libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to ~/Downloads, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. This particular archive holds three proof of concept exploits.
642dbf93a2ac7ad97ec0e5940fb62ec821a66ce449bbde84890a9695362e981aProof of concept exploit for a buffer overflow in strongSwan VPN's charon server.
381239d433a012d932de3871f064091c52ad26bb7b01de975c5e82fe37562652Proof of concept exploit for a buffer overflow remote code execution vulnerability in librelp.
e494ed907a60d68aba585cbc21eba08e50daffab41973ff8ba84e679096953dcFacebook Fizz suffered from a remotely triggerable infinite loop denial of service condition due to an integer overflow.
5af505c975ff4a29b7c3d8cd18aec2e20e97fd465a21a6d2441d3e348521e614libssh proof of concept authentication bypass exploit, which, under certain conditions, may enable a remote attacker to gain unauthorized access to another user's account via ssh login. Versions 0.9.0 through 0.9.6 and 0.10.0 through 0.10.4 are affected.
9bd1a8957c6bb9f405736511d3ad44169c96d1094aebcfdbf0555a4786bbe3ebApple XNU kernel memory exposure proof of concept exploit that is designed for macOS High Sierra version 10.13.
38dd575e5b5287e0c5ce77e2d2ac39c63d630fc15948a59b9200382df1ff09b0Proof of concept exploit for a remotely trigger-able heap buffer overflow vulnerability in iOS 11.4.1 and macOS 10.13.6. This exploit can be used to crash any vulnerable iOS or macOS device that is connected to the same network as the attacker's computer. The vulnerability can be triggered without any user interaction on the victim's device. The exploit involves sending a TCP packet with non-zero options in the IP and TCP headers.
5352cd5286d39bd38e49f40ff6d66d63f42d4b951311bef0126c92981172e14fmacOS NFS client buffer overflow proof of concept exploit. These issues were addressed in macOS version 10.13.6.
917b85555ca4494b492d414d04dedd1a7811edb66c81d2df1ef9435751ac4474Proof-of-concept exploit for a remote code execution vulnerability in the packet-mangler component of macOS. The vulnerability was fixed in macOS High Sierra 10.13.5, which was released on June 1, 2018.
6bb19f476695922a3e4295da78b226643f1cf515a1ee4fc61b849f6bce9c9eb7Proof of concept exploit for a double-free memory corruption vulnerability in Ubuntu accountsservice.
a24f0c965168bcc3814136c8ee24f8fd5c7b0fb07f7be9bcaa47978b144f0e8fProof of concept exploits for libsane. The first enumerates a series of memory corruption issues and the second pops a calculator.
5ceb1ae3ba7a731ca6ae7c87b33be4c77455ddf79d5edc4c07eb4b5cf09b23b2Proof of concept exploit for an authentication bypass vulnerability in polkit.
458437eef69ad8bf3f51e3b80d608d2052ad08a989fbda8025248aff1d4b2a27A vulnerability exists within the polkit system service that can be leveraged by a local, unprivileged attacker to perform privileged operations. In order to leverage the vulnerability, the attacker invokes a method over D-Bus and kills the client process. This will occasionally cause the operation to complete without being subjected to all of the necessary authentication. The exploit module leverages this to add a new user with a sudo access and a known password. The new account is then leveraged to execute a payload with root privileges.
4a469ac4141ad75d095a953ed9262ad9287b8c479e96a68695a89371d81439eb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed