en TRENDnet SecurView Wireless Network Camera TV-IP422WN Buffer Overflow By packetstormsecurity.com Published On :: Tue, 25 Nov 2014 15:45:15 GMT The TRENDnet UltraCam ActiveX Control UltraCamX.ocx suffers from a stack buffer overflow vulnerability when parsing large amount of bytes to several functions in UltraCamLib, resulting in memory corruption overwriting several registers including the SEH. An attacker can gain access to the system of the affected node and execute arbitrary code. Versions TV-IP422WN and TV-IP422W are affected. Full Article
en UCanCode Remote Code Execution / Denial Of Service By packetstormsecurity.com Published On :: Thu, 24 Nov 2016 01:34:22 GMT UCanCode has active-x vulnerabilities which allow for remote code execution and denial of service attacks. Full Article
en Bash Profile Persistence By packetstormsecurity.com Published On :: Mon, 16 Dec 2019 16:05:47 GMT This Metasploit module writes an execution trigger to the target's Bash profile. The execution trigger executes a call back payload whenever the target user opens a Bash terminal. A handler is not run automatically, so you must configure an appropriate exploit/multi/handler to receive the callback. Full Article
en Google Chrome 80.0.3987.87 Denial Of Service By packetstormsecurity.com Published On :: Mon, 23 Mar 2020 15:56:15 GMT Google Chrome version 80.0.3987.87 heap-corruption remote denial of service proof of concept exploit. Full Article
en Odin Secure FTP Expert 7.6.3 Site Info Denial Of Service By packetstormsecurity.com Published On :: Mon, 30 Mar 2020 10:02:22 GMT Odin Secure FTP Expert version 7.6.3 Site Info denial of service proof of concept exploit. Full Article
en FlashFXP 4.2.0 Build 1730 Denial Of Service By packetstormsecurity.com Published On :: Tue, 31 Mar 2020 14:32:44 GMT FlashFXP version 4.2.0 build 1730 denial of service proof of concept exploit. Full Article
en Nsauditor 3.2.0.0 Denial Of Service By packetstormsecurity.com Published On :: Sat, 04 Apr 2020 10:11:11 GMT Nsauditor version 3.2.0.0 denial of service proof of concept exploit. Full Article
en Product Key Explorer 4.2.2.0 Denial Of Service By packetstormsecurity.com Published On :: Sat, 04 Apr 2020 17:22:22 GMT Product Key Explorer version 4.2.2.0 Key denial of service proof of concept exploit. Full Article
en Frigate 3.3.6 Denial Of Service By packetstormsecurity.com Published On :: Sun, 05 Apr 2020 18:22:22 GMT Frigate version 3.3.6 denial of service proof of concept exploit. Full Article
en UltraVNC Launcher 1.2.4.0 Denial Of Service By packetstormsecurity.com Published On :: Sun, 05 Apr 2020 19:22:22 GMT UltraVNC Launcher version 1.2.4.0 Password denial of service proof of concept exploit. Full Article
en UltraVNC Viewer 1.2.4.0 Denial Of Service By packetstormsecurity.com Published On :: Sun, 05 Apr 2020 22:22:22 GMT UltraVNC Viewer version 1.2.4.0 VNCServer denial of service proof of concept exploit. Full Article
en UltraVNC Launcher 1.2.4.0 Denial Of Service By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 18:19:58 GMT UltraVNC Launcher version 1.2.4.0 RepeaterHost denial of service proof of concept exploit. Full Article
en SpotAuditor 5.3.4 Denial Of Service By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 18:24:36 GMT SpotAuditor version 5.3.4 Name denial of service proof of concept exploit. Full Article
en ZOC Terminal 7.25.5 Denial Of Service By packetstormsecurity.com Published On :: Mon, 06 Apr 2020 18:28:10 GMT ZOC Terminal version 7.25.5 denial of service proof of concept exploit. Full Article
en dnsmasq-utils 2.79-1 Denial Of Service By packetstormsecurity.com Published On :: Tue, 07 Apr 2020 16:37:01 GMT dnsmasq-utils version 2.79-1 dhcp_release denial of service proof of concept exploit. Full Article
en ZOC Terminal 7.25.5 Denial Of Service By packetstormsecurity.com Published On :: Tue, 07 Apr 2020 16:38:18 GMT ZOC Terminal version 7.25.5 Script denial of service proof of concept exploit. Full Article
