Raspberry Pi rpi-update local root exploit.
eb425fb5dff9ccde638741a61ae7293c083ce15b1bae70498443b5f2d1266c53mnoGoSearch versions 3.3.12 and below suffer from a remote arbitrary file reading vulnerability.
4ce6391275ebcf82cc0d71269cc513d548d1524a7ada46989e6ad77b72ba5374ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
10eb834de2fa6982ccc269893a4471d82a6ce319bd2b9d1ec9ebaaa49e7348edRemote File Manager version 1.2 suffers from local file inclusion and cross site scripting vulnerabilities.
d4f323635cd134616fe6d6be7a379500bde929af4a526251741e9055b3ec049eAirDrive HD version 1.6 suffers from a remote shell upload vulnerability.
c95530599bb7854ae1c1a95d4c662b8df01f349e55a8c1ad9fdf91971d4c27ddApple Security Advisory 2013-03-04-1 - Multiple vulnerabilities existed in Java 1.6.0_41, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox, have been addressed.
486fbb59279643ffefc29cb9c279270f2e09f0a3061209f032b324a9f5df9eb3The Samsung S3 suffers from a full locked screen bypass vulnerability that leverages the emergency call functionality.
07dbd817e19051a73e3b038f74ba358fa9d86ca04ef8533c04d05d153ed844ebWordPress Count-Per-Day plugin version 3.2.5 suffers from a cross site scripting vulnerability.
c901ea104dae7cd82bc27597ec9226df9dea2c49fd18096ba71ae48f547821b5conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
d4b0f42a9e814e9f2c95bb5dbaa7bd02a418114e019d6fa85d6b22ff20c95b6aThis Metasploit module exploits a vulnerability in Viscosity 1.4.1 on Mac OS X. The vulnerability exists in the setuid ViscosityHelper, where an insufficient validation of path names allows execution of arbitrary python code as root. This Metasploit module has been tested successfully on Viscosity 1.4.1 over Mac OS X 10.7.5.
6327eb13b7e692d86e8bb599155a99f74615d2b9fede67b7da69c91955b632d0This Metasploit module exploits a vulnerability in Tunnelblick 3.2.8 on Mac OS X. The vulnerability exists in the setuid openvpnstart, where an insufficient validation of path names allows execution of arbitrary shell scripts as root. This Metasploit module has been tested successfully on Tunnelblick 3.2.8 build 2891.3099 over Mac OS X 10.7.5.
507856bf61b21ad51655751579b11e6da1882fa1c03d6e1c87ca1f635ed4b4adDebian Linux Security Advisory 2637-1 - Several vulnerabilities have been found in the Apache HTTPD server.
df4a25fbca27c25ef035e661c510b7163133d490ce4c001639ad8fc981090c93Debian Linux Security Advisory 2638-1 - Multiple buffer overflows were discovered in OpenAFS, the implementation of the distributed filesystem AFS, which might result in denial of service or the execution of arbitrary code.
beec56a1ae79f00e06c17c220389314f0f1c195350e1f8166cdca4a953c9035cRed Hat Security Advisory 2013-0590-01 - The nss-pam-ldapd packages provide the nss-pam-ldapd daemon, which uses a directory server to lookup name service information on behalf of a lightweight nsswitch module. An array index error, leading to a stack-based buffer overflow flaw, was found in the way nss-pam-ldapd managed open file descriptors. An attacker able to make a process have a large number of open file descriptors and perform name lookups could use this flaw to cause the process to crash or, potentially, execute arbitrary code with the privileges of the user running the process.
5d8ce3bf3e429d0588efc5bb523f1d11034fee2fa34e9de097579a469ee0704dRed Hat Security Advisory 2013-0589-01 - Git is a fast, scalable, distributed revision control system. It was discovered that Git's git-imap-send command, a tool to send a collection of patches from standard input to an IMAP folder, did not properly perform SSL X.509 v3 certificate validation on the IMAP server's certificate, as it did not ensure that the server's hostname matched the one provided in the CN field of the server's certificate. A rogue server could use this flaw to conduct man-in-the-middle attacks, possibly leading to the disclosure of sensitive information.
996ad81aae9b46cd0dd95179cc78371f204748f453aacb1506117a71af891611
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed