OracleVM 3.3 : glibc (OVMSA-2014-0017)

The remote OracleVM system is missing necessary patches to address critical security updates : - Remove gconv transliteration loadable modules support CVE-2014-5119, - nlfindlocale: Improve handling of crafted locale names CVE-2014-0475, - Don't use alloca in addgetnetgrentX 1087789. - Adjust...

Server: Local Path Disclosure when using Asset Pipeline

ownCloud 7 introduced the so-called "Asset Pipeline". It is disabled by default, but can be enabled by setting asset-pipeline.enabled to true in config.php When the setting is enabled ownCloud concatenates all CSS and JS files into a single large blob file. Thus the amount of initial required...

Half of Leading USB Controller Chips Vulnerable to BadUSB

BadUSB hasn’t gone from bad to worse necessarily, but it sure has reached a new state of confusion for security experts and consumers in the crosshairs. Researcher Karsten Nohl, who warned the world during Black Hat last summer that the controller chips in most USB devices could be reprogrammed t...

CVE-2014-3756

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service hang and resource consumption via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the 1 user or 2 channel name in a Qt dialog, 3...

UBUNTU-CVE-2014-3756

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service hang and resource consumption via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the 1 user or 2 channel name in a Qt dialog, 3...

CVE-2014-3756

The client in Mumble 1.2.x before 1.2.6 allows remote attackers to force the loading of an external file and cause a denial of service hang and resource consumption via a crafted string that is treated as rich-text by a Qt widget, as demonstrated by the 1 user or 2 channel name in a Qt dialog, 3...

CVE-2014-3756

The CVE-2014-3756 issue affects Mumble 1.2.x prior to 1.2.6, where a crafted string treated as rich-text in Qt widgets (user/channel name, Certificate Wizard fields, or tooltip server name) can force loading of an external file and cause a denial-of-service (hang/resource consumption). The root c...

Java RMI Server Insecure Default Configuration Java Code Execution

This module takes advantage of the default configuration of the RMI Registry and RMI Activation services, which allow loading classes from any remote HTTP URL. As it invokes a method in the RMI Distributed Garbage Collector which is available via every RMI endpoint, it can be used against both...

OpenJDK: LogRecord use of incorrect CL when loading ResourceBundle (Libraries, 8042797)

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Libraries...

Twiki Perl 4.x, 5.x, 6.x Upload Bypass / Code Execution Vulnerabilities

The debugenableplugins request parameter in Twiki versions 4.x, 5.x, and 6.0.0 allows arbitrary Perl code execution and suffer from a file upload bypass vulnerability. This is an advisory for TWiki administrators: The debugenableplugins request parameter allows arbitrary Perl code execution...

RBS Change Complet Open Source 3.6.8 - CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: RBS Change Complet Open Source CSRF Google Dork: intext:"une réalisation rbs" Date: 10/01/2014 Exploit Author: KrustyHack Vendor Homepage: http://www.rbschange.fr/ Software Link:...

Ubuntu 14.04 LTS : QEMU vulnerabilities (USN-2342-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2342-1 advisory. Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the...

USN-2342-1 qemu, qemu-kvm vulnerabilities

Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. CVE-2013-4148, CVE-2013-4149, CVE-2013-4150,...

glibc: directory traversal in LC_* locale handling

A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value for example, specified in an LC environment variable could possibly use this flaw to execute arbitrary code with the privileges of that...

Mac OS X <= 10.4.8 pppd Plugin Loading Privilege Escalation Exploit

No description provided by source. Mac OS X = 10.4.8 pppd Plugin Loading Privilege Escalation Exploit http://www.exploit-db.com/sploits/05252007-osxpppd.tar milw0rm.com 2007-05-25...

PHPenpals <= 1.1 (mail.php ID) Remote SQL Injection Exploit

No description provided by source. !usr/bin/perl |------------------------------------------------------------------------------------------------------------------ | -Info: | -Name: Phpenpals | -Version: = 1.1 | -Site: http://sourceforge.net/projects/phpenpals/ | -Download Script:...

IBM AIX <= 5.3 sp6 pioout Arbitrary Library Loading Local Root Exploit

No description provided by source. !/bin/sh 07/2007: public release IBM AIX = 5.3 sp6 echo ------------------------------- echo AIX pioout Local Root Exploit echo By qaaz echo ------------------------------- cat piolib.c EOF include stdlib.h include unistd.h void init attribute constructor; void...

Wireshark console.lua pre-loading vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

MS IE 4.0/4.0.1/5.0/5.0.1/5.5 preview Security Zone Settings Lag Vulnerability

No description provided by source. Microsoft Internet Explorer 4.0 for Windows 3.1/Windows 95,Internet Explorer 5.0 for Windows 2000/Windows 95/Windows 98/Windows NT 4,Internet Explorer 5.5 preview,Internet Explorer 4.0.1 for Windows 98/Windows NT 4.0,Internet Explorer 5.0.1 Security Zone Setting...

phpMoneyBooks 1.0.2 - Local File Inclusion

涉及文件: /index.php 85-94L php else include'header.php'; if$GETfile=="" $GETfile="index.php"; iffileexists"modules/".$GETmodule."/".$GETfile include"modules/".$GETmodule."/".$GETfile; else echo "error"; 程序会根据传递的 $GETmodule 参数来动态加载程序的处理模块: include"modules/".$GETmodule."/".$GETfile;...