SigPlus Pro 3.74 - ActiveX LCDWriteString() Remote BoF JIT Spray - aslr/dep bypass

No description provided by source. html !-- =================================================================================================== SigPlus Pro v3.74 ActiveX Signature Capture LCDWriteString Remote BoF JIT Spray - aslr/dep bypass Author: mrme - @StevenSeeley Download:...

JITed exec notepad Shellcode

No description provided by source. Title: JITed exec notepad shellcode EDB-ID: CVE-ID: OSVDB-ID: Author: Alexey Sintsov Published: Verified: yes Download N/A // JIT.swf // // By Alexey Sintsov // [email protected] // [email protected] // // DSecRG - Digital Security Research Group dsecrg.com // //...

velocity web-server 1.0 - Directory Traversal file download vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-028 Application: Velocity web-server a part of Velocity Security Management System Versions Affected: Old version 1.0 Vendor URL: http://hirschelectronics.com Bugs: Directory traversal File Download...

DNS Reverse Download and Exec Shellcode

No description provided by source. Shellcode: download and execute file via reverse DNS channel Features: Windows 7 tested UAC without work svchost.exe makes requests via getaddrinfo Firewall/Router/Nat/Proxy bypass reverse connection like dnscat do, but without sockets and stable! NO SOCKET DNS...

XOOPS 2.3.1 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Publ...

SAP NetWeaver J2EE MeSync信息泄露漏洞

SAP NetWeaver是SAP的集成技术平台和自从SAP Business Suite以来的所有SAP应用的技术基础。 SAP NetWeaver J2EE MeSync在实现上存在信息泄露漏洞，攻击者无需验证即可获取移动引擎版本和技术人员姓名等敏感信息。 SAP NetWeaver 厂商补丁： SAP --- SAP已经为此发布了一个安全公告（DSECRG-11-034）以及相应补丁: DSECRG-11-034：SAP NetWeaver J2EE MeSync – Information Disclose...

VMware Update Manager Directory Traversal

DSECRG-11-042 VMware Update Manager - Directory Traversal Application: VMware Update Manager Versions Affected: vCenter Update Manager 4.1 prior to Update 2, vCenter Update Manager 4.0 prior to Update 4 Vendor URL: http://vmware.com Bugs: Directory Traversal File Read CVE: CVE-2011-4404 CVSS2: 7....

[DSECRG-11-038] SAP RSTXSCRP report - smb relay vulnerability

DSECRG-11-038 SAP RSTXSCRP report - smb relay vulnerability SAP RSTXSCRP Report has path traversal vulnerability which can lead to SMB relay attack and full control on system. Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.SAP.com Bugs: Path traversal, SMBRelay...

[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability

DSECRG-11-033 SAP Crystal Report Server pubDBLogon - Linked ХSS vulnerability XSS vulnerability found in pubDBLogon.jsp page of SAP Crystal Report Server 2008. Application: SAP Crystal Report Server 2008 Versions Affected: SAP Crystal Report Server 2008 Vendor URL: http://www.sap.com Bugs: Linked...

[DSECRG-11-039] SAP NetWeaver TH_GREP module - Code injection vulnerability (NEW)

DSECRG-11-039 SAP NetWeaver THGREP module - Code injection vulnerability NEW THGREP report is vulnerable for command execution vulnerability which is working with previous patch note 1433101. Remote OS command execution is possible Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendo...

[DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS

SAP NetWeaver JavaMailExamples has linked XSS vulnerability. Digital Security Research Group DSecRG Advisory Internal DSecRG-00135 Application: SAP NetWeaver Versions Affected: SAP NetWeaver JavaMailExamples Vendor URL: http://www.SAP.com Bugs: XSS Exploits: YES Reported: 11.05.2010 Vendor...

SAP NetWeaver BW Doc Cross Site Scripting

DSECRG-11-037 SAP BW Doc - Multiple XSS BW DOC metadata application in SAP NetWeaver is vulnerable to XSS attack. Application: SAP NetWeaver Versions Affected: SAP NetWeaver Vendor URL: http://www.SAP.com Bugs: XSS Reported: 14.03.2011 Vendor response: 16.03.2011 Date of Public Advisory: 11.11.20...

DNS Reverse Download and Exec Shellcode

DNS Reverse Download and Exec Shellcode. Shellcode exploit for windows platform Shellcode: download and execute file via reverse DNS channel Features: Windows 7 tested UAC without work svchost.exe makes requests via getaddrinfo Firewall/Router/Nat/Proxy bypass reverse connection like dnscat do, b...

Re: [DSECRG-11-018] Kaspersky administration Kit - Remote code execution via SMBRelay

It was closed only for relayng to the same host but it is imposible to close relayng on another host which run processes st the same account. And also smbrelay patch did not work on clusters http://dsecrg.blogspot.com/2011/01/passthehash-bible-1-attacking.html...

[DSECRG-11-014] SAP GUI (sapgui) - DLL hijacking

DSECRG-11-014 SAP GUI sapgui - DLL hijacking SAP Front End applications SAPGui.exe are vulnerable to DLL hijacking attacks. It makes possible to remote code execution Digital Security Research Group DSecRG Advisory DSecRG-11-014 Internal DSecRG-00183 Application: SAP GUI Versions Affected: 6.4 -...

[DSECRG-11-012] SAP NetWeaver Integration Directory - multiple XSS

DSECRG-11-012 SAP NetWeaver Integration Directory - multiple XSS SAP NetWeaver Integration Directory has multiple linked XSS vulnerabilities. Digital Security Research Group DSecRG Advisory DSecRG-11-012 Internal DSecRG-00159 Application: SAP NetWeaver XI Versions Affected: SAP NetWeaver XI Vendo...

[DSECRG-00153] Oracle Document Capture Actbar2.ocx - insecure method

ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-00153 Application: Oracle Document Capture Versions Affected: Release 10gR3 Vendor URL: www.oracle.com Bugs: insecure method, File overwriting Exploits: YES Reported: 22.03.2010 Vendor response:...

Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow

Exploit for windows platform in category remote exploits Application: Oracle Document Capture Versions Affected: Oracle Document Capture 10.1.3.5 Vendor URL: http://oracle.com Bugs: Insecure method. Buffer overflow. Exploits: YES Reported: 14.12.2009 Vendor response: 15.12.2009 Date of Public...

Oracle Document Capture 10.1.3.5 Insecure Method / Buffer Overflow

ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-006 internal DSECRG-09-066 Application: Oracle Document Capture Versions Affected: Oracle Document Capture 10.1.3.5 Vendor URL: http://oracle.com Bugs: Insecure method. Buffer overflow. Exploits...

Oracle Document Capture 10.1.3.5 - Insecure Method / Buffer Overflow

Source: http://packetstormsecurity.org/files/view/97871/DSECRG-11-006.txt ActiveX components contain insecure methods. Digital Security Research Group DSecRG Advisory DSECRG-11-006 internal DSECRG-09-066 Application: Oracle Document Capture Versions Affected: Oracle Document Capture 10.1.3.5 Vend...