-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small
Business RV Series Routers
Advisory ID: cisco-sa-20141105-rv
Revision 1.0
For Public Release 2014 November 5 16:00 UTC (GMT)
#!/usr/bin/python
#Exploit Title:i.Hex Local Crash Poc
#Homepage:http://www.memecode.com/ihex.php
#Software Link:www.memecode.com/data/ihex-win32-v0.98.exe
#Version:i.Hex-v0.98 (Win32 Release)
#Description:i.Hex is a small and free graphical Hex Editor for Windows..
#Tested on:Win7 32bit
#Exploit
#!/usr/bin/python
#Exploit Title:i.Mage Local Crash Poc
#Homepage:http://www.memecode.com/image.php
#Software
Link:http://sourceforge.net/projects/image-editor/files/i.mage-win32-v111.exe/download
#Version:i.i.Mage v1.11 (Win32 Release)
#Description:i.Mage is a small and fast graphics editor
#!/usr/bin/python
#Exploit Title:i-FTP Buffer Overflow SEH
#Homepage:http://www.memecode.com/iftp.php
#Software Link:www.memecode.com/data/iftp-win32-v220.exe
#Version:i.Ftp v2.20 (Win32 Release)
#Vulnerability discovered:26.10.2014
#Description:Simple portable cross platform FTP/SFTP/HTTP client.
Hi,
This is the 6th part of the ManageOwnage series. For previous parts see [1].
This time we have two 0 day vulns (CVE-2014-6038 and 6039) that can be
abused to dump information from the database and obtain the superuser
credentials for Windows and AS/400 hosts which are managed by EventLog
Cisco RV Series multiple vulnerabilities
Yorick Koster, June 2013
Abstract
SEC Consult Vulnerability Lab Security Advisory 20141106-0
===
title: XXE XSS Arbitrary File Write vulnerabilities
product: Symantec Endpoint Protection
vulnerable version: 12.1.4023.4080
fixed
Hello,
Cross Site Scripting (XSS) vulnerability exists in videowhisper module for
Drupal 7.
Vendor Notification: 22, Oct 2014
Vulnerable file:
drupal/modules/videowhisper/vwrooms/js/jsor-jcarousel/examples/special_textscroller.php
POC:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3065-1 secur...@debian.org
http://www.debian.org/security/Sebastien Delafond
November 06, 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3066-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
November 06, 2014
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-3067-1 secur...@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
November 06, 2014
-BEGIN PGP SIGNED MESSAGE-
CA20141103-01: Security Notice for CA Cloud Service Management
Issued: November 3, 2014
CA Technologies Support is alerting customers to four resolved
vulnerabilities with CA Cloud Service Management. Four vulnerabilities
existed that could potentially allow a
The modem usually serves html files protects them with HTTP Basic
authentication. however, the cgi files, does not get this protection. so simply
requesting any cgi file (without no authentication) would give a remote
attacker full access to the modem and then can easily be used to root the
Hardcoded default misconfiguration - The modem comes with admin:admin user
credintials.
Stored XSS -
http://192.168.1.1/psilan.cgi?action=saveethIpAddress=192.168.1.1ethSubnetMask=255.255.255.0hostname=ZXDSL83C1IIdomainname=home%27;alert%280%29;//enblUpnp=1enblLan2=0
Any user browsing to
TR-069 Client page: Stored. executes when users go to
http://192.168.1.1/tr69cfg.html
Title: XCloner Wordpress/Joomla! backup Plugin v3.1.1 (Wordpress) v3.5.1
(Joomla!) Vulnerabilities
Author: Larry W. Cashdollar, @_larry0
Date: 10/17/2014
Download: https://wordpress.org/plugins/xcloner-backup-and-restore/
Download:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FundaciĆ³n Dr. Manuel Sadosky - Programa STIC Advisory
http://www.fundacionsadosky.org.ar
Insecure management of login credentials in PicsArt Photo Studio for
Android
1. *Advisory Information*
Title: Insecure management of login credentials in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-14:24.sshd Security Advisory
The FreeBSD Project
Topic:
18 matches
Mail list logo