en Amcrest Dahua NVR Camera IP2M-841 Denial Of Service By packetstormsecurity.com Published On :: Wed, 08 Apr 2020 16:48:06 GMT Amcrest Dahua NVR Camera IP2M-841 denial of service proof of concept exploit. Full Article
en Facebook Suspends Tens Of Thousands Of Apps Over Privacy Issues By packetstormsecurity.com Published On :: Mon, 23 Sep 2019 16:52:46 GMT Full Article headline privacy facebook social
en AG Barr Asks Facebook To Not Use End To End Encryption By packetstormsecurity.com Published On :: Fri, 04 Oct 2019 13:47:34 GMT Full Article headline government privacy usa spyware facebook social cryptography
en Snowden Shouldn't Be Extradited To US If He Testifies About NSA Spying, Says Swiss Gov By packetstormsecurity.com Published On :: Mon, 08 Sep 2014 21:28:14 GMT Full Article headline government usa cyberwar spyware switzerland
en Encrypted Email Service ProtonMail Opens Door For Tor Users By packetstormsecurity.com Published On :: Thu, 19 Jan 2017 13:55:21 GMT Full Article headline government privacy email spyware cryptography switzerland
en envt.c By packetstormsecurity.com Published On :: Wed, 27 Sep 2006 21:40:32 GMT A simple program to inject linux shellcode into the environment and find its location in memory. It contains 8 shellcodes for x86, sparc, mips, and ppc. Full Article
en Linux sock_sendpage() NULL Pointer Dereference By packetstormsecurity.com Published On :: Fri, 11 Sep 2009 22:46:01 GMT Linux 2.4 and 2.6 kernel sock_sendpage() NULL pointer dereference exploit. The third and final version of this exploit. This third version features: Complete support for i386, x86_64, ppc and ppc64; The personality trick published by Tavis Ormandy and Julien Tinnes; The TOC pointer workaround for data items addressing on ppc64 (i.e. functions on exploit code and libc can be referenced); Improved search and transition to SELinux types with mmap_zero permission. Full Article
en Inout PPC Engine Cross Site Request Forgery By packetstormsecurity.com Published On :: Sun, 11 Mar 2012 15:22:22 GMT Inout PPC Engine suffers from a cross site request forgery vulnerability. Full Article
en Linux Kernel Sendpage Local Privilege Escalation By packetstormsecurity.com Published On :: Thu, 19 Jul 2012 00:45:23 GMT The Linux kernel failed to properly initialize some entries the proto_ops struct for several protocols, leading to NULL being derefenced and used as a function pointer. By using mmap(2) to map page 0, an attacker can execute arbitrary code in the context of the kernel. Several public exploits exist for this vulnerability, including spender's wunderbar_emporium and rcvalle's ppc port, sock_sendpage.c. All Linux 2.4/2.6 versions since May 2001 are believed to be affected: 2.4.4 up to and including 2.4.37.4; 2.6.0 up to and including 2.6.30.4 Full Article
en Norweigian Oil And Defense Industries Are Hit By A Major Cyber Attack By packetstormsecurity.com Published On :: Fri, 18 Nov 2011 16:43:19 GMT Full Article headline cyberwar norway
en E-Voting Experiments Ends In Norway Amid Security Fears By packetstormsecurity.com Published On :: Sun, 29 Jun 2014 16:46:22 GMT Full Article headline government flaw norway
en Oracle Rushes Out Emergency Apache DoS Patch By packetstormsecurity.com Published On :: Mon, 19 Sep 2011 13:16:26 GMT Full Article headline flaw oracle apache
en Apache OpenOffice Security Fixes Emerge By packetstormsecurity.com Published On :: Sat, 19 May 2012 01:35:07 GMT Full Article headline flaw patch apache
en Apache ActiveMQ Flaws Leave Servers Open To DoS Attacks By packetstormsecurity.com Published On :: Mon, 09 Mar 2015 20:04:49 GMT Full Article headline denial of service flaw apache
en Apache Vulnerabilities Spotted In OpenWhisk And Tomcat By packetstormsecurity.com Published On :: Wed, 25 Jul 2018 17:02:58 GMT Full Article headline flaw apache
