A critical vulnerability is discovered in GNU C Library (glibc). The GNU C Library, commonly known as glibc, is the GNU Project’s implementation of the C standard library and a core part of the Linux operating system. GNU C Library (glibc) is used in most of the Linux distributions, which is prone to a heap-based […]

Read More →

RealPlayer is vulnerable to multiple stack based buffer overflow vulnerabilities (CVE-2013-7260). This flaw allows attackers to execute arbitrary code and take complete control of the system remotely. Affected versions of RealPlayer are before 17.0.4.61 on Windows systems. The vulnerability is because of the way ‘version’ and ‘encoding’ attribute in the XML declaration of an RMP […]

Read More →

SecPod Research Team member (Prabhu S Angadi) has found Denial Of Service Vulnerability in Netmechanica NetDecision HTTP Server. The vulnerability is caused due to improper validation of long malicious HTTP request to web server, which allows remote attackers to crash the service. POC : Download here. More information can be found here. CVE Info : […]

Read More →

SecPod Research Team member (Veerendra G.G) wrote Metasploit module for BisonFTP Server Remote Buffer Overflow Vulnerability. Metasploit : Download here. ## # $Id: bison_server_bof.rb 2011-08-19 03:13:45Z veerendragg $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework […]

Read More →

SecPod Research Team member (Veerendra G.G) wrote Metasploit module for Freefloat FTP Server APPE Command Overflow Vulnerability. Metasploit : Download here. ## # $Id: freefloat_ftp_apee_cmd.rb 2011-07-19 03:13:45Z veerendragg $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # […]

Read More →

SecPod Research Team member (Veerendra G.G) has found multiple Buffer Overflow vulnerabilities in Freefloat FTP Server. The flaws are caused due to input validation errors while processing DELE, MDTM, RETR, RMD, RNFR, RNTO, STOU, STOR, SIZE, APPE, STAT commands. The buffer is overflown by sending overly long command arguments, which can be exploited to execute […]

Read More →