1. IT-Security >
  2. IT Security Tools

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese
Anzeige

IT Security Tools


Suchen

WordPress Snap Creek Duplicator Code Injection

IT Security Tools vom 12.12.2018 um 06:19 Uhr | Quelle packetstormsecurity.com
When the WordPress plugin Snap Creek Duplicator restores a backup, it leaves dangerous files in the filesystem such as installer.php and installer-backup.php. These files allow anyone to call a function that overwrite the wp-config.php file AND this function does not sanitize POST parameters before inserting them inside the wp-config.php file, leading to arbitrary PHP code execution. WARNING: This exploit WILL break the wp-config.php file. If possible try to restore backups of the configuration after the exploit to make the WordPress site work again.
Newsbewertung

Weiterlesen

WordPress Snap Creek Duplicator Code Injection

IT Security Tools vom 12.12.2018 um 06:19 Uhr | Quelle packetstormsecurity.com
When the WordPress plugin Snap Creek Duplicator restores a backup, it leaves dangerous files in the filesystem such as installer.php and installer-backup.php. These files allow anyone to call a function that overwrite the wp-config.php file AND this function does not sanitize POST parameters before inserting them inside the wp-config.php file, leading to arbitrary PHP code execution. WARNING: This exploit WILL break the wp-config.php file. If possible try to restore backups of the configuration after the exploit to make the WordPress site work again.
Newsbewertung

Weiterlesen

HotelDruid 2.3 SQL Injection

IT Security Tools vom 12.12.2018 um 06:12 Uhr | Quelle packetstormsecurity.com
HotelDruid version 2.3 suffers from a remote SQL injection vulnerability.
Newsbewertung

Weiterlesen

Apache OFBiz 16.11.05 Cross Site Scripting

IT Security Tools vom 12.12.2018 um 06:12 Uhr | Quelle packetstormsecurity.com
Apache OFBiz version 16.11.05 suffers from a cross site scripting vulnerability.
Newsbewertung

Weiterlesen

WordPress AutoSuggest 0.24 SQL Injection

IT Security Tools vom 12.12.2018 um 06:09 Uhr | Quelle packetstormsecurity.com
WordPress AutoSuggest plugin version 0.24 suffers from a remote SQL injection vulnerability.
Newsbewertung

Weiterlesen

ThinkPHP 5.x Remote Code Execution

IT Security Tools vom 12.12.2018 um 06:08 Uhr | Quelle packetstormsecurity.com
ThinkPHP versions prior to 5.0.23 and prior to 5.1.31 suffer from a remote code execution vulnerability.
Newsbewertung

Weiterlesen

Huawei B315s-22 Information Disclosure

IT Security Tools vom 12.12.2018 um 06:07 Uhr | Quelle packetstormsecurity.com
Huawei B315s-22 suffers from an information disclosure vulnerability.
Newsbewertung

Weiterlesen

Adobe ColdFusion 2018 Shell Upload

IT Security Tools vom 12.12.2018 um 06:06 Uhr | Quelle packetstormsecurity.com
Adobe ColdFusion 2018 suffers from a remote shell upload vulnerability.
Newsbewertung

Weiterlesen

TP-Link Archer C1200 Cross Site Scripting

IT Security Tools vom 12.12.2018 um 06:04 Uhr | Quelle packetstormsecurity.com
TP-Link Archer C1200 suffers from a cross site scripting vulnerability.
Newsbewertung

Weiterlesen

PrestaShop 1.6.x / 1.7.x Remote Code Execution

IT Security Tools vom 12.12.2018 um 05:59 Uhr | Quelle packetstormsecurity.com
PrestaShop versions 1.6.x and 1.7.x suffer from a remote code execution vulnerability.
Newsbewertung

Weiterlesen

Tourism Website Blog Code Execution / SQL Injection

IT Security Tools vom 12.12.2018 um 05:58 Uhr | Quelle packetstormsecurity.com
Tourism Website version Blog suffers from code execution and remote SQL injection vulnerabilities.
Newsbewertung

