Remote unauthenticated attackers who connect to the OfficeScan XG application can temporarily start the "fcgiOfcDDA.exe" executable this process will run for short time before dies, server disk space may also be consumed with dump files by making continous HTTP requests.
Trend Micro OfficeScan is vulnerable to a Man-in-the-Middle (MITM) attack due to the CURL request used by Send() function in "HttpTalk.php" having both CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST set to false. This allows an attacker to intercept and modify the communication between the OfficeScan server and the OfficeScan agent, allowing for remote code execution.
OfficeScan XG 'Unauthorized Change Prevention Service' is a Local SYSTEM service that is supposed to protect OfficeScan processes like 'PccNTMon.exe' from being terminated, and also prevents unauthorized arbitrary registry settings being made to the protected machine even by an Administrator. However, we can easily bypass by exploiting Windows Image File Execution Options (IFEO) to hijack the service process. IFEO has been used by malwares for some time to prevent process from running or execute a process of an attackers choosing in place of the process the user expects.
Remote unauthenticated attackers who can reach the TrendMicro OfficeScan XG application which usually runs on port 4343 can download the OfficeScan XG encryption "crypt.key" file. This crypt.key is used for the OfficeScan XG encryption process.
This vulnerability allows an unauthenticated attacker to execute arbitrary Java code on a system running Cisco Prime Collaboration Provisioning server < 12.1 via a scripttext parameter in the ScriptMgr page.
This exploit is for CentOS-7 kernel versions 3.10.0-514.21.2.el7.x86_64 and 3.10.0-514.26.1.el7.x86_64. It is a privilege escalation exploit which allows a user to gain root access. It is based on a race condition in the Linux kernel's implementation of the PIE (Position Independent Executable) feature. The exploit is written in C and uses the dup2() function to redirect the standard input, output and error streams to the same file descriptor. It then uses the getpid(), getresuid() and getresgid() functions to get the process ID, user ID and group ID of the current process. Finally, it uses the capget() function to get the capabilities of the current process.
This exploit is a stack buffer overflow exploit which is used to gain access to a system by sending malicious code to a vulnerable application. The malicious code is sent as an input buffer which is then executed by the vulnerable application. The malicious code is sent as part of an HTTP POST request to the vulnerable application. The malicious code contains shellcode which is then executed by the vulnerable application.
This module exploits a directory traversal vulnerability found in the LAquis SCADA application. The vulnerability is triggered when sending a series of dot dot slashes (../) to the vulnerable NOME parameter found on the listagem.laquis file. This module was tested against v4.1.0.2385
This exploit allows an attacker to execute arbitrary code on a vulnerable Fibaro device. The exploit works by sending a specially crafted HTTP request to the device, which contains a base64 encoded payload. The payload is then decoded and executed on the device.
The vulnerability allows an student members to inject sql commands.... Proof of Concept: http://localhost/[PATH]/?apartment-dashboard=user&page=message&tab=view_message&from=inbox&id=[SQL] -50++UNION(SELECT(1),(2),(3),(4),(5),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(7),(8))--+- Etc..
Services By CQR