This archive contains all of the 270 exploits added to Packet Storm in November, 2016.
b07ce8827414a0c482bc25856eacc41914207388d75cd8c3765e1b4717ae6c3a
PDF Shaper is prone to a security vulnerability when processing PDF files. The vulnerability appear when we use Convert PDF to Image and use a specially crafted PDF file. This Metasploit module has been tested successfully on Win Xp, Win 7, Win 8, Win 10.
532694bd13e7b2f1c5f5de642204ad78bd9869bdcf6309f2f674565cf0afddfb
e107 version 2.1.2 suffers from cross site request forgery, static cookie, and cross site scripting vulnerabilities.
b32c05086a213fca01edfc373b8530f3528091ef5a8ba0807216cf309f76cb44
X5 Webserver version 5.0 suffers from a null pointer dereference denial of service vulnerability.
20e86a4799ce0f3a93471b800f54e6319f7f2f9543076dd201a6ac354599f983
Remote ntpd version 4.2.8 stack overflow proof of concept exploit.
d236563023f74672a9096c635e4f48e9f46e8f7d2d35e973eaa6881d3a7148eb
Input passed via the '_redirect' GET parameter via 'service.cgi' script on various Peplink VPN-Firewall devices is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
857b49544d6bb02347eefe4f8fad675fde6301b8ceab69e24b15a2ac153324bc
WinPower version 4.9.0.4 suffers from a privilege escalation vulnerability. Proof of concept code included.
ec522491360ef2eea63aba812282511dbf4434f0517e72db396d11d570822b22
WordPress Insert Html Snippet plugin version 1.2 suffers from a cross site request forgery vulnerability.
88cdb0cc08fc0716a77ecedb0dcebc1babd0f1b3b9aff65d890c24afc0b2ffb3
A specially crafted web-page can trigger an unknown memory corruption vulnerability in Google Chrome Accessibility code. An attacker can cause code to attempt to execute a method of an object using a vftable, when the pointer to that object is not valid, or the object is not of the expected type. Successful exploitation can lead to arbitrary code execution.
2e778c3221fa3eaf8abf088d1e8b32a2d106db4dc5bdebdb26527e31a4f3f729
Eagle Speed USB modem software suffers from a privilege escalation vulnerability.
cda286f25eab66e0cb5e9bd9dbeff7eac9f7849b3309554eb2bade42c4c55f4d
EnCase Forensic Imager versions 7.10 and below suffer from denial of service and heap-based buffer overflow vulnerabilities.
7843ed94a73178cbbad1a3abd757df71b39cbeea28ef32b9271d33b5a8956fe1
Biesta Billing version 4.0 Beta suffers from cross site request forgery and directory traversal vulnerabilities.
1dbc8d21c6556545a544de74ed9e813e4cb5d2098b52219b9c607c83be2a4e40
Tenda, D-Link, and TP-Link routers suffer from a DHCP-related cross site scripting vulnerability.
deae3bd5ab2a5585fb0dbfa5bda9b5d9b01b695202780666e95b8e5867ba623c
Schoolhos CMS version 2.29 suffers from a remote SQL injection vulnerability.
18bf3758049c09d544ead83379f79628fb8d1f08c9c583a22a0dec707da52a98
A specially crafted web-page can cause a type confusion vulnerability in Microsoft Internet Explorer 8 through to 11. An attacker can cause code to be executed with a stack layout it does not expect, or have code attempt to execute a method of an object using a vftable, when that object does not have a vftable. Successful exploitation can lead to arbitrary code execution.
5b4fcdc09df2a675998ba07391f886bc44311a54330a1fde5e090c06b5c8871e
Sync Breeze Enterprise version 9.1.16 suffers from a buffer overflow vulnerability.
99ad3ce389932752dd41edfcd8aec1d1a4e5fa440c3578915ebfc5f121b87451
Disk Savvy Enterprise version 9.1.14 suffers from a buffer overflow vulnerability.
faf928f721e5198132268f83b9e7cf2e1a78648e52ffc61c42d6ef7891cbb4bb
This exploit uses the pokemon exploit as a base and automatically generates a new passwd line. The original /etc/passwd is then backed up to /tmp/passwd.bak and overwritten with the new line. The user will be prompted for the new password when the binary is run. After running the exploit you should be able to login with the newly created user.
302fbe1148d6c5d32476fb30dc9d34045ceec15d40ea123d00c14f4b7996e6b7
Disk Sorter Enterprise version 9.1.12 suffers from a buffer overflow vulnerability.
e2ecdaf843d96896a697ef6afb8d29d9b04f93b28a3b13a195c71e2bcd5ea2a5
Dup Scout Enterprise version 9.1.14 suffers from a buffer overflow vulnerability.
af41d3a10450ccc29bbd070559cf1434ddcfe7ac88ad347e644da7975c9d77c6
VX Search Enterprise version 9.1.12 suffers from a buffer overflow vulnerability.
03513ad7f5e75b455d5900fd6d5decfe43fda6f877699fb98afbd4ddd5e2cf94
Disk Pulse Enterprise version 9.1.16 suffers from a buffer overflow vulnerability.
3a977294d21f971191b59812010308f1c7930ff453febccc362b2f7200f2f4a3
Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr privilege escalation proof of concept exploit. Leverages the issue as noted in MS16-135.
6f7683a7f9666073812e63d33f32f047a21bd0aa436bae07f855db5d6921419b
ChatNow version 1.1 suffers from a remote SQL injection vulnerability.
54fbfac5cdd2265de30868418643ff344268e6a27dcd6b6a4a3e374bbf402196
Core FTP LE version 2.2 build 1883 suffers from a buffer overflow vulnerability.
c010a97a342b534ca6301a3222201b570cef9c55fdf76244370bad52282c88ac