Twenty Year Anniversary
Showing 1 - 25 of 201 RSS Feed

Files from Core Security Technologies

Email addressinfo at coresecurity.com
First Active2002-07-12
Last Active2018-11-28
Cisco WebEx Meetings Privilege Escalation
Posted Nov 28, 2018
Authored by Core Security Technologies, Marcos Accossatto | Site coresecurity.com

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. This vulnerability is related to a previous security issue fixed by Cisco in October. Affected versions include Cisco Webex Meetings Desktop App releases prior to 33.6.4 and Cisco Webex Productivity Tools releases 32.6.0 and later prior to 33.0.6.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2018-15442
MD5 | e0df0d3b74fa1ecc2091d30eb9104327
ASRock Drivers Privilege Escalation / Code Execution
Posted Oct 27, 2018
Authored by Core Security Technologies, Diego Juarez | Site secureauth.com

ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were found in AsrDrv101.sys and AsrDrv102.sys low level drivers, installed by ASRock RGBLED and other ASRock branded utilities, which could allow a local attacker to elevate privileges. Vulnerable packages include ASRock RGBLED before version 1.0.35.1, A-Tuning before version 3.0.210, F-Stream before version 3.0.210, and RestartToUEFI before version 1.0.6.2.

tags | exploit, local, vulnerability
advisories | CVE-2018-10709, CVE-2018-10710, CVE-2018-10711, CVE-2018-10712
MD5 | 21d4d95e72ff845d830ec7e7c0d06a11
D-Link Central WiFiManager Software Controller Code Execution / XSS
Posted Oct 4, 2018
Authored by Core Security Technologies, Julian Munoz | Site coresecurity.com

D-Link Central WiFiManager Software Controller suffers from hard-coded credential, code execution, and cross site scripting vulnerabilities. Version 1.03 is affected.

tags | exploit, vulnerability, code execution, xss
advisories | CVE-2018-17440, CVE-2018-17441, CVE-2018-17442, CVE-2018-17443
MD5 | d17784050df3ae3fb82535964cf33f9c
Opsview Monitor 5.x Command Execution
Posted Sep 5, 2018
Authored by Core Security Technologies, Fernando Diaz, Fernando Catoira | Site coresecurity.com

Opsview Monitor versions 5.2, 5.3, and 5.4 suffer from cross site scripting and multiple remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, xss
advisories | CVE-2018-16144, CVE-2018-16145, CVE-2018-16146, CVE-2018-16147, CVE-2018-16148
MD5 | bfca5d508c2cc0dae73d25b180e60694
SoftNAS Cloud OS Command Injection
Posted Jul 27, 2018
Authored by Core Security Technologies, Fernando Diaz, Fernando Catoira | Site coresecurity.com

SoftNAS Cloud versions prior to 4.0.3 suffers from an OS command injection vulnerability.

tags | exploit
advisories | CVE-2018-14417
MD5 | 57b583fec32a0c97cd4069def2bbac44
QNAP Qcenter Virtual Appliance 1.6.x Information Disclosure / Command Injection
Posted Jul 11, 2018
Authored by Core Security Technologies, Ivan Huertas | Site coresecurity.com

QNAP Qcenter Virtual Appliance versions 1.6.1056 (20170825) and 1.6.1075 (20171123) suffer from information disclosure and command injection vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2018-0706, CVE-2018-0707, CVE-2018-0708, CVE-2018-0709, CVE-2018-0710
MD5 | d0c0ba61b46957bc948ee79547357e3f
Quest KACE System Management Appliance 8.0 (Build 8.0.318) XSS / Traversal / Code Execution / SQL Injection
Posted May 31, 2018
Authored by Core Security Technologies, Leandro Barragan, Guido Leo | Site coresecurity.com

Quest KACE System Management Appliance version 8.0 (Build 8.0.318) suffers from code execution, cross site scripting, path traversal, remote SQL injection, and various other vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection
advisories | CVE-2018-11132, CVE-2018-11133, CVE-2018-11134, CVE-2018-11135, CVE-2018-11136, CVE-2018-11137, CVE-2018-11138, CVE-2018-11139, CVE-2018-11140, CVE-2018-11141, CVE-2018-11142
MD5 | 40e0fc0c417670b30bccdf9097a9a547
Quest DR Series Disk Backup Software 4.0.3 Code Execution
Posted May 31, 2018
Authored by Core Security Technologies, Maximiliano Vidal | Site coresecurity.com

