NAT traversal for TFTP is often unsupported. Two actions are supported: "Upload" and "Download," which behave as one might expect -- use 'set action...
mPDF 5.3 - File Disclosure
mPDF 5.3 - File Disclosure Exploit Title: mPDF 1; use c...
CVE-2011-4128
CVE-2011-4128 affects GnuTLS: a buffer overflow in gnutls_session_get_data in lib/gnutls_session.c can be triggered when a client uses nonstandard session resumption. A remote TLS server can cause an application crash (DoS) by sending a large SessionTicket. Affected are GnuTLS 2.12.x prior to 2.1...
Google Android - content: URI Multiple Information Disclosure Vulnerabilities
Google Android - content: URI Multiple Information Disclosure Vulnerabilities Android Data Stealing Web PageClick: Malicious Link"; // Stage 1: Redirect to Stage 2 which will force a download of the HTML/...
Researchers Crack Siri Protocol
Researchers cracked the pride of Apple’s latest iPhone iteration yesterday, reverse-engineering the language processing, interactive personal assistant application called Siri. On their blog, the researchers from Applidium posted a demo and directions that will allow users to install and use the...