Weiterlesen

Alumni Tracer SMS Notification Cross Site Request Forgery / SQL Injection

IT Security Tools vom 12.12.2018 um 05:57 Uhr | Quelle packetstormsecurity.com
Alumni Tracer SMS version Notification suffers from cross site request forgery and remote SQL injection vulnerabilities.
Newsbewertung

Weiterlesen

Linux/x86 execve(/usr/bin/ncat -lvp 1337 -e /bin/bash) Shellcode

IT Security Tools vom 12.12.2018 um 05:56 Uhr | Quelle packetstormsecurity.com
95 bytes small Linux/x86 execve(/usr/bin/ncat -lvp 1337 -e /bin/bash) null-free shellcode.
Newsbewertung

Weiterlesen

PHP Source Code Analysis

IT Security Tools vom 12.12.2018 um 05:55 Uhr | Quelle packetstormsecurity.com
Whitepaper called PHP Source Code Analysis. Written in Turkish.
Newsbewertung

Weiterlesen

SmartFTP Client 9.0.2623.0 Denial Of Service

IT Security Tools vom 12.12.2018 um 05:53 Uhr | Quelle packetstormsecurity.com
SmartFTP Client version 9.0.2623.0 suffers from a denial of service vulnerability.
Newsbewertung

Weiterlesen

LanSpy 2.0.1.159 Buffer Overflow

IT Security Tools vom 12.12.2018 um 05:52 Uhr | Quelle packetstormsecurity.com
LanSpy version 2.0.1.159 suffers from a local buffer overflow vulnerability.
Newsbewertung

Weiterlesen

PrinterOn Enterprise 4.1.4 Arbitrary File Deletion

IT Security Tools vom 12.12.2018 um 05:50 Uhr | Quelle packetstormsecurity.com
PrinterOn Enterprise version 4.1.4 suffers from an arbitrary file deletion vulnerability.
Newsbewertung

Weiterlesen

CUPS Weak Session Cookie Generation

IT Security Tools vom 12.12.2018 um 05:46 Uhr | Quelle packetstormsecurity.com
CUPS generates session cookies srandom(time(NULL)) and random() on Linux.
Newsbewertung

Weiterlesen

Linux userfaultfd tmpfs File Permission Bypass

IT Security Tools vom 12.12.2018 um 05:45 Uhr | Quelle packetstormsecurity.com
Linux userfaultfd bypasses tmpfs file permissions.
Newsbewertung

Weiterlesen

Logitech Options Craft WebSocket Server Missing Authentication

IT Security Tools vom 12.12.2018 um 05:44 Uhr | Quelle packetstormsecurity.com
The Logitech "Options" craft websocket server has no authentication.
Newsbewertung

Weiterlesen

WebKit JIT Proxy Object Issue

IT Security Tools vom 12.12.2018 um 05:42 Uhr | Quelle packetstormsecurity.com
WebKit JIT int32/double arrays can have proxy objects in the prototype chains.
Newsbewertung

Weiterlesen

Ubuntu Security Notice USN-3844-1

IT Security Tools vom 12.12.2018 um 05:41 Uhr | Quelle packetstormsecurity.com
Ubuntu Security Notice 3844-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass same-origin restrictions, or execute arbitrary code. Multiple security issues were discovered in WebExtensions. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit these to open privileged pages, or bypass other security restrictions. Various other issues were also addressed.
Newsbewertung

Weiterlesen

Microsoft Security Bulletin CVE Revision Increment For December, 2018

IT Security Tools vom 12.12.2018 um 05:39 Uhr | Quelle packetstormsecurity.com
This Microsoft bulletin summary lists CVEs that have undergone a major revision increment.
Newsbewertung

Weiterlesen

Microsoft Security Update Summary For December 11, 2018

IT Security Tools vom 12.12.2018 um 05:38 Uhr | Quelle packetstormsecurity.com
This Microsoft summary lists Microsoft security updates released for December 11, 2018.
Newsbewertung

Weiterlesen

Microsoft Security Advisory Updates For December 11, 2018

IT Security Tools vom 12.12.2018 um 02:20 Uhr | Quelle packetstormsecurity.com
This Microsoft advisory notification includes advisories released or updated on December 11, 2018.
Newsbewertung