Quest DR Series Disk Backup Software version 4.0.3 suffers from multiple code execution vulnerabilities.

tags | exploit, vulnerability, code execution
advisories | CVE-2018-11143, CVE-2018-11144, CVE-2018-11145, CVE-2018-11146, CVE-2018-11147, CVE-2018-11148, CVE-2018-11149, CVE-2018-11150, CVE-2018-11151, CVE-2018-11152, CVE-2018-11153, CVE-2018-11154, CVE-2018-11155, CVE-2018-11156, CVE-2018-11157, CVE-2018-11158, CVE-2018-11159, CVE-2018-11160, CVE-2018-11161, CVE-2018-11162, CVE-2018-11163, CVE-2018-11164, CVE-2018-11165, CVE-2018-11166, CVE-2018-11167, CVE-2018-11168
MD5 | fa95a83ac5f5a79ab8497701933a0dc5
TP-Link EAP Controller CSRF / Hard-Coded Key / XSS
Posted May 4, 2018
Authored by Core Security Technologies | Site coresecurity.com

TP-Link EAP suffers from hard-coded credential, cross site request forgery, cross site scripting, and other vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2018-10164, CVE-2018-10165, CVE-2018-10166, CVE-2018-10167, CVE-2018-10168
MD5 | 2bd5d4a8164df05c24571e8ef90378b4
MikroTik RouterOS SMB Buffer Overflow
Posted Mar 15, 2018
Authored by Core Security Technologies, Juan Caillava, Maximiliano Vidal | Site coresecurity.com

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it.

tags | exploit, remote, overflow, code execution
advisories | CVE-2018-7445
MD5 | b7e22648d2a91d8ab369593f7eabdb11
Trend Micro Email Encryption Gateway XSS / Code Execution
Posted Feb 21, 2018
Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Trend Micro Email Encryption Gateway suffers from cleartext transmission of sensitive information, missing authentication, cross site request forgery, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2018-6219, CVE-2018-6220, CVE-2018-6221, CVE-2018-6222, CVE-2018-6223, CVE-2018-6224, CVE-2018-6225, CVE-2018-6226, CVE-2018-6227, CVE-2018-6228, CVE-2018-6229, CVE-2018-6230
MD5 | 223e4ef70d15bf9047b6fde86990def0
Dell EMC Isilon OneFS XSS / Code Execution / CSRF
Posted Feb 14, 2018
Authored by Core Security Technologies, Ivan Huertas, Maximiliano Vidal | Site coresecurity.com

Dell EMC Isilon OneFS suffers from code execution, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss, csrf
advisories | CVE-2018-1186, CVE-2018-1187, CVE-2018-1188, CVE-2018-1189, CVE-2018-1201, CVE-2018-1202, CVE-2018-1203, CVE-2018-1204, CVE-2018-1213
MD5 | 035ddfcb8a7d024e325b9f233a3d9bcf
Kaspersky Secure Mail Gateway 1.1.0.379 CSRF / Code Execution
Posted Feb 6, 2018
Authored by Core Security Technologies, Leandro Barragan | Site coresecurity.com

Kaspersky Secure Mail Gateway version 1.1.0.379 suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf
MD5 | 04398c48a2c352c40a07dcb4a1897e4f
Trend Micro Smart Protection Server 3.2 XSS / Access Control / Disclosure
Posted Dec 22, 2017
Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Trend Micro Smart Protection Server version 3.2 suffers from access control bypass, cross site scripting, information disclosure, and various other vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2017-11398, CVE-2017-14094, CVE-2017-14095, CVE-2017-14096, CVE-2017-14097
MD5 | 0e10fe92b1e5418787878b2ed8d69361
Kaspersky Anti-Virus File Server 8.0.3.297 XSS / CSRF / Code Execution
Posted Jun 29, 2017
Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Kaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, virus, xss, info disclosure, csrf
systems | linux
advisories | CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813
MD5 | 834309bd7c681fce682800c2b27a31c0
Trend Micro ServerProtect Disclosure / CSRF / XSS
Posted May 24, 2017
Authored by Alberto Solino, Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Trend Micro ServerProtect suffers from information disclosure, manipulation, cross site request forgery, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-9032, CVE-2017-9033, CVE-2017-9034, CVE-2017-9035, CVE-2017-9036, CVE-2017-9037
MD5 | 351e7980ee3be97f07ceb95ec237ce90
SAP SAPCAR 721.510 Buffer Overflow
Posted May 10, 2017
Authored by Core Security Technologies, Martin Gallo, Maximiliano Vidal

