A critical vulnerability is discovered in GNU C Library (glibc). The GNU C Library, commonly known as glibc, is the GNU Project’s implementation of the C standard library and a core part of the Linux operating system. GNU C Library (glibc) is used in most of the Linux distributions, which is prone to a heap-based […]

Read More →

  Last Microsoft Patch Tuesday of this year brings Seven security bulletins covering a total of 24 vulnerabilities. Now the total count for this year reached to 85. The high priority fix is for Internet Explorer, Microsoft Word and Microsoft Office Web Apps, VBScript Scripting Engine. Internet Explorer alone addresses 14 out of 24 vulnerabilities. […]

Read More →

This month Microsoft has released 14 security bulletins addressing a total of 33 vulnerabilities. The high priority fix is for Windows OLE, Internet Explorer, Windows Schannel and XML Core Services. Internet Explorer alone addresses 17 out of 33 vulnerabilities and it includes fix for 0-day vulnerability CVE-2014-6352 in the Windows OLE. This month Four bulletins […]

Read More →

A new zero-day vulnerability (CVE-2014-1776) in Internet Explorer is being used in a targeted attacks, which was discovered by the security firm FireEye. A memory corruption vulnerability exists in Internet Explorer that can be used to execute arbitrary code and according to FireEye blog, this zero-day exploit can bypasses both ASLR and DEP. The flaw […]

Read More →

SecPod Research Team member (Veerendra G.G) wrote Metasploit module for Fitnesse Wiki Remote Command Execution Vulnerability. Metasploit Module can be found here. ## # This module requires Metasploit: http//metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require ‘msf/core’ class Metasploit3 < Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, ‘Name’ => ‘Fitnesse Wiki Remote […]

Read More →