6692 matches found
linux/x86 Typewriter Shellcode Generator
!/usr/bin/env python Typewriter Shellcode Generator Paw Petersen, SLAE-656 https://www.pawpetersen.dk/typewriter-shellcode-generator-linux-x86/ import sys,struct string = sys.argv1 length = struct.pack"= lenstring: if lenchunk 4: asmstringchunk =...
New Evasion Techniques Help AlienSpy RAT Spread Citadel Malware
Hackers have co-opted AlienSpy, a remote access tool, to deliver the Citadel banking Trojan and establish backdoors inside a number of critical infrastructure operations. AlienSpy is a descendent of the Adwind, Unrecom and Frutas Java-based remote access Trojans, according to security company...
CVE-2015-0225
CVE-2015-0225 affects Apache Cassandra 1.2.0–1.2.19, 2.0.0–2.0.13, and 2.1.0–2.1.3, where an unauthenticated JMX/RMI interface bound to all network interfaces allows remote attackers to execute arbitrary Java code via RMI. The connected advisories indicate this is a regression path tracked in lat...
Palo Alto Traps Server 3.1.2.1546 - Persistent XSS Vulnerability
Exploit for windows platform in category web applications !/usr/bin/ruby =begin ------------------------------------------------------------------------ Product: Palo Alto Traps Server formerly Cyvera Endpoint Protection Vendor: Palo Alto Networks Vulnerable Versions: 3.1.2.1546 Tested Version:...
eBay Fixes File Upload and Patch Disclosure Bugs
eBay has fixed a pair of security vulnerabilities in its site that could enable attackers to upload executable files disguised as benign file types, construct full path URLs and then point victims to them through drive-by download attacks. The first bug resulted from the failure of an eBay page t...
Debian DLA-150-1 : unzip security update
A flaw was found in the testcompreb function allowing out-of-bounds read and write access to memory locations. By carefully crafting a corrupt ZIP archive an attacker can trigger a heap overflow, resulting in application crash or possibly having other unspecified impact. Additionally this update...
Static Analysis Tool: Bindead
The tool is based on the dynamic instrumentation framework PIN from Intel. Currently PIN is only working with the x86 architecture. Additionally, bintrace currently is limited to the Linux platform but will be ported to Windows when there is the need to. Actually, building for Windows might work...
FreeBSD : GNU binutils -- multiple vulnerabilities (f6a014cd-d268-11e4-8339-001e679db764)
US-CERT/NIST reports : The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE...
IT-Grundschutz M4.023: Sicherer Aufruf ausführbarer Dateien
IT-Grundschutz M4.023: Sicherer Aufruf ausführbarer Dateien. Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4023.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.023 Authors: Thomas Rotter Copyright: Copyright c 2015 Greenbone Networks GmbH,...
CVE-2015-0941
The Inetc plugin for Nullsoft Scriptable Install System NSIS, as used in CERT/CC Failure Observation Engine FOE and other products, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and possibly execute arbitrary code by sending a craft...
Code injection
The Inetc plugin for Nullsoft Scriptable Install System NSIS, as used in CERT/CC Failure Observation Engine FOE and other products, does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and possibly execute arbitrary code by sending a craft...
CVE-2015-0941
CVE-2015-0941 : The Inetc plug‑in for NSIS does not validate SSL certificates, enabling MITM attacks that could spoof servers and potentially execute arbitrary code during download of Windows executables. Affected: NSIS Inetc plug‑in (used in FOE and other products). Impact: possible arbitrary co...
Moderate: Red Hat Enhancement Advisory: elfutils bug fix and enhancement update
Updated elfutils packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 7. The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The elfutils packages have been...
Apple iOS 8.x < 8.1.1 Multiple Vulnerabilities.
Binary data 8940.prm...
CVE-2015-2194
Unrestricted file upload vulnerability in the fusionoptions function in functions.php in the Fusion theme 3.1 for Wordpress allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension in a fusionsave action, then accessing it via unspecified vector...
WordPress Fusion Theme <= 3.1 - Arbitrary File Upload
Because of this vulnerability in this Fusion theme, the authenticated users can execute arbitrary code by uploading a file with an executable extension in a fusionsave action and then accessing it via unspecified vectors. Solution Update the theme...
D-Link DCS-931L with firmware unlimited file upload vulnerability
The D-Link DCS-931L is a D-Link home wireless network camera. An unrestricted file upload vulnerability exists in the D-Link DCS-931L with firmware 1.04 earlier, which could allow a remote, authenticated user to execute arbitrary code by uploading a file with an executable file extension...
CVE-2015-2049
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension...
CVE-2015-2049
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension...
CVE-2015-1604
Unrestricted file upload vulnerability in asys/site/files.php in Adminsystems CMS before 4.0.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/files/...