This archive contains 190 exploits that were added to Packet Storm in November, 2015.
d6d0c6276b2fafc1b461728be0f139b590d4ce0965f02cb1e6192125de6aeedbBrocade Fabric OS version 6.3.1b suffers from multiple weak system configuration issues that can result in system compromise. You actually have to go out of your way to break basic Linux security this badly.
86551b3c0d17766625527eb34a6c14cce252c358fd6840a5969038b4022df058HumHub versions 0.11.2 and 0.20.0-beta.2 suffer from a remote SQL injection vulnerability.
de97ea4c72cb25e8cbe17f57855cac312d4ef10577f8830837d47392f45dc630Belkin N150 wireless home routers suffer from cross site request forgery, cross site scripting, session hijacking, and default credential vulnerabilities.
ccd6d7df0385f7fe44487b3572769d2a3e6d56e73e0aa366d26c92e320dce63fEasy File Sharing Web Server version 7.2 remote SEH buffer overflow exploit using DEP bypass with ROP.
b343788b936fa8d54e2e946f827f40f4d9105116d2e051d438e3240130b330b3CoreMail version XT3.0 suffers from a stored cross site scripting vulnerability.
f921686d976a5a7c22956d7212359350cfd0ea21e63e1684c4e814378959176aMyCustomers version 1.3.873 suffers from a remote SQL injection vulnerability.
2f4222a07b82de124e338becccee82b40bd19c6939570f75d9088587d4bf9074WEBONE CMS version 14 suffers from a cross site scripting vulnerability.
d5f7e78a35f7ed4a83b67ecffb5c6863f0290d23b93409df4ca40a0528bf4a3dMind Wave Softwares version 1.2 suffers from a remote SQL injection vulnerability.
e781282f425d882d2e6b18dc224765a38cb3052c0cd292a6ed945168cfd27783Visual Paradigm Server version 10.0 suffers from a cross site scripting vulnerability.
11c702c88601ac6e95e42022410b65f5fca9d57c43f676ae447bdbbbf28e80b1CIS Manager Content Management System 2015Q4 suffers from a remote SQL injection vulnerability.
755fee851a768d9739a2fbca1bfcc591f6bb2d3a6267279c012f29a529206ed8BisonWare BisonFTP Server version 3.5 is prone to an overflow condition. This Metasploit module exploits a buffer overflow vulnerability in said application.
ad92db3f8a0dd8f3d603187873cbcc879f069b52034b56d5481e2bd22b4892ddSAP Sybase Adaptive Server Enterprise suffers from an XXE injection vulnerability.
eefc985f29a3508ca13dea522b15ac3c29c4c59a97887c2cc3fc596ee310c5aaKNX management software ETS version 4.1.5 build 3246 suffers from a buffer overflow vulnerability that allows for remote code execution.
26fb1ecb52a068327a64aefb6a20a38aa566c00c1c8b2378b3520c7110cdc0a6Neos CMS version 2.0.3 suffers from cross site scripting and remote shell upload vulnerabilities.
32f565a1e4aa0ba4f3cc4e6ff2e96c53df2ff5dc3c7b30ec6666056d0a5ec619The attached testcase crashes Windows 7 32-bit due to a pool buffer overflow in an ioctl handler. Enabling special on ndis.sys netio.sys and ntoskrnl helps to track down the issue, however it will crash due to a bad pool header without special pool as well.
3403491c7fbf36174b15a563987a49c4a34c9dfe661dfceec3ca982b901368adThe 3D Vision service nvSCPAPISvr.exe installed as part of typical driver installations runs at Local System and has an insecure named pipe server. One of the commands in the server can be used to set an Explorer Run key for the system which would allow a user to get code executing in the session of any other user who logs on to the same machine leading to elevation of privilege. In Windows Domain environments it would also be possible to exploit the vulnerability between machines if the attacker has access to a valid user account on one domain joined machine.
05dc63568af8d130fdd2c6b9e0a909e6ec48e67727f943ffc38e725c2e25e0c2The attached poc crashes 32-bit Windows 7 with a screen resolution of 1024x768 and 32bit color depth. The crash occurs during a memmove operation while copying the cursor content from unmapped memory. This could potentially be used by an attacker to leak kernel memory. When reproducing this issue in VMWare, it is necessary to remove VMWare tools. In QEMU the issue reproduces reliably.
4a4737c7da3e9d60d2829fc4216a2923ae3dd4946af77f8b03906129aa0fc6baThe attached testcase crashes Window 7 32-bit with Special Pool enabled on win32k.sys due to a use-after-free condition. The bug appears to be a race condition between two threads and multiple runs on the PoC might be required to trigger the bug. This is more reliable on systems with multiple cores.
98cd61cfa57d50f4a3e3d1dc2c080a9c2743333c59a9c028d17d2c5241c7bd9aThe Microsoft Windows kernel suffers from an NtUserScrollDC memory corruption vulnerability.
9c9d7819c17ae0f14fbcf5250fe9bc87ec36941d7e0e1a71bc9c128bc94d7ef8The Microsoft Windows kernel suffers from a use-after-free vulnerability with device contexts and NtGdiSelectBitmap.
f9138be83b6665e583fb9a0c2edbf82da6a8ba0567aba68654dad7c01ffa36d5MODX Login Extra versions prior to 1.9.1 suffer from a cross site scripting vulnerability.
8866751a93597637a538bf0220137db267a389e38a5051f40a3903cc78ebdc36RXTEC RXAdmin login page from UPDATE 06 / 2012 suffers from a remote SQL injection vulnerability.
940590a69e2048c5513b7eb24f981f9183f5c6fa25601b46fcf091c4812f94f5Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges.
8f7f179c0390f32c61f7e5d9ef5dff39e836b126a057fbd52f32854d89498f84Huawei HG253s V2 suffers from a remote information disclosure vulnerability.
2e2018d16f6a7f8cddf71c09432c4a1048d6e439aa44ce1118910a868470d54c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed