CVE-2015-4965

maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX004, and 7.6.0 before 7.6.0.1 IFIX002; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX004 and 7.6.0 before 7.6.0.1 IFIX002 for SmartCloud Control Desk; and Maximo Ass...

CVE-2015-4965

maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX004, and 7.6.0 before 7.6.0.1 IFIX002; Maximo Asset Management 7.5.x before 7.5.0.8 IFIX004 and 7.6.0 before 7.6.0.1 IFIX002 for SmartCloud Control Desk; and Maximo Ass...

Oracle: Security Advisory (ELSA-2015-3055)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache Struts Cross-Site Scripting Vulnerability (CNVD-2015-06370)

Apache Struts is an open source framework for creating enterprise Java Web applications. Apache Struts debug mode suffers from a cross-site scripting vulnerability that allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which can be used to obtain...

Mango Automation 2.6.0 Unprotected Debug Log View Vulnerability

Summary Mango Automation is a flexible SCADA, HMI And Automation software application that allows you to view, log, graph, animate, alarm, and report on data from sensors, equipment, PLCs, databases, webpages, etc. It is easy, affordable, and open source. Description Mango Automation suffers from...

Drupal Scald Module Information Disclosure Vulnerability

Drupal is a free and open source content management system developed in PHP.Scald module for Drupal is a multimedia management module for Drupal. An information disclosure vulnerability exists in the Drupal Scald module version 7.x-1.5 and prior to version 7.x-1.x, which allows a remote attacker ...

Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1)

Source: https://code.google.com/p/google-security-research/issues/detail?id=293 Platform: Win7 32-bit. trigger.cpp should fire the issue, with two caveats: - PoC will NOT work if compiled as a debug build. - PoC will trigger the condition every time but the subsequent corruption might not cause a...

Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)

Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard MS15-061 Source: https://code.google.com/p/google-security-research/issues/detail?id=294 Platform: Win7 32-bit. trigger.cpp should fire the issue, with a caveat - PoC might NOT work if compiled as a debug build...

Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)

Source: https://code.google.com/p/google-security-research/issues/detail?id=294 Platform: Win7 32-bit. trigger.cpp should fire the issue, with a caveat - PoC might NOT work if compiled as a debug build. windbg.txt is a sample crash log. Analysis from Nils: --- please find attached a C trigger,...

Microsoft Windows Kernel - Bitmap Handling Use-After-Free (MS15-061) (1)

Microsoft Windows Kernel - Bitmap Handling Use-After-Free MS15-061 1 Source: https://code.google.com/p/google-security-research/issues/detail?id=293 Platform: Win7 32-bit. trigger.cpp should fire the issue, with two caveats: - PoC will NOT work if compiled as a debug build. - PoC will trigger the...

Unit4 Polska TETA Web Authorization Bypass Vulnerability

Unit4 Polska TETA Web formerly known as TETA Galactica is a package of solutions including personnel, financial and logistics management systems from Unit4 Poland. An authorization bypass vulnerability exists in Unit4 Polska TETA Web version 22.62.3.4. Due to the program failing to properly...

Code injection

Unit4 Polska TETA Web formerly TETA Galactica 22.62.3.4 does not properly restrict access to the 1 Design Mode and 2 Debug Logger mode modules, which allows remote attackers to gain privileges via crafted "received parameters."...

NetScaler Gateway Rejects RADIUS Accept Request

RADIUS authentication is configured on NetScaler Gateway. RADIUS accepts the authentication and sends the correct message however NetScaler rejects the authentication. The RADIUS log files show that the authentication is accepted. The network trace shows that a message is sent from RADIUS server...

Linux x86_64 - /bin/sh

Linux x8664 - /bin/sh. Shellcode exploit for linx86-64 platform Exploit Title: Shellcode /bin/sh for Linux x8664 different approach Date: 2015-09-10 Exploit Author: Fanda Uchytil Version: 1 Tested on: Linux 3.16.0-4-amd64 Debian, 2.6.32-openvz-042stab093.5-amd64 Centos/RHEL based, 2.6.32-5-amd64...

libunwind: off-by-one in dwarf_to_unw_regnum()

An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usa...

Werkzeug 调试模式 命令执行

No description provided by source. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit4 'Werkzeug Debug Shell Command Execution', 'Description' = %q This module will exploi...

libunwind: off-by-one in dwarf_to_unw_regnum()

An off-by-one array indexing error was found in the libunwind API, which could cause an error when reading untrusted binaries or dwarf debug info data. Red Hat products do not call the API in this way; and it is unlikely that any exploitable attack vector exists in current builds or supported usa...

Mail.ru: [riot.mail.ru] Reflected XSS in debug-mode

Приветствую. Уязвимость существует за счёт отображения всех запросов к серверу в режиме отладки, доступными любому пользователю. Как следствие мы имеем 2 нехороших проблемы: 1 Full SQL Disclosure Run query: SELECT FROM forumconfig Run query: SELECT catid,name FROM forumcats ORDER BY orderid Run...

UNIT4TETA TETA WEB - Authorization Bypass vulnerability

Exploit for php platform in category web applications Title: UNIT4TETA TETA WEB - Authorization Bypass vulnerability Author: Lukasz Miedziński Date: 08. January 2015 CVE: CVE-2015-1173 Affected software : =================== UNIT4TETA TETA WEB 22.62.3.4 - newest version Older versions are probabl...

Werkzeug - Debug Shell Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit4 'Werkzeug Debug Shell Command Execution', 'Description' = %q This module will exploit the Werkzeug debug console to put...