WPScan is a vulnerability scanning product. Remote attackers can use WPScan to detect vulnerabilities on a target WordPress server.
Monthly Archives: February 2015
Sweet Orange Exploit Kit Landing Page
Sweet Orange exploit kit is a web exploit kit that operates by delivering malicious payload to the victim’s computer. Remote attackers can infect users with Sweet Orange exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution on the victim’s computer.
WordPress Photo Gallery Plugin Unrestricted File Upload (CVE-2014-9312)
An unauthorized file upload vulnerability has been reported in WordPress Photo Gallery Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
SAP SQL Anywhere .NET Data Provider Column Alias Buffer Overflow (CVE-2014-9264)
A buffer overflow vulnerability exists in SAP SQL Anywhere .NET Data Provider. The vulnerability is caused by insufficient boundary checks in the handling of column aliases. If an application allows untrusted input to be used as the column alias in an SQL query, by sending crafted requests to the application, an attacker can overflow a stack-based buffer. A successful attack will result in arbitrary code execution in the context of the application.
WordPress Shopping Cart Plugin Unrestricted File Upload (CVE-2014-9308)
An unauthorized file upload vulnerability has been reported in WordPress Shopping Cart Plugin. A remote attacker could exploit this vulnerability by uploading a file to a server running the vulnerable application. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.
WordPress Survey And Poll Plugin SQL Injection
An SQL injection vulnerability has been reported in WordPress Survey and Poll Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.
Schneider Electric ProClima ATX45 SetHtmlFileName Heap Buffer Overflow (CVE-2014-8511)
A code execution vulnerability has been reported in Schneider Electric ProClima. The vulnerability is due to a heap buffer overflow when processing user supplied parameter input to SetHtmlFileName in the Atx45.ocx ActiveX control. A remote unauthenticated attacker could exploit this vulnerability by enticing a user into opening a specially crafted web page.
Analysis Of Fake Antivirus Malware Delivery
This is a brief whitepaper that documents how the author analyzed malicious javascript and a host used for slinging fake antivirus software.
CVE-2015-0240
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
I2P 0.9.18
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.