Microsoft RTF CVE-2017-0199 proof of concept exploit.
94860eb2041748a74ccdfe99ad24e8276e83a03535808e480542e01b7dde6104VirtualBox suffers from an unprivileged host user to host kernel privilege escalation via ALSA config.
f38ab6ac7db1ac5c9f60c3a076a685885892333cd88c3211cc5704218296d743WebKit suffers from a universal cross site scripting vulnerability in operationSpreadGeneric.
6d9e305dd9fc16577996089d04a9e8ca38f2b5124a99b6df7e83db1c04d4e35eMicrosoft Windows suffers from an IEETWCollector arbitrary directory / file deletion privilege escalation vulnerability.
430a53cd94edd4e0e498a42cca519bca58b5345139e6f34fe55a3fac5ac08ac8This Metasploit module exploits two vulnerabilities the Trend Micro Threat Discovery Appliance. The first is an authentication bypass vulnerability via a file delete in logoff.cgi which resets the admin password back to 'admin' upon a reboot (CVE-2016-7552). The second is a cmd injection flaw using the timezone parameter in the admin_sys_time.cgi interface (CVE-2016-7547).
035399021ac947492b961a04ac25a5a12f67bebc47e9858ba91b9e72dfccdc17VirtualBox suffers from an unprivileged host user to host kernel privilege escalation vulnerability via environment and ioctl.
5ae11d5da89c21fa2ec3f008d6534c457837c34c5f2d020a423a08192ddfde0aVirtualBox suffers from a guest-to-host local privilege escalation vulnerability via broken length handling in slirp copy.
79cd9c11d5258beceede4e3ea94c22037f513ff968d9ae2a19eeefa0afadf459Microsoft Windows suffers from a runtime broker ClipboardBroker privilege escalation vulnerability.
7c916e43984e060a2ac3129f24b582d32092c2278a75ff95dfbfab95fd72d2cfMicrosoft Windows suffers from a ManagementObject arbitrary .NET serialization remote code execution vulnerability.
2191c2cf58409ae65a711b869567e7f0086659f623a87e56f5ca19199ab839a9Apple Webkit suffers from a universal cross site scripting vulnerability in PrototypeMap::createEmptyStructure.
79780b821c23d3e4824a776971e35553e09962f68907b17945b1816687de7323Microsoft Windows taskschd.msc local SYSTEM privilege escalation exploit.
745e5a4f4c52227b4be45f15a6b78b196c664d1436532ae73577cf9534505f2eVLC Media Player version 2.2.3 DecodeAdpcmImaQ buffer overflow exploit.
ce938631e3a9c9ef064a71a86662cee234639f00fe1ce75a32787d6606ff0462This Metasploit module uses information disclosure to determine if MS17-010 has been patched or not. Specifically, it connects to the IPC$ tree and attempts a transaction on FID 0. If the status returned is "STATUS_INSUFF_SERVER_RESOURCES", the machine does not have the MS17-010 patch. This Metasploit module does not require valid SMB credentials in default server configurations. It can log on as the user "\" and connect to IPC$.
406793a6d738119ccb6d6413edb253d56dcc7567c30b9802bc8d69cb7209cb0bWatchguard's Firebox and XTM appliances suffer from XML external entity injection and XML-RPC user enumeration vulnerabilities.
947dba226b2f6a9ad24e1b5e7af199cf29a3450764e88c890268dcb7b1cd44c2This Metasploit module exploits a command injection vulnerability in the Huawei HG532n routers provided by TE-Data Egypt, leading to a root shell. The router's web interface has two kinds of logins, a "limited" user:user login given to all customers and an admin mode. The limited mode is used here to expose the router's telnet port to the outside world through NAT port-forwarding. With telnet now remotely accessible, the router's limited "ATP command line tool" (served over telnet) can be upgraded to a root shell through an injection into the ATP's hidden "ping" command.
13f129a4c5fe898ac3c2bbe4698d84747643595b279f6dd5ed13bb1e7817b43bThis article documents practical exploitation of CVE-2017-0199 and includes a proof of concept.
7e95162e6d74646b2e07b57b6589a73c89a2105aa6fc97d5f1fd7552b825222eMicrosoft Word RTF remote code execution proof of concept exploit.
e3af621ee635b743874aebf34413bfde2f9b300518dd7ab7af4dfce56b891d5cThis Metasploit module will cause a denial of service condition against the WinSCP version 5.9.4 client using the LIST command.
70b4a4f4603ab9597bca18a248bf1413f07aecd0e5667bd5fd8aae0701e0f356VirusChaser version 8.0 SEH buffer overflow exploit.
55d4edfc5e560528047e28f4aa656ddf9ae557f65bf055d9001a301986a25b69Mantis Bug Tracker versions 1.3.0 and 2.3.0 suffer from a pre-authentication remote password reset vulnerability.
da0c10bca7d635dd4ba8a9cdd41f8f1b36c9490cffa05acee01ffcdf095d74d1TOVA 8 Precision Test Environment (P.T.E) suffers from an unquoted service path privilege escalation vulnerability.
6d308920f28a2c5983e612f26b7acbcdf9165ed8f467d95cc9e2cc4c8e5515e6ETERNALBLUE is an SMBv1 remote unauthenticated zero day exploit that works on 2008 R2. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Consider this exploit hostile and unverified. For research purposes only. Description has been referenced from http://medium.com/@networksecurity.
05652205ec079cb034a9a5089e9083c36d21f4c85c6d7ed59a43282856e0724bZIPPYBEER is an authenticated Microsoft Domain Controller exploit. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Consider this exploit hostile and unverified. For research purposes only. Description has been referenced from http://medium.com/@networksecurity.
a148e3b45ad148ca6737a4263c0182505021cf747bac80212e574fefb57bccc1EXPLODINGCAN is an exploit for Microsoft IIS 6 that leverages WebDAV and works on 2003 only. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Consider this exploit hostile and unverified. For research purposes only. Description has been referenced from http://medium.com/@networksecurity.
2d29211219806e7a08f3a5f698230796b4681542694e0bd5b0ea60b287739cb2EWOKFRENZY is an exploit for Lotus Domino versions 6 and 7. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Consider this exploit hostile and unverified. For research purposes only. Description has been referenced from http://medium.com/@networksecurity.
802e399220f5980b8abeb9745d973c45a5f0896f56a6377dd9019bae93b6953e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed