Exploit the possiblities
Showing 1 - 25 of 127 RSS Feed

Files

Packet Storm New Exploits For May, 2013
Posted Jun 2, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 126 exploits added to Packet Storm in May, 2013.

tags | exploit
systems | linux
MD5 | 420edd93481c1c231ac2bb0a81ac27ea
Lianja SQL 1.0.0RC5.1 db_netserver Stack Buffer Overflow
Posted May 31, 2013
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the db_netserver process which is spawned by the Lianja SQL server. The issue is fixed in Lianja SQL 1.0.0RC5.2.

tags | exploit, overflow
advisories | CVE-2013-3563
MD5 | c879e1e5716cef4a74c310721de2df60
Logic Print 2013 Stack Overflow
Posted May 30, 2013
Authored by h1ch4m

Logic Print 2013 suffers from a stack overflow vulnerability.

tags | exploit, overflow
MD5 | 60d562cf4cecc4e09481af86d3e6cafd
Intrasrv Simple Web Server 1.0 Code Execution
Posted May 30, 2013
Authored by xis_one

Intrasrv Simple Web Server version 1.0 SEH based remote code execution exploit.

tags | exploit, remote, web, code execution
MD5 | 31b991d92947bef68ace5984045918d6
ModSecurity Remote Null Pointer Dereference
Posted May 29, 2013
Authored by Younes JAAIDI

When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically crash on every call to "forceRequestBodyVariable" (in phase 1). This is the proof of concept exploit. Versions prior to 2.7.4 are affected.

tags | exploit, proof of concept
advisories | CVE-2013-2765
MD5 | 3ec20deb201d633f1e0a6aa83d0a8955
Monkey HTTPD 1.1.1 Denial Of Service
Posted May 29, 2013
Authored by dougtko

Monkey HTTPD version 1.1.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2013-3724
MD5 | effe5ada65d21861a151015fbb49eebf
YeaLink IP Phone Firmware 9.70.0.100 Missing Authentication
Posted May 29, 2013
Authored by b0hr

YeaLink IP Phone firmware versions 9.70.0.100 and below suffer from an unauthenticated phone call vulnerability.

tags | exploit, bypass
MD5 | 40b8c4b2eff1d8eba72f06fe7174751b
TP-LINK WR842ND Directory Traversal
Posted May 29, 2013
Authored by Adam Simuntis

TP-LINK WR842ND suffers from a remote directory traversal vulnerability.

tags | exploit, remote, file inclusion
MD5 | fc57682595f0e68afdcfb0f7926bf6dc
TP-Link IP Camera Hardcoded Credentials / Command Injection
Posted May 28, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon | Site coresecurity.com

TP-Link IP cameras suffer from hard-coded credential and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2013-2573, CVE-2013-2572
MD5 | 0397c9178afefc912805b6d1eaa763a1
SIEMENS Solid Edge ST4 SEListCtrlX Code Execution
Posted May 28, 2013
Authored by rgod | Site retrogod.altervista.org

SIEMENS Solid Edge ST4 SEListCtrlX active-x control SetItemReadOnly suffers from an arbitrary memory rewrite remote code execution vulnerability. Proof of concept included.

tags | exploit, remote, arbitrary, code execution, activex, proof of concept
systems | linux
MD5 | a118dcd112785d12a39adf1ac5528e02
MayGion IP Camera Path Traversal / Buffer Overflow
Posted May 28, 2013
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - MayGion IP cameras suffer from path traversal and buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2013-1604, CVE-2013-1605
MD5 | f611d0febd66099704178b71f51b7e29
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
Posted May 28, 2013
Authored by Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a heap based buffer overflow in the C1Tab ActiveX control, while handling the TabCaption property. The affected control can be found in the c1sizer.ocx component as included with IBM SPSS SamplePower 3.0. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1.

tags | exploit, overflow, activex
systems | windows, xp, 7
advisories | CVE-2012-5946, OSVDB-92845
MD5 | ce698c98303b4f1491ee2e51696534d3
Barracuda SSL VPN 680 2.2.2.203 Open Redirect
Posted May 28, 2013
Authored by Chokri Ben Achor, Dave Farrow | Site vulnerability-lab.com

Barracuda SSL VPN 680 2.2.2.203 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 92b9652ea5e66ccbc8052e5c1c8aa05c
Zavio IP Camera Command Injection / Bypass
Posted May 28, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - Zavio IP cameras based on firmware versions 1.6.03 and below suffer from bypass, hard-coded credential, and arbitrary command execution vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2013-2567, CVE-2013-2568, CVE-2013-2569, CVE-2013-2570
MD5 | 4034e4e1cb09253908be504ce863394f
PayPal France SQL Injection
Posted May 28, 2013
Authored by Karim H.B. | Site vulnerability-lab.com

PayPal's France site suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0915999ca83f319843c81a0f28decd6e
PayPal Cross Site Scripting
Posted May 28, 2013
Authored by Un0wn_X

The sitewide search functionality in PayPal suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 011f110352aa76b4a4cb5e24a5af8cee
HP LaserJet Pro P1606dn Password Reset
Posted May 28, 2013
Authored by m3tamantra

HP LaserJet Pro version P1606dn suffers from a direct access administrative password reset vulnerability.

tags | exploit
MD5 | 2887bc47e46fb27a5d89450a5d75dc64
SIEMENS Solid Edge ST4 WebPartHelper Command Execution
Posted May 27, 2013
Authored by rgod | Site retrogod.altervista.org

SIEMENS Solid Edge ST4 WebPartHelper active-x control RFMSsvs!JShellExecuteEx suffers from a remote command execution vulnerability. Proof of concept included.

tags | exploit, remote, activex, proof of concept
systems | linux
MD5 | bdd9cbfc1d8fd0e77ab4e70228ce55c6
aCMS 1.0 XSS / Content Spoofing / Information Leak
Posted May 27, 2013
Authored by MustLive

aCMS versions 1.0 and below suffer from cross site scripting, content spoofing, and information leakage vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | ef60b36f9e4cb4eb001cd1234a172f2a
WordPress User Role Editor 3.12 Cross Site Request Forgery
Posted May 27, 2013
Authored by Henry Hoggard

WordPress User Role Editor plugin version 3.12 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 51e7ad9a4254bdb10ba13e9830ba62d7
ADIF Log Search Widget 1.0e Cross Site Scripting
Posted May 27, 2013
Authored by Keith Makan

ADIF Log Search Widget version 1.0e suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f8f39044ee3ee8a24cd4e913c949407d
Vanilla Forums 2.0.18.8 XSS / Insecure Permissions
Posted May 27, 2013
Authored by Henry Hoggard

Vanilla Forums version 2.0.18.8 suffers from cross site scripting and insecure permission vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 2adddbf01651388cdee8d4cdf8bb0fa5
LG Optimus G Command Injection
Posted May 26, 2013
Authored by Justin Case

LG Optimus G E973 suffers from a command injection vulnerability.

tags | exploit
advisories | CVE-2013-3666
MD5 | 88dae3dc849c0a28c31d7472976a1106
PayPal.com Cross Site Scripting
Posted May 26, 2013
Authored by Robert Kugler

PayPal.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e0510a6ae665212350dde6d7b1af5ab8
SAS Integration Technologies Client 9.31_M1 Buffer Overflow
Posted May 25, 2013
Authored by LiquidWorm | Site zeroscience.mk

The SASspk module (SASspk.dll) version 9.310.0.11307, has a function called 'RetrieveBinaryFile()' which has one parameter called 'bstrFileName' which takes arguments as strings as defined in the function itself as ISPKBinaryFile from the SASPackageRetrieve library. Stack-based buffer overflow was discovered in one of the fuzzing processes that could allow arbitrary code execution by an attacker when exploiting the non-sanitized 'bstrFileName' parameter.

tags | exploit, overflow, arbitrary, code execution
systems | windows
MD5 | efd20de629163443af84ec7171880d13
Page 1 of 6
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close