Claimed Zero Day exploit in Samba. February 5th 2010. A user named "kcopedarookie" posted what they claim to be a video of a zero-day exploit in Samba on youtube yesterday.. The video shows modifications to smbclient allowing /etc/passwd to be downloaded from a remote server.
A vulnerability in WordPress allows an attacker to cause a denial of service condition on the server. WordPress is an open-source content management system (CMS) installed on many web servers. A directory traversal vulnerability was seen in the Core Ajax handlers of the WordPress Admin API.
Directory traversal attacks arise when there are misconfigurations that allow access to directories above the root, permitting an attacker to view or modify system files. This type of attack is also known as path traversal, directory climbing, backtracking, or the dot-dot-slash (../) attack because of the characters used.
Details ‘Vulnerable systems: * SolarWinds TFTP Server version 5.0.55 and prior. Immune systems: * SolarWinds TFTP Server version 5.0.60. SolarWinds.net’s TFTP Server is susceptible to a folder traversal attack allowing attackers to retrieve any file from the application.
See full list on veracode.com