Command injection

Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to b...

Windows TCP/IP Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have ...

Kaseya VSA R9.2 Arbitrary File Read Vulnerability

A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server including source code of Kaseya, the database backups, configuration files, and even...

Description of the cumulative update package for Communicator 2007 R2: November 2010

Describes the issues that are fixed in the November, 2010 cumulative update package for Communicator 2007 R2.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issues that are fixed in the update for Communicator 2007 R2 that is dated November 2010.This article describes the...

Avaxswf.dll 1.0.0.1 from Avax Vector ActiveX Arbitrary Data Write

No description provided by source. :. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write ============================================================================ Internal ID: VULWAR20070626...

Foreigners: how to get the remote computer's IP address-vulnerability warning-the black bar safety net

Most might think the first time how to find your friend's computer's IP address or find people with you in Yahoo Messenger or chat IP address. In this I will show you how to find remote computer's IP address in one simple step. I created a PHP script that allows you to more easily find you choose...

Avaxswf.dll v.1.0.0.1 from Avax Vector ActiveX Arbitrary Data Write

No description provided by source. :. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write ============================================================================...

[GOODFELLAS - VULN ] Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write

:. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write ============================================================================ Internal ID: VULWAR200706264 Introduction ------------...

To solve the Telnet invasion in the FTP space to store the Trojan-vulnerability warning-the black bar safety net

Himself a rookie, a lot of noobs like me, learn the 1 3 5-port scan the Administrator of the air interface of the token, and then use the Recton open the other Telnet of 2 3 port for the invasion. Learn this tutorial, find free FTP is very strenuous. I also got a poison, restore a backup, and now...

BackOrifice Software Detection

The remote host seems to be running BackOrifice 1.x with no password. BackOrifice is a trojan which allows an intruder to take control of the remote computer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10024;...