Amazon Linux: Security Advisory (ALAS-2014-290)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2013-230)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress WP Symposium Plugin 15.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin wp-symposium Unauthenticated SQL Injection Vulnerability Date: 2015-07-30 Exploit Author: PizzaHatHacker Vendor Homepage: http://www.wpsymposium.com/ Version: ? = version = 15.5.1 Tested on: Apache / WordPress...

Microsoft Windows HTA (HTML Application) - Remote Code Execution Exploit

Microsoft Windows HTA HTML Application remote code execution exploit that leverages MS14-064. !/usr/bin/php poc'."\n\n"; $reza = socketcreateAFINET, SOCKSTREAM, 0 or die'Failed to create socket!'; socketbind$reza, 0,$port; socketlisten$...

If we stand still, we go backwards

Recently, ppk claimed the web is going too fast in the wrong direction, and asked for a year's moratorium on web features. I was so angry I ran straight to a dictionary to find out what "moratorium" meant. Turns out it means "suspension". I got a bit snarky about it on Twitter, which isn't really...

CollabNet Subversion Edge weak password policy

Vuln Title: The CollabNet Subversion Edge Management Frontend does not implement a strong password policy Date: 28.06.2015 Author: otr Software Link: https://www.open.collab.net/downloads/svnedge Vendor: CollabNet Version: 4.0.11 Tested on: Fedora Linux Type: Lack of defensive measures Risk: Medi...

PHP < 5.4.41, 5.5.x < 5.5.25, 5.6.x < 5.6.9 Multiple Vulnerabilities - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP < 5.4.41, 5.5.x < 5.5.25, 5.6.x < 5.6.9 Multiple Vulnerabilities - Linux

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

CVE-2015-4024

The CVE-2015-4024 entry describes an algorithmic complexity DoS in PHP’s multipart HTTP POST handling (multipart_buffer_headers in main/rfc1867.c). Attackers can cause high CPU usage with specially crafted form data, affecting PHP versions prior to 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5....

CVE-2015-4024

Algorithmic complexity vulnerability in the multipartbufferheaders function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service CPU consumption via crafted form data that triggers an improper order-of-growth...

UBUNTU-CVE-2015-4024

Algorithmic complexity vulnerability in the multipartbufferheaders function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service CPU consumption via crafted form data that triggers an improper order-of-growth...

SAP xMII - Reflected XSS vulnerability

Application: SAP NetWeaver AS JAV Versions Affected: SAP NetWeaver AS JAVA 7.4 Vendor URL: SAP Bugs: XSS Reported: 05.05.2015 Vendor response: 06.05.2015 Date of Public Advisory: 12.04.2016 Reference: SAP Security Note 2201295 Author: Nursultan Abubakirov , Vahagn Vardanyan ERPScan VULNERABILITY...

PXE Boot Exploit Server

This module provides a PXE server, running a DHCP and TFTP server. The default configuration loads a linux kernel and initrd into memory that reads the hard drive; placing a payload to install metsvc, disable the firewall, and add a new user metasploit on any Windows partition seen, and add a uid...

Design/Logic Flaw

Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service CPU consumption via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for...

CVE-2014-7266

Algorithmic complexity vulnerability in Cybozu Remote Service Manager through 2.3.0 and 3.x through 3.1.2 allows remote attackers to cause a denial of service CPU consumption via vectors that trigger colliding hash-table keys. NOTE: this vulnerability exists because of an incomplete fix for...

Cisco Ironport Appliances - Privilege Escalation

Cisco Ironport Appliances - Privilege Escalation / Cisco Ironport Appliances Privilege Escalation Vulnerability Vendor: Cisco Product webpage: http://www.cisco.com Affected versions: Cisco Ironport ESA - AsyncOS 8.5.5-280 Cisco Ironport WSA - AsyncOS 8.0.5-075 Cisco Ironport SMA - AsyncOS 8.3.6-0...

Oracle Solaris Third-Party Patch Update : ant (algorithmic_complexity_vulnerability_in_apache)

The remote Solaris system is missing necessary patches to address security updates : - Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream BZip2CompressorOutputStream in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of servic...

Oracle Solaris Third-Party Patch Update : ruby (multiple_vulnerabilities_in_ruby1)

The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service...

Cross site scripting

Zenoss Core through 5 Beta 3 does not require complex passwords, which makes it easier for remote attackers to obtain access via a brute-force attack, aka ZEN-15406...

CVE-2014-9248

Zenoss Core through 5 Beta 3 does not require complex passwords, which makes it easier for remote attackers to obtain access via a brute-force attack, aka ZEN-15406...