Core Security Technologies Advisory - SAP distributes software and packages using an archive program called SAPCAR. This program uses a custom archive file format. A memory corruption vulnerability was found in the parsing of specially crafted archive files, that could lead to local code execution scenarios. Version 721.510 is affected.

tags | exploit, local, code execution
advisories | CVE-2017-8852
MD5 | 3d6f950a9eef0caafbc05be378131051
TP-LINK TDDP Buffer Overflow / Missing Authentication
Posted Nov 23, 2016
Authored by Core Security Technologies, Andres Lopez Luksenberg

Core Security Technologies Advisory - TP-LINK TDDP suffers from buffer overflow and missing authentication vulnerabilities.

tags | exploit, overflow, vulnerability
MD5 | 75bd302689d825abf438d908c7aeabce
SAP CAR Archive Tool Denial Of Service / Security Bypass
Posted Aug 11, 2016
Authored by Core Security Technologies, Martin Gallo, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - SAP CAR archive tool suffers from security bypass and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2016-5845, CVE-2016-5847
MD5 | e711534cc773eca194793a6b82ce5f46
FreeBSD Kernel amd64_set_ldt Heap Overflow
Posted Mar 17, 2016
Authored by Core Security Technologies, Francisco Falcon

Core Security Technologies Advisory - An integer signedness error has been found in the amd64_set_ldt() function in the FreeBSD kernel code (define d in the /sys/amd64/amd64/sys_machdep.c file), which implements the i386_set_ldt system call on the amd64 version of the OS. This integer signedness issue ultimately leads to a heap overflow in the kernel, allowing local unprivileged attackers to crash the system. FreeBSD 10.2 amd64 is affected.

tags | exploit, overflow, kernel
systems | freebsd, bsd
advisories | CVE-2016-1885
MD5 | 5fddced07d5ad899ebb2d9c6bf48f392
FreeBSD Security Advisory - FreeBSD-SA-16:15.sysarch
Posted Mar 17, 2016
Authored by Core Security Technologies | Site security.freebsd.org

FreeBSD Security Advisory - A special combination of sysarch(2) arguments, specify a request to uninstall a set of descriptors from the LDT. The start descriptor is cleared and the number of descriptors are provided. Due to invalid use of a signed intermediate value in the bounds checking during argument validity verification, unbound zero'ing of the process LDT and adjacent memory can be initiated from usermode. This vulnerability could cause the kernel to panic. In addition it is possible to perform a local Denial of Service against the system by unprivileged processes.

tags | advisory, denial of service, kernel, local
systems | freebsd
advisories | CVE-2016-1885
MD5 | 708f3ca1de7547e635db4e1854a95614
SAP Download Manager 2.1.142 Weak Encryption
Posted Mar 11, 2016
Authored by Core Security Technologies, Martin Gallo | Site coresecurity.com

SAP Download Manager is a Java application offered by SAP that allows downloading software packages and support notes. This program stores the user's settings in a configuration file. Sensitive values, such as the proxy username and password if set, are stored encrypted using a fixed static key. Versions up to 2.1.142.

tags | exploit, java
MD5 | 229590470a8be1c064d928eb9d902bc6
Samsung SW Update Tool 2.2.5.16 Man-In-The-Middle
Posted Mar 11, 2016
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

The Samsung SW Update tool version 2.2.5.16 suffers from a man-in-the-middle vulnerability.

tags | exploit
MD5 | 60159a622a73952074ae7f293204a463
Lenovo ShareIT Information Disclosure / Hardcoded Password
Posted Jan 25, 2016
Authored by Core Security Technologies, Ivan Huertas | Site coresecurity.com

Lenovo ShareIT suffers from hard-coded password, information exposure, missing encryption, and missing authorization vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2016-1489, CVE-2016-1490, CVE-2016-1491, CVE-2016-1492
MD5 | 498b12c9f26fa23e69a5e2b0a2958b51
Intel Driver Update Utility 2.2.0.5 Man-In-The-Middle
Posted Jan 19, 2016
Authored by Core Security Technologies

Intel Driver Update Utility version 2.2.0.5 suffers from a man-in-the-middle vulnerability..

tags | exploit
advisories | CVE-2016-1493
MD5 | 806cf80769dbf0b3c70df852390390ae
Page 1 of 9
Back12345Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    10 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    13 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close