en Serious Apache Server Bug Gives Root To Baddies In Shared Environments By packetstormsecurity.com Published On :: Thu, 04 Apr 2019 14:38:10 GMT Full Article headline flaw apache
en American Express Bitten By XSS Bugs Again By packetstormsecurity.com Published On :: Sat, 20 Dec 2008 08:30:00 GMT Full Article usa xss
en Attention Symantec - There Is A Bug Crawling On Your Website By packetstormsecurity.com Published On :: Wed, 15 Apr 2009 10:59:55 GMT Full Article symantec xss
en XSS Flaws Poke Ridicule At Entertainment Industry By packetstormsecurity.com Published On :: Fri, 08 May 2009 09:06:46 GMT Full Article flaw xss
en RubyOnRails XSS Vulnerability Claims Twitter, Basecamp And My Confidence By packetstormsecurity.com Published On :: Thu, 03 Sep 2009 14:57:22 GMT Full Article xss twitter
en Anti-Virus Vendor Trio Plug Website Flaws By packetstormsecurity.com Published On :: Mon, 04 Oct 2010 10:06:13 GMT Full Article virus flaw xss
en Patchy App Development Security Slammed By packetstormsecurity.com Published On :: Thu, 08 Dec 2011 16:29:13 GMT Full Article headline flaw xss csrf
en Linux / FreeBSD TCP-Based Denial Of Service By packetstormsecurity.com Published On :: Tue, 18 Jun 2019 15:50:02 GMT Netflix has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels. The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed _"SACK Panic_," allows a remotely-triggered kernel panic on recent Linux kernels. There are patches that address most of these vulnerabilities. If patches can not be applied, certain mitigations will be effective. Full Article
en macOS Kernel wait_for_namespace_event() Race Condition / Use-After-Free By packetstormsecurity.com Published On :: Wed, 18 Dec 2019 14:08:33 GMT In the macOS kernel, the XNU function wait_for_namespace_event() in bsd/vfs/vfs_syscalls.c releases a file descriptor for use by userspace but may then subsequently destroy that file descriptor using fp_free(), which unconditionally frees the fileproc and fileglob. This opens up a race window during which the process could manipulate those objects while they're being freed. Exploitation requires root privileges. Full Article
en Kenya's Treasury Website Attacked By Hackers By packetstormsecurity.com Published On :: Thu, 06 Jan 2011 16:41:58 GMT Full Article headline hacker africa
en Hackers Shut Down NDDC Website Over Presidential Inauguration By packetstormsecurity.com Published On :: Fri, 27 May 2011 13:41:54 GMT Full Article headline hacker africa
en Nigerian Scams Are Hyper-Efficient Idiot Finders By packetstormsecurity.com Published On :: Thu, 21 Jun 2012 15:23:35 GMT Full Article headline cybercrime fraud africa scam
en Megaupload Sequel Faces Gabon's Suspension Order Setback By packetstormsecurity.com Published On :: Thu, 08 Nov 2012 00:49:22 GMT Full Article headline government usa africa riaa mpaa new zealand
en Dexter Payment Card Malware Strikes South Africa By packetstormsecurity.com Published On :: Wed, 16 Oct 2013 15:27:10 GMT Full Article headline malware bank cybercrime fraud africa
en Kenya Breaks Chinese-Run Cyber Crime Network By packetstormsecurity.com Published On :: Thu, 04 Dec 2014 16:23:39 GMT Full Article headline hacker china cybercrime fraud africa cyberwar
en Ebola Outbreak Reaches City Of 1 Million Residents By packetstormsecurity.com Published On :: Sat, 15 Dec 2018 14:26:52 GMT Full Article headline africa science
en Huawei Africa Spying Claims Denied By packetstormsecurity.com Published On :: Fri, 16 Aug 2019 16:22:30 GMT Full Article headline government china africa spyware facebook
en Kenya Court Halts Biometric ID Over Data Fears By packetstormsecurity.com Published On :: Fri, 31 Jan 2020 15:28:36 GMT Full Article headline government privacy africa
en Cisco And Juniper Clientless VPNs Expose Netizens By packetstormsecurity.com Published On :: Mon, 30 Nov 2009 00:44:39 GMT Full Article cisco juniper
