Squid is an open-source web caching and Internet proxy application which is widely used for speeding up the webserver and aiding in its security. A heap buffer overflow vulnerability has been discovered in some versions of the Squid web proxy cache servers. This vulnerability is tracked as CVE-2019-12527 and could be exploited by attackers to […]

Read More →

A critical vulnerability is discovered in GNU C Library (glibc). The GNU C Library, commonly known as glibc, is the GNU Project’s implementation of the C standard library and a core part of the Linux operating system. GNU C Library (glibc) is used in most of the Linux distributions, which is prone to a heap-based […]

Read More →

RealPlayer is vulnerable to multiple stack based buffer overflow vulnerabilities (CVE-2013-7260). This flaw allows attackers to execute arbitrary code and take complete control of the system remotely. Affected versions of RealPlayer are before 17.0.4.61 on Windows systems. The vulnerability is because of the way ‘version’ and ‘encoding’ attribute in the XML declaration of an RMP […]

Read More →

SecPod Research Team member (Prabhu S Angadi) has found Denial Of Service Vulnerability in Netmechanica NetDecision HTTP Server. The vulnerability is caused due to improper validation of long malicious HTTP request to web server, which allows remote attackers to crash the service. POC : Download here. More information can be found here. CVE Info : […]

Read More →

SecPod Research Team member (Veerendra G.G) wrote Metasploit module for BisonFTP Server Remote Buffer Overflow Vulnerability. Metasploit : Download here. ## # $Id: bison_server_bof.rb 2011-08-19 03:13:45Z veerendragg $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework […]

Read More →

SecPod Research Team member (Veerendra G.G) wrote Metasploit module for Freefloat FTP Server APPE Command Overflow Vulnerability. Metasploit : Download here. ## # $Id: freefloat_ftp_apee_cmd.rb 2011-07-19 03:13:45Z veerendragg $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # […]

Read More →