This archive contains all of the 240 exploits added to Packet Storm in February, 2016.
ba7356729c37007d4d38ff69306484d89001c138aaa6d3c6695ded696090e042Netgear's ProSafe NMS300 is a network management utility that runs on Windows systems. The application has a file upload vulnerability that can be exploited by an unauthenticated remote attacker to execute code as the SYSTEM user. Two servlets are vulnerable, FileUploadController (located at /lib-1.0/external/flash/fileUpload.do) and FileUpload2Controller (located at /fileUpload.do). This Metasploit module exploits the latter, and has been tested with versions 1.5.0.2, 1.4.0.17 and 1.1.0.13.
21b61eacb45384fca46646a93d57a232dc9d4a63ea542dc6fb29807e1a4dc643The Adreno GPU driver for the MSM Linux kernel contains a heap overflow in the IOCTL_KGSL_PERFCOUNTER_QUERY ioctl command. The bug results from an incorrect conversion to a signed type when calculating the minimum count value for the query option. This results in a negative integer being used to calculate the size of a buffer, which can result in an integer overflow and a small sized allocation on 32-bit systems.
11c959c3433bd2e4a4a0b93cec8f7ba66f5dab8a114dc0cadb5fc6c6bc5f818fFiyo CMS version 2.0.6.1 suffers from multiple cross site scripting vulnerabilities.
94a75418a58f9a444db29b3522a8e6934a1b2690ac8c1f92fe79a33def69eaf6This script exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. It uses an overwrite of /etc/ld.so.preload to get root on a vulnerable system. You can supply your own target binary to use for exploitation.
3f14643d1c039904bc9db24702fe18f67c6de2c6f848f3e50ab2d61c07de8423A crash due to a use-after-free condition can be observed in an ASAN build of Wireshark (current git master), by feeding a malformed file to tshark.
aa70c051da88d6df887378a4bee75c1f9831e1bd674b47c6a648173a1efc04f2WordPress More Fields plugin versions 2.1 and below suffer from a cross site request forgery vulnerability.
906328027e2d34e5ffabc680e80bf4a58c0cad693359ae0eccd0ee17d378a5d2GpicView version 0.2.5 buffer overflow crash proof of concept exploit.
d02a27f6326edac3336bb36dac367b061870cccfa1778239241bf20194b30a07Fing version 3.3.0 suffers from a persistent mail encoding vulnerability.
7b2b2a6aa9e6305baa1e2225868b94e22b5f9306572b25675ef6534b0e5fb65aWP Good News Themes suffers from a client-side cross site scripting vulnerability.
2f6dbc8068ac0fc495a40430881c904a267917e4664027d378ea34d6fa60b893Pulse CMS version 4.5.2 suffers from a local file inclusion vulnerability.
f65d55c4c5903b29a885eeab0b5eb131445994ce6a6c73cb2e333288eaa52429The Comodo Anti-Virus GeekBuddy component suffers from a dll hijacking vulnerability.
0ae11a3b5d1a8b5d4ad2898c2bb2c564fc813ee736345fafa943c80c22c0bf1cA crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
e09ae4dd981e67c22e500b1c48c89c3767b6360b05fcc5756f418783adb4c177A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
24fceb475313278d19f5a23db69ad822ae87dfa7f82a3ba37404f43ef5ba46e0A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
a0b62fab44a37693fd14db3f0e3e858745cb319b96780df04ea679a925ececb6A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
75e7ebd650b1e60e6dcef6ff3a77e4fabca9acf8c4b6a4677048ca098cb03520Coppermine version 1.5.40 uses straight MD5 without any salt for storage of passwords.
953f240f9074c871c21ff81b9fda483e9b54149b0e8bf9fd3a4ae7b129905d41Proxmox VE versions 3 and 4 suffers from privilege escalation, code execution, and cross site scripting vulnerabilities.
377a4d6e4e3f59329037f6605c912134206657cbddc009f577acf4a0c93a7e43WordPress WP Ultimate Exporter plugin versions 1.0 and 1.1 suffers from multiple remote SQL injection vulnerabilities.
16a39c93c4c118309bb6382bf258c1c0fa954639322ef7c55a3a052d1c3848afCentreon versions 2.5.3 and below suffer from a remote code execution vulnerability.
3c4451947909782cb24cf03b689934f5d565641465aa23686ec6df8df29ff586Infor CRM version 8.2.0.1136 suffers from multiple cross site scripting vulnerabilities.
b48e22c74e47621c31af3403d86e083a3f1abc5563fc2dfe8d627d1b581db34cZimbra versions 8.0.9 GA and below suffer from a cross site request forgery vulnerability.
0da0fe882cf7354bdf4be9e8dafb2bb44b40c75b431e52698d358584cb94db05Cygwin suffers suffers from a dll hijacking vulnerability.
24171614c6478bf8aec76c25acdb2fc75fc734452867fb86432651acd0df8e10Google's Chrome Cleanup Tool suffers from a dll hijacking vulnerability.
e2bde11264a28f5ba73ff12c3c7437fc0631264903401454d76b59f90187c3bdGIMP for Windows suffers from a dll hijacking vulnerability.
ac97dc5b648db74d6ed97b0c86498de3904d37cb7b8d8c613ef2aa9e05f1cefe
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed