:: Deepquest ::

This Metasploit module allows remote command execution on an IRC Bot developed by xdh. This perl bot was caught by Conor Patrick with his shellshock honeypot server and is categorized by Markus Zanke as an fBot (Fire & Forget – DDoS Bot). Matt Thayer also found this script which has a description of LinuxNet perlbot. […]

This Metasploit module exploits a remote command execution on the Legend Perl IRC Bot . This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, and ability to gain root, […]

WordPress S3 Video plugin suffers from a remote shell upload vulnerability. Versions prior to 0.91 are affected.

Gokhan Balbal version 2.0 suffers from a cross site request forgery vulnerability.

Joomla Nice Ajax Poll component version 1.4.0 suffers from a remote SQL injection vulnerability.

Skybox Platform versions 7.0.611 and below suffer from code execution, remote SQL injection, cross site scripting, and directory traversal vulnerabilities.

Apple Security Advisory 2015-12-08-1 – iOS 9.2 is now available and addresses at least 50 security vulnerabilities.

Apple Security Advisory 2015-12-08-5 – Safari 9.0.2 is now available and addresses a dozen vulnerabilities.

Apple Security Advisory 2015-12-08-6 – Xcode 7.2 is now available and addresses four vulnerabilities.

Apple Security Advisory 2015-12-08-3 – OS X El Capitan 10.11.2 and Security Update 2015-008 is now available and addresses 54 vulnerabilities.