ignore security and it'll go away
Showing 1 - 25 of 179 RSS Feed

Files

Packet Storm New Exploits For September, 2016
Posted Oct 3, 2016
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 178 exploits added to Packet Storm in September, 2016.

tags | exploit
MD5 | 4969024a61139da9a1f4a8da1f54c1c4
Ubiquiti UniFi AP AC Lite 5.2.7 Improper Access Control
Posted Sep 30, 2016
Authored by Tim Schughart, Khanh Quoc Pham, Immanuel Bar

Ubiquiti UniFi AP AC Lite version 5.2.7 allows for direct modification of the database with no authentication.

tags | exploit
advisories | CVE-2016-7792
MD5 | 3d2a9a4f0f840580c92a6b61dee83a71
Netgear Genie 2.4.32 Privilege Escalation
Posted Sep 30, 2016
Authored by Tulpa

Netgear Genie version 2.4.32 suffers from an unquoted service path elevation of privilege vulnerability.

tags | exploit
MD5 | 50950656a43a0ae649cdae18ee2a93d5
Sophos UTM 9.405-5 / 9.404-5 Information Disclosure
Posted Sep 30, 2016
Authored by Tim Schughart, Khanh Quoc Pham

Sophos UTM versions 9.405-5 and 9.404-5 suffer from information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2016-7397, CVE-2016-7442
MD5 | 98b51479e785c34b8069df57fe7fc143
Joomla Huge-IT Portfolio Gallery 1.0.6 SQL Injection
Posted Sep 30, 2016
Authored by Larry W. Cashdollar

Joomla Huge-IT Portfolio Gallery plugin version 1.0.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2016-1000124
MD5 | 408991be727b093dcb42715d973820d5
Abus Security Cams 0101a Cross Site Scripting
Posted Sep 30, 2016
Authored by Tim Schughart

Abus Security Cams version 0101a suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ea4448280ed2285d87affda2eda84809
KeepNote 0.7.8 Remote Command Execution
Posted Sep 30, 2016
Authored by R-73eN

KeepNote version 0.7.8 remote command execution exploit.

tags | exploit, remote
MD5 | e90b98f9640d95a97dc9315a5d5dd8fa
WordPress KBoard Cross Site Scripting
Posted Sep 30, 2016
Authored by T3NZOG4N, Mojtaba MobhaM, FireKernel

WordPress KBoard plugin versions prior to 4.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9f137d4d74f5f5b145489aab7ee8232b
WordPress KBoard 2.7 SQL Injection
Posted Sep 30, 2016
Authored by T3NZOG4N, Mojtaba MobhaM, FireKernel

WordPress KBoard plugin version 2.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 14da75cec56640c5fdf141368fc13b87
Snort 2.9.7.0-WIN32 DLL Hijacking
Posted Sep 30, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Snort version 2.9.7.0-WIN32 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2016-1417
MD5 | 5b5b824bf67d1d5290cc1be5a2a14117
Joomla Huge-IT Catalog 1.0.7 SQL Injection
Posted Sep 30, 2016
Authored by Larry W. Cashdollar

Joomla Huge-IT Catalog component version 1.0.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2016-1000125
MD5 | a6125055a625ac7d49f7df510f69251c
AnswerScript 2.7.1 Cross Site Scripting
Posted Sep 30, 2016
Authored by indoushka

AnswerScript version 2.7.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9c5ed5078d95d013a05a6302722c02c2
Symantec Messaging Gateway 10.6.1 Directory Traversal
Posted Sep 28, 2016
Authored by R-73eN

Symantec Messaging Gateway versions 10.6.1 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2016-5312
MD5 | 474ec2043b4af5d87097d9a795722eb7
D-Link DWR-932B Backdoors / Default WPS PIN
Posted Sep 28, 2016
Authored by Pierre Kim

D-Link DWR-932B suffers from backdoor accounts, default WPS PIN, weak WPS PIN generation, and various other bad security practices and issues.

tags | exploit
MD5 | b2fbfed0ccd8e0f65c0d1132f585653d
Exponent CMS 2.3.9 Cross Site Scripting
Posted Sep 28, 2016
Authored by indoushka

Exponent CMS version 2.3.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 179ba2a379193b3ea1f574962dc801e0
VLC Media Player 2.2.1 Buffer Overflow
Posted Sep 28, 2016
Authored by sultan albalawi

VLC Media Player version 2.2.1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 5c78fcc6e232c68394a721b5083f71b8
TP-Link Archer CR-700 Cross Site Scripting
Posted Sep 28, 2016
Authored by Ayushman Dutta

TP-Link Archer CR-700 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bab3ef6352cb31e3a0f1302ebf28c5ae
NetMan 204 Backdoor Account
Posted Sep 28, 2016
Authored by Saeed reza Zamanian

NetMan 204 suffers from having a backdoor account being installed by default.

tags | exploit
MD5 | 3dea1b9e5d7fcca3783a4aad050bf78c
FreePBX Remote Command Execution
Posted Sep 28, 2016
Authored by Ahmed Sultan

FreePBX versions prior to 13.0.188 remote root exploit.

tags | exploit, remote, root
MD5 | e1c2feb7864881500f580195e6ab94a0
Adobe Flash 23 Sandbox Bypass
Posted Sep 27, 2016
Authored by Leone Pontorieri

Adobe Flash versions 23 and below local-with-filesystem sandbox bypass via navigateToURL() and UI redressing. Proof of concept included.

tags | exploit, local, proof of concept, bypass
MD5 | 38c6974d18edf9f552f3b82e5e96af58
AVer Information EH6108H+ Authentication Bypass / Inforation Exposure
Posted Sep 27, 2016
Authored by Travis Lee

AVer Information EH6108H+ hybrid DVR suffers from authentication bypass, hard-coded credential, and information exposure vulnerabilities.

tags | exploit, vulnerability, bypass, info disclosure
advisories | CVE-2016-6535, CVE-2016-6536, CVE-2016-6537
MD5 | 95892784e29cf0c2a53be1a6aa8dc309
Skype DLL Hijacking
Posted Sep 27, 2016
Authored by Tien Phan

The Skype installer suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 38891a92bce0fefe5230c828e0d9305e
Ipod Video Converter DLL Hijacking
Posted Sep 27, 2016
Authored by ZwX

Ipod Video Converter suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 384d15825d9565f65198a791348691bb
Linux Kernel 4.6.3 Netfilter Privilege Escalation
Posted Sep 27, 2016
Authored by h00die, vnik | Site metasploit.com

This Metasploit module attempts to exploit a netfilter bug on Linux Kernels befoe 4.6.3, and currently only works against Ubuntu 16.04 (not 16.04.1) with kernel 4.4.0-21-generic. Several conditions have to be met for successful exploitation: Ubuntu: 1. ip_tables.ko (ubuntu), iptable_raw (fedora) has to be loaded (root running iptables -L will do such) 2. libc6-dev-i386 (ubuntu), glibc-devel.i686

tags | exploit, kernel, root
systems | linux, fedora, ubuntu
advisories | CVE-2016-4997
MD5 | d27040d1104d9c3b30bc4f1eebb0d24d
Android Stagefright MP4 tx3g Integer Overflow
Posted Sep 27, 2016
Authored by jduck, NorthBit | Site metasploit.com

This Metasploit module exploits a integer overflow vulnerability in the Stagefright Library (libstagefright.so). The vulnerability occurs when parsing specially crafted MP4 files. While a wide variety of remote attack vectors exist, this particular exploit is designed to work within an HTML5 compliant browser. Exploitation is done by supplying a specially crafted MP4 file with two tx3g atoms that, when their sizes are summed, cause an integer overflow when processing the second atom. As a result, a temporary buffer is allocated with insufficient size and a memcpy call leads to a heap overflow. This version of the exploit uses a two-stage information leak based on corrupting the MetaData that the browser reads from mediaserver. This method is based on a technique published in NorthBit's Metaphor paper. First, we use a variant of their technique to read the address of a heap buffer located adjacent to a SampleIterator object as the video HTML element's videoHeight. Next, we read the vtable pointer from an empty Vector within the SampleIterator object using the video element's duration. This gives us a code address that we can use to determine the base address of libstagefright and construct a ROP chain dynamically. NOTE: the mediaserver process on many Android devices (Nexus, for example) is constrained by SELinux and thus cannot use the execve system call. To avoid this problem, the original exploit uses a kernel exploit payload that disables SELinux and spawns a shell as root. Work is underway to make the framework more amenable to these types of situations. Until that work is complete, this exploit will only yield a shell on devices without SELinux or with SELinux in permissive mode.

tags | exploit, remote, overflow, shell, kernel, root
advisories | CVE-2015-3864
MD5 | 057a5f7427ec278d6c1be05309a18c30
Page 1 of 8
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
New Magniber Ransomware Targets South Korea, Asia Pacific
Posted Oct 21, 2017

tags | headline, malware, china, fraud, korea
Hackers Race To Use Flash Exploit Before Vulnerable Systems Are Patched
Posted Oct 21, 2017

tags | headline, hacker, malware, flaw, cyberwar, adobe
Bitcoin Boom Prompts Growth Of Coin-Mining Malware
Posted Oct 21, 2017

tags | headline, malware, bank, fraud
How To Social Engineer Yourself Into High Security Facilities
Posted Oct 21, 2017

tags | headline, fraud, social
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close