Cisco DLSw Information Disclosure Scanner

This module implements the DLSw information disclosure retrieval. There is a bug in Cisco's DLSw implementation affecting 12.x and 15.x trains that allows an unauthenticated remote attacker to retrieve the partial contents of packets traversing a Cisco router with DLSw configured and active. This...

DEBIAN-CVE-2014-7815

The setpixelformat function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service crash via a small bytesperpixel value...

AIX OpenSSL Advisory : openssl_advisory11.asc (POODLE)

The version of OpenSSL installed on the remote host is affected by the following vulnerabilities : - An error exists related to DTLS SRTP extension handling and specially crafted handshake messages that can allow denial of service attacks via memory leaks. CVE-2014-3513 - A man-in-the-middle MitM...

USN-2391-1: php5 vulnerabilities

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2014-3668 Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote...

USN-2391-1 php5 vulnerabilities

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. CVE-2014-3668 Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote...

Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (110 bytes)

Linux/x86-64 - Add Map 127.1.1.1 google.lk In /etc/hosts Shellcode 110 bytes. Shellcode exploit for Linuxx86-64 platform / ; Title: Add map in /etc/hosts file - 110 bytes ; Date: 2014-10-29 ; Platform: linux/x8664 ; Website: http://osandamalith.wordpress.com ; Author: Osanda Malith Jayathissa...

UBUNTU-CVE-2014-7815

The setpixelformat function in ui/vnc.c in QEMU allows remote attackers to cause a denial of service crash via a small bytesperpixel value...

Amazon Linux AMI : nss (ALAS-2014-429) (POODLE)

A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. This flaw allows a man-in-the-middle MITM attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a...

CVE-2014-8756

The NcrCtl4.NcrNet.1 control in Panasonic Network Camera Recorder before 4.04R03 allows remote attackers to execute arbitrary code via a crafted GetVOLHeader method call, which writes null bytes to an arbitrary address...

CVE-2014-8756

Panasonic Network Camera Recorder vulnerability CVE-2014-8756 affects the NcrCtl4.NcrNet.1 GetVOLHeader call, enabling remote code execution via an arbitrary write of null bytes to an attacker-controlled address. This is a browser/remote execution issue that requires user interaction (e.g., visit...

Panasonic Network Camera Recorder NcrCtl4.NcrNet.1 GetVOLHeader Arbitrary Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic Network Camera Recorder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

CVE-2014-6431

Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service application crash via a crafted file that triggers writes of uncompressed bytes...

CVE-2014-6431

Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service application crash via a crafted file that triggers writes of uncompressed bytes...

Mandriva Linux Security Advisory : serf (MDVSA-2014:166)

Updated serf packages fix security vulnerability : Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter...

Linux/x86-64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (hell) Shellcode (147 bytes)

Linux/x86-64 - Bind TCP 4444/TCP Shell /bin/sh + Password hell Shellcode 147 bytes. Shellcode exploit for Linuxx86-64 platform ; =================================================================== ; Password Protected Bind Shell ; Author: SLAE64-1351 Keyman ; Date: 03/09/2014 ; ; Shellcode length...

PHP 5.4.x < 5.4.32, 5.5.x < 5.5.15 Multiple Vulnerabilities (Aug 2014)

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

Ubuntu: Security Advisory (USN-2315-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2315-1: serf vulnerability

Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

USN-2315-1 serf vulnerability

Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

linux/x86 Run /usr/bin/python | setreuid(),execve() - 54 Bytes

Exploit Title: Shellcode Linux x86 Run /usr/bin/python | setreuid,execve Date: 31/7/2014 Exploit Author: Ali Razmjoo Tested on: kali-linux-1.0.4-i386 3.7-trunk-686-pae 1 SMP Debian 3.7.2-0+kali8 i686 GNU/Linux / Ali Razmjoo , email protected Shellcode Linux x86 Run /usr/bin/python | setreuid,exec...