Eventum - Insecure File Permissions

source: https://www.securityfocus.com/bid/65186/info Eventum is prone to an insecure file-permission vulnerability. An attacker can exploit this issue to reinstall vulnerable application. This may aid in further attacks. Eventum 2.3.4 is vulnerable; other versions may also be affected. Following...

CVE-2014-1642

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service memory corruption and hypervisor crash and possibly...

Double free

The IRQ setup in Xen 4.2.x and 4.3.x, when using device passthrough and configured to support a large number of CPUs, frees certain memory that may still be intended for use, which allows local guest administrators to cause a denial of service memory corruption and hypervisor crash and possibly...

Out-of-memory condition yielding memory corruption during IRQ setup

ISSUE DESCRIPTION When setting up the IRQ for a passed through physical device, a flaw in the error handling could result in a memory allocation being used after it is freed, and then freed a second time. This would typically result in memory corruption. IMPACT Malicious guest administrators can...

D-Link DSL-2750u ME_1.09 - Cross-Site Request Forgery

D-Link DSL-2750u ME1.09 - Cross-Site Request Forgery Exploit Title: D-Link DSL-2750U CSRF Vulnerability Author: khaledmohdarMysterious guy E-mail: [email protected]/khaledmohdar Category: Hardware Google Dork: N/A Vendor: http://www.dlink.com/ Firmware Version: ME1.09 Product:...

CVE-2012-3047

Cross-site scripting XSS vulnerability in the web-wizard setup page on Cisco Scientific Atlanta D20 and D30 cable modems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

samba4 security and bug fix update

4.0.0-58.rc4 - Fix winbind lsat reconnection code, avoids ntlmv2-only session setup problems - resolves: 949993 4.0.0-57.rc4 - resolves: 984809 - CVE-2013-4124: DoS via integer overflow when reading an EA list 4.0.0-56.rc4 - Fix libwbclient.so.0 symlink. - resolves: 882338 - Fix correct linking o...

CVE-2013-1418

The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted request...

[FoxOne] Free OSINT Tool - Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author th3j35t3r as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel o...

Encapsulating Security Payload (ESP) Session Setup

Binary data 8041.prm...

Microsoft Windows AutoRuns Setup

Binary data windowsautorunssetup.nbin...

RSS Macro should not trust all content from the origin server by default.

The RSS feed macro currently appears to be enabled by default in Confluence. This is contrary to the information contained in the following Confluence documentation: https://confluence.atlassian.com/display/DOC/RSS+Feed+Macro While a whitelist is enforced by default, as confluence implicitly trus...

CVE-2012-4086

CVE-2012-4086 affects Cisco Unified Computing System (UCS) fabric interconnect devices. The issue resides in the initial setup script, where unfiltered input during configuration can be exploited by an unauthenticated, remote attacker to execute arbitrary commands on the underlying OS with the da...

CVE-2012-4087

A cluster setup script for fabric interconnect devices in Cisco Unified Computing System UCS allows remote attackers to execute arbitrary commands via invalid parameters, aka Bug ID CSCtg20793...

CVE-2012-4087

Cisco UCS Fabric Interconnect devices contain a vulnerability in the cluster initial setup script that allows an unauthenticated, remote attacker to execute arbitrary commands via invalid parameters. The root cause is unfiltered input during the initial configuration phase, restricting exploitati...

[iodine] Tunnel application to forward IPv4 traffic through DNS servers (IP over DNS)

iodine lets you tunnel IPv4 data through a DNS server. This can be usable in different situations where internet access is firewalled, but DNS queries are allowed. It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a TUN/TAP device. The bandwidth is asymmetrical with limit...

Share KM 1.0.19 - Remote Denial of Service

Share KM 1.0.19 - Remote Denial of Service Advisory Information : ====================== Title : Share KM 1.0.19 - Remote Denial Of Service Advisory ID : Cr02013-001 Product : Share KM desktop setup file Vendor : SmartUX Vulnerable Versions : 1.0.19 and probably prior release Tested Version :...

tcp(port&seq) backdoor

Автор: slashd Что это? Реализации скрытого канала передачи данных на сервер с помощью стандартных полейв нашем случае поля SEQ и Source Port TCP-заголовка. Теоритическая часть. Реализовать скрытую передачу данных с помощью TCP-заголовка можно несколькими способами. Клиентхакер иницирующий...

[wEAPe] Weape-Wireless-EAP-Extractor Script

Auto extracts EAP 802.1x user names Features Sets up wireless card into monitor mode Lists all APs Associates with AP's you wish Extracts domain user names from any connects using EAP Requirements airodump tool set Tested on Backtrack 5 and Kali. Download wEAPe...

Information disclosure

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving 1 direct access to a file or 2 the user-setup web page...