Weiterlesen

Dynamic Loader Oriented Programming - Wiederganger Proof Of Concept

IT Security Tools vom 12.12.2018 um 02:16 Uhr | Quelle packetstormsecurity.com
This paper and proof of concept describes the Wiederganger-Attack, a new attack vector that reliably allows to escalate unbounded array access vulnerabilities occurring in specifically allocated memory regions to full code execution on programs running on i386/x86_64 Linux. Wiederganger-attacks abuse determinism in Linux ASLR implementation combined with the fact that (even with protection mechanisms such as relro and glibc's pointer mangling enabled) there exist easy-to-hijack, writable (function) pointers in application memory.
Newsbewertung

Weiterlesen

BSidesLjubljana 2019 Call For Papers

IT Security Tools vom 12.12.2018 um 00:01 Uhr | Quelle packetstormsecurity.com
B-Sides Ljubljana will be held March 16th, 2019 in Ljubljana, Slovenia.
Newsbewertung

Weiterlesen

Ubuntu Security Notice USN-3837-2

IT Security Tools vom 11.12.2018 um 20:15 Uhr | Quelle packetstormsecurity.com
Ubuntu Security Notice 3837-2 - USN-3837-1 fixed vulnerabilities in poppler. A regression was reported regarding the previous update. This update fixes the problem. It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
Newsbewertung

Weiterlesen

Debian Security Advisory 4353-1

IT Security Tools vom 11.12.2018 um 20:15 Uhr | Quelle packetstormsecurity.com
Debian Linux Security Advisory 4353-1 - Multiple security issues were found in PHP, a widely-used open source denial of service/information disclosure when parsing malformed images, the Apache module allowed cross-site-scripting via the body of a insufficient input validation which can result in the execution of arbitrary shell commands in the imap_open() function and denial of service in the imap_mail() function.
Newsbewertung

Weiterlesen

CyberLink LabelPrint 2.5 Stack Buffer Overflow

IT Security Tools vom 11.12.2018 um 17:31 Uhr | Quelle packetstormsecurity.com
This Metasploit module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and below. The vulnerability is triggered when opening a .lpp project file containing overly long string characters via open file menu. This results in overwriting a structured exception handler record and take over the application. This Metasploit module has been tested on Windows 7 (64 bit), Windows 8.1 (64 bit), and Windows 10 (64 bit).
Newsbewertung

Weiterlesen

McAfee True Key 5.1.173.1 Privilege Escalation

IT Security Tools vom 11.12.2018 um 17:28 Uhr | Quelle packetstormsecurity.com
McAfee True Key version 5.1.173.1 on Windows 10 1809 has multiple issues in the implementation of the McAfee.TrueKey.Service which can result in privilege escalation through executing arbitrary processes or deleting files and directories.
Newsbewertung

Weiterlesen

Faraday 3.4

IT Security Tools vom 11.12.2018 um 17:26 Uhr | Quelle packetstormsecurity.com
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
Newsbewertung

Weiterlesen

Red Hat Security Advisory 2018-3817-01

IT Security Tools vom 11.12.2018 um 17:24 Uhr | Quelle packetstormsecurity.com
Red Hat Security Advisory 2018-3817-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat Fuse 6.3 and Red Hat A-MQ 6.3. It includes bug fixes, which are documented in the patch notes accompanying the package on the download page. See the download link given in the references section below. Security fix: Issues addressed include a cross site scripting vulnerability.
Newsbewertung

Weiterlesen

Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle

IT Security Tools vom 11.12.2018 um 02:53 Uhr | Quelle packetstormsecurity.com
Google Chrome version 70.0.3538.77 stable suffers from cross site scripting and man-in-the-middle vulnerabilities.
Newsbewertung

Weiterlesen

XNU POSIX Shared Memory Mapping Issue

IT Security Tools vom 11.12.2018 um 02:52 Uhr | Quelle packetstormsecurity.com
XNU POSIX has an issue where shared memory mapping have an incorrect maximum protection.
Newsbewertung

Weiterlesen

Seitennavigation

Seite 1 von 174 Seiten (Bei Beitrag 1 - 35)
6.056x Beiträge in dieser Kategorie

Nächste 2 Seite | Letzte Seite
[ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ]