seeing is believing

Recent Files

Files RSS Feed
SUSE/Portus 2.2 Cross Site Scripting
Posted Sep 19, 2017
Authored by Ricardo Sanchez

SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
systems | linux, suse
DlxSpot Hardcoded Password
Posted Sep 19, 2017
Authored by Simon Brannstrom

DlxSpot Player4 LED video wall has a hardcoded password that allows you to ssh in and escalate to root.

tags | exploit, root
DlxSpot Shell Upload
Posted Sep 19, 2017
Authored by Simon Brannstrom

DlxSpot Player4 LED video wall suffers from a remote shell upload vulnerability. Versions greater than 1.5.10 are affected.

tags | exploit, remote, shell
DlxSpot SQL Injection
Posted Sep 19, 2017
Authored by Simon Brannstrom

DlxSpot Player4 LED video wall suffers from a remote SQL injection vulnerability that allows for authentication bypass. Versions greater than 1.5.10 are affected.

tags | exploit, remote, sql injection
Microsoft Edge Partial Page Loading Memory Corruption
Posted Sep 19, 2017
Authored by Ivan Fratric, Google Security Research

There is a security issue in Microsoft Edge related to how HTML documents are loaded. If Edge displays a HTML document from a slow HTTP server, it is possible that a part of the document is going to be rendered before the server has finished sending the document. It is also possible that some JavaScript code is going to trigger. By making DOM modifications before the document had a chance of fully loading, followed by another set of DOM modifications after the page has been loaded, it is possible to trigger memory corruption that could possibly lead to an exploitable condition.

tags | exploit, web, javascript
Microsoft Windows Kernel win32k!NtQueryCompositionSurfaceBinding Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtQueryCompositionSurfaceBinding.

tags | exploit, kernel
systems | windows
Microsoft Windows Kernel win32k!NtGdiHLSurfGetInformation Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiHLSurfGetInformation.

tags | advisory, kernel
systems | windows
Microsoft Windows Kernel win32k!NtGdiDoBanding Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiDoBanding.

tags | exploit, kernel
systems | windows
Microsoft Edge COptionsCollectionCacheItem::GetAt Out-Of-Bounds Read
Posted Sep 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 (Microsoft EdgeHTML 14.14393) as well as Microsoft Edge 40.15063.0.0 (Microsoft EdgeHTML 15.15063).

tags | exploit, remote, code execution
Microsoft Windows Kernel win32k!NtGdiEngCreatePalette Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiEngCreatePalette.

tags | exploit, kernel
systems | windows
Microsoft Windows Kernel win32k!NtGdiGetFontResourceInfoInternalW Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a stack memory disclosure vulnerability in win32k!NtGdiGetFontResourceInfoInternalW.

tags | exploit, kernel
systems | windows
Microsoft Windows Kernel TTF Font Processing glyf Out-Of-Bounds Read
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel win32k.sys TTF font processing suffers from an out-of-bounds read vulnerability with a malformed glyf table.

tags | exploit, kernel
systems | windows
Microsoft Windows Kernel TTF Font Processing Out-Of-Bounds
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel win32k.sys TTF font procession functionality suffers from out-of-bounds read/write vulnerabilities.

tags | exploit, kernel, vulnerability
systems | windows
Microsoft Windows Kernel nt!NtSetIoCompletion / nt!NtRemoveIoCompletion Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in nt!NtSetIoCompletion and nt!NtRemoveIoCompletion.

tags | exploit, kernel
systems | windows
Microsoft Windows Kernel win32k!NtGdiGetPhysicalMonitorDescription Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a memory disclosure in win32k!NtGdiGetPhysicalMonitorDescription.

tags | exploit, kernel
systems | windows
Microsoft Windows Kernel win32k!NtGdiGetGlyphOutline Memory Disclosure
Posted Sep 19, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel pool suffers from a memory disclosure vulnerability in win32k!NtGdiGetGlyphOutline.

tags | exploit, kernel
systems | windows
RECON Brussels 2018 Call For Papers
Posted Sep 19, 2017
Authored by RECON Brussels 2018 | Site recon.cx

RECON Brussels has announced it's call for papers. The conference will take place January 29th through February 4th, 2018 in Brussels, Belgium.

tags | paper, conference
Watchguard Firebox / XTM XML-RPC Empty Member Denial Of Service
Posted Sep 19, 2017
Authored by David Fernandez

Watchguard's Firebox and XTM appliances suffer from an XML-RPC empty member denial of service vulnerability. Firmware versions below 12.0 were found to be vulnerable.

tags | exploit, denial of service
Kernel Live Patch Security Notice LSN-030-1
Posted Sep 19, 2017
Authored by Benjamin M. Romer

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux
iBall ADSL2+ Home Router Authentication Bypass
Posted Sep 19, 2017
Authored by Gem George

iBall ADSL2+ Home Router suffers from multiple authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
UTStar WA3002G4 ADSL Broadband Modem Authentication Bypass
Posted Sep 19, 2017
Authored by Gem George

UTStar WA3002G4 ADSL Broadband Modem suffers from multiple authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
ZKTeco ZKTime Web 2.0.1.12280 Information Disclosure
Posted Sep 19, 2017
Authored by Arvind Vishwakarma

ZKTeco ZKTime Web version 2.0.1.12280 suffers from an information disclosure vulnerability.

tags | exploit, web, info disclosure
ZKTeco ZKTime Web 2.0.1.12280 Cross Site Request Forgery
Posted Sep 19, 2017
Authored by Arvind Vishwakarma

ZKTeco ZKTime Web version 2.0.1.12280 suffers from a cross site request forgery vulnerability.

tags | exploit, web, csrf
Microsoft Security Bulletin CVE Update For September, 2017
Posted Sep 19, 2017
Site microsoft.com

This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.

tags | advisory
Red Hat Security Advisory 2017-2760-01
Posted Sep 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2760-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
View Older Files →

Recent News

News RSS Feed
400,000 Brits Caught Up In Equifax Breach
Posted Sep 19, 2017

tags | headline, privacy, britain, data loss, fraud
Piriform's CCleaner Found Backdoored
Posted Sep 19, 2017

tags | headline, hacker, malware, virus, flaw, backdoor
Rogue WordPress Plugin Allowed Spam Injection
Posted Sep 17, 2017

tags | headline, spam, flaw, wordpress
The NSA's 12-Year Struggle To Follow The Law
Posted Sep 17, 2017

tags | headline, government, privacy, usa, fraud, backdoor, nsa
Trump Calls For Internet To Be Cut Off From Terrorists
Posted Sep 17, 2017

tags | headline, government, usa, britain, terror
Equifax Replaces Key Staff Members Post Breach
Posted Sep 17, 2017

tags | headline, privacy, cybercrime, data loss, fraud
Chrome To Label FTP Sites Insecure
Posted Sep 15, 2017

tags | headline, google, chrome
Iceland Home Delivery Site Spills Customer Details
Posted Sep 15, 2017

tags | headline, privacy, data loss, flaw
Kaspersky: You Can Trust Us Despite US Govt Ban
Posted Sep 15, 2017

tags | headline, government, malware, usa, virus, russia, cyberwar
Apple: Just Squeeze The iPhone X If You're Forced Into A Face ID Unlock
Posted Sep 15, 2017

tags | headline, privacy, phone, password, apple
View More News →

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close