This archive contains all of the 240 exploits added to Packet Storm in February, 2016.
ba7356729c37007d4d38ff69306484d89001c138aaa6d3c6695ded696090e042
Netgear's ProSafe NMS300 is a network management utility that runs on Windows systems. The application has a file upload vulnerability that can be exploited by an unauthenticated remote attacker to execute code as the SYSTEM user. Two servlets are vulnerable, FileUploadController (located at /lib-1.0/external/flash/fileUpload.do) and FileUpload2Controller (located at /fileUpload.do). This Metasploit module exploits the latter, and has been tested with versions 1.5.0.2, 1.4.0.17 and 1.1.0.13.
21b61eacb45384fca46646a93d57a232dc9d4a63ea542dc6fb29807e1a4dc643
The Adreno GPU driver for the MSM Linux kernel contains a heap overflow in the IOCTL_KGSL_PERFCOUNTER_QUERY ioctl command. The bug results from an incorrect conversion to a signed type when calculating the minimum count value for the query option. This results in a negative integer being used to calculate the size of a buffer, which can result in an integer overflow and a small sized allocation on 32-bit systems.
11c959c3433bd2e4a4a0b93cec8f7ba66f5dab8a114dc0cadb5fc6c6bc5f818f
Fiyo CMS version 2.0.6.1 suffers from multiple cross site scripting vulnerabilities.
94a75418a58f9a444db29b3522a8e6934a1b2690ac8c1f92fe79a33def69eaf6
This script exploits er, unsanitized env var passing in ASAN which leads to file clobbering as root when executing setuid root binaries compiled with ASAN. It uses an overwrite of /etc/ld.so.preload to get root on a vulnerable system. You can supply your own target binary to use for exploitation.
3f14643d1c039904bc9db24702fe18f67c6de2c6f848f3e50ab2d61c07de8423
A crash due to a use-after-free condition can be observed in an ASAN build of Wireshark (current git master), by feeding a malformed file to tshark.
aa70c051da88d6df887378a4bee75c1f9831e1bd674b47c6a648173a1efc04f2
WordPress More Fields plugin versions 2.1 and below suffer from a cross site request forgery vulnerability.
906328027e2d34e5ffabc680e80bf4a58c0cad693359ae0eccd0ee17d378a5d2
GpicView version 0.2.5 buffer overflow crash proof of concept exploit.
d02a27f6326edac3336bb36dac367b061870cccfa1778239241bf20194b30a07
Fing version 3.3.0 suffers from a persistent mail encoding vulnerability.
7b2b2a6aa9e6305baa1e2225868b94e22b5f9306572b25675ef6534b0e5fb65a
WP Good News Themes suffers from a client-side cross site scripting vulnerability.
2f6dbc8068ac0fc495a40430881c904a267917e4664027d378ea34d6fa60b893
Pulse CMS version 4.5.2 suffers from a local file inclusion vulnerability.
f65d55c4c5903b29a885eeab0b5eb131445994ce6a6c73cb2e333288eaa52429
The Comodo Anti-Virus GeekBuddy component suffers from a dll hijacking vulnerability.
0ae11a3b5d1a8b5d4ad2898c2bb2c564fc813ee736345fafa943c80c22c0bf1c
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
e09ae4dd981e67c22e500b1c48c89c3767b6360b05fcc5756f418783adb4c177
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
24fceb475313278d19f5a23db69ad822ae87dfa7f82a3ba37404f43ef5ba46e0
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
a0b62fab44a37693fd14db3f0e3e858745cb319b96780df04ea679a925ececb6
A crash due to a heap-based out-of-bounds memory read can be observed in an ASAN build of latest stable libxml2 (2.9.3, released 4 days ago), by feeding a malformed file to xmllint.
75e7ebd650b1e60e6dcef6ff3a77e4fabca9acf8c4b6a4677048ca098cb03520
Coppermine version 1.5.40 uses straight MD5 without any salt for storage of passwords.
953f240f9074c871c21ff81b9fda483e9b54149b0e8bf9fd3a4ae7b129905d41
Proxmox VE versions 3 and 4 suffers from privilege escalation, code execution, and cross site scripting vulnerabilities.
377a4d6e4e3f59329037f6605c912134206657cbddc009f577acf4a0c93a7e43
WordPress WP Ultimate Exporter plugin versions 1.0 and 1.1 suffers from multiple remote SQL injection vulnerabilities.
16a39c93c4c118309bb6382bf258c1c0fa954639322ef7c55a3a052d1c3848af
Centreon versions 2.5.3 and below suffer from a remote code execution vulnerability.
3c4451947909782cb24cf03b689934f5d565641465aa23686ec6df8df29ff586
Infor CRM version 8.2.0.1136 suffers from multiple cross site scripting vulnerabilities.
b48e22c74e47621c31af3403d86e083a3f1abc5563fc2dfe8d627d1b581db34c
Zimbra versions 8.0.9 GA and below suffer from a cross site request forgery vulnerability.
0da0fe882cf7354bdf4be9e8dafb2bb44b40c75b431e52698d358584cb94db05
Cygwin suffers suffers from a dll hijacking vulnerability.
24171614c6478bf8aec76c25acdb2fc75fc734452867fb86432651acd0df8e10
Google's Chrome Cleanup Tool suffers from a dll hijacking vulnerability.
e2bde11264a28f5ba73ff12c3c7437fc0631264903401454d76b59f90187c3bd
GIMP for Windows suffers from a dll hijacking vulnerability.
ac97dc5b648db74d6ed97b0c86498de3904d37cb7b8d8c613ef2aa9e05f1cefe