Threat Outbreak Alert RuleID24604: Email Messages Distributing Malicious Software on August 25, 2016

Medium Alert ID: 48595 First Published: 2016 August 25 13:42 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID24604 may contain the following files: Name |...

Wowza Streaming Engine 4.5.0 Cross Site Request Forgery

i? Wowza Streaming Engine 4.5.0 CSRF Add Advanced Admin Exploit Vendor: Wowza Media Systems, LLC. Product web page: https://www.wowza.com Affected version: 4.5.0 build 18676 Platform: JSP Summary: Wowza Streaming Engine is robust, customizable, and scalable server software that powers reliable...

Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection

Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on...

Cerber: Analyzing a Ransomware Attack Methodology To Enable Protection

Ransomware is a common method of cyber extortion for financial gain that typically involves users being unable to interact with their files, applications or systems until a ransom is paid. Accessibility of cryptocurrency such as Bitcoin has directly contributed to this ransomware model. Based on...

WordPress Event Registration 6.02.02 XSS / SQL Injection

Exploit Title: WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS Discovery Date: 2016/03/13 Public Disclosure Date: 2016/05/09 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x | https://codemetrix.net Vendor Homepage: http://wpeventregister.com/...

QEMU pcnet_receive 堆缓冲区溢出漏洞(CVE-2015-7504)

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： https://lists.gnu.org/archive/html/qemu-devel/2015-11/msg06342.html pcnet是虚拟化软件QEMU中实现AMD PCNET网卡功能模拟的组件，相关的代码实现位于/hw/net/pcnet.c中。 在qemu软件中使用pcnet网卡，需要如下的命令行进行配置： qemu-system-x8664 centos-6.5-x64.img -m 1024 - net nic,model=pcnet -net user...

Microsoft Internet Explorer and Edge CVE-2015-6140 Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer and Edge are prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. They can then execute arbitrary code in the context of the currently logged-in user. Faile...

Docker Remote API 未授权访问

介绍 docker 在使用集群管理如:Kubernetes,swarm时，要使用remote api对节点进行管理.remote api无认证时的默认端口是2375需要TLS认证默认登录是2376。 remote api默认是可以不需要认证能直接访问，能直接对docker进行操作,如新建容器,删除容器,查看镜像容器信息等... remote api操作方法见docker官方文档 检测docker remote api 未授权访问可以使用curl或者直接用浏览器访问 http://ip:2375/info 如果返回了json证明漏洞存在，如下图 其他参考链接...

Microsoft Windows Kernel - 'win32k!vSolidFillRect' Buffer Overflow (MS15-061)

Source: https://code.google.com/p/google-security-research/issues/detail?id=313 The PoC triggers a pool buffer overflow in win32k!vSolidFillRect. ​When using Special Pool we get the crash immediately on the overwrite. Without Special Pool we often get a crash in the same function, but sometimes i...

What is a "good" memory corruption vulnerability?

Posted by Chris Evans, register whisperer. Part 1 of 4. There are a lot of memory corruption vulnerabilities in software, but not all are created equal. To a certain degree, the “usefulness” of a given memory corruption vulnerability is determined by how reliably it might be exploited. In some...

WordPress Wordfence Plugin <= 5.2.3 - Multiple Vulnerabilities

This plugin is prone to stored XSS, insufficient logging, throttle bypass and exploit detection bypass vulnerabilities. Solution Update plugin...

某高校在用系统sql注入（DBA）（无需登录）

简要描述： 详细说明： WooYun: 某高校在用系统sql注入（打包）（DBA）（无需登录）2 上一个 注入文件fileformat.asp 参数txtFormatName 案例 202.195.243.37/tasi/admin/system/fileformat.asp --data "txtFormatName=sss&txtFormatExt=sss&txtFormatVersion=sss&cboFileType=1&formatid=0&action=add&btnSaveFormat=%B1%A3%B4%E6" -p txtFormatName...

某政府系统一处SQL注入

简要描述： RT 详细说明： 山东农友软件公司官网:http://www.nongyou.com.cn/ 案例如下： http://61.133.119.187:8091/symItemView/ItemFourth.aspx?id=1 http://222.135.76.147:8200/symItemView/ItemFourth.aspx?id=1 http://222.135.127.190:7200/symItemView/ItemFourth.aspx?id=1 http://221.2.149.47:8200/symItemView/ItemFourth.aspx?id=1...

Microsoft Windows ATMFD Font Driver Information Disclosure (MS15-021: CVE-2015-0089; CVE-2015-1670)

This protection will detect and block attempts to exploit this vulnerability...

Samba smbd ServerPasswordSet RPC Memory Corruption (CVE-2015-0240)

This protection will detect and block attempts to exploit this vulnerability...

How to Detect Exploits of the GHOST Buffer Overflow Vulnerability

The GHOST vulnerability is a buffer overflow condition that can be easily exploited locally and remotely, which makes it extremely dangerous. This vulnerability is named after the GetHOSTbyname function involved in the exploit. Attackers utilize buffer overflow vulnerabilities like this one by...

IP Board 3.x CSRF Token Theft

Title: IP Board 3.x CSRF - Token hjiacking Date: 03.09.14 Version: = 3.4.6 Vendor: invisionpower.com Author: Piotr S. Video-PoC: https://www.youtube.com/watch?v=G5P21TA4DjY 1 Introduction Latest and propabbly previous IPB verions suffers on vulnerability, which allows attacker to steal CSRF token...

DZ所有版本都存在一个设计缺陷

简要描述： 试试可以不先吧。 详细说明： 不会分析源码。。木有去分析了。。 最新版本。。目测所有版本都存在。。我们来数据库备份下。 恭喜您，成功创建 3 个备份文件，备份全部完成。 ./data/backupf4b1fa/140811tv3zcb3Z-1.sql ./data/backupf4b1fa/140811tv3zcb3Z-2.sql ./data/backupf4b1fa/140811tv3zcb3Z-3.sql 这个。看起来很长似得。。 data/backupf4b1fa/140811tv3zcb3Z-1.sql...

释锐教育区校版电子书包教学平台XSS漏洞

简要描述： 看到http://www.wooyun.org/bugs/wooyun-2010-051965过了，我也来了 存储型xss 详细说明： 利用官方demo测试 http://demo.31390.com:8080/eLearning/user.html 随意点击一个用户 在留言处写入xss语句 点击留言试试 直接就给弹了。。 看看源代码 毫无过滤 测试地址：http://demo.31390.com:8080/eLearning/message/s800.html 其实本身是html文件，给予xss很大空间 测试一下通用性...

Bs Auction Script SQL Injection Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs Auction Script Sqli Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL :http://www.brotherscripts.com/...