seeing is believing
Showing 1 - 25 of 26 RSS Feed

Files Date: 2014-05-30

Google Compute Engine Lateral Compromise
Posted May 30, 2014
Authored by Scott T. Cameron

A user who creates a GCE VM with compute-rw privileges, who subsequently has that single VM compromised, can lead to a global compromise of all VMs inside of the account.

tags | exploit
MD5 | f32f108c6ebc06959686ee94ee49b69b
Bizagi BPM Suite Cross Site Scripting / SQL Injection
Posted May 30, 2014
Authored by Mauricio Urizar, Todd Lewellen

Bizagi BPM Suite suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection
advisories | CVE-2014-2947, CVE-2014-2948
MD5 | 6f4252d73c9ad90dae95225a9022f126
Darklena fprintd/pam_fprintd Local Root
Posted May 30, 2014
Authored by Sebastian Krahmer

pam_fprintd local root proof of concept exploit that spawns a shell. pam_fprintd uses net.reactivated.Fprint service to trigger finger swiping and registers DBUS signal inside the PAM authentication function. Then, when the DBUS signal arrives, the signal argument is basically just checked to be the "verify-match" string; which however is expected to come from the legit net.reactivated.Fprint service. Since there is no message filter registered in either pam_fprintd, nor inside dbus-glib which it is using, such signals can be spoofed by anyone.

tags | exploit, shell, local, root, spoof, proof of concept
advisories | CVE-2013-0292
MD5 | 1786d9b3cee692d8370585417bc01109
oclHashcat For NVidia 1.21
Posted May 30, 2014
Authored by dropdead | Site hashcat.net

oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.

Changes: Various updates.
tags | tool, cracker
MD5 | 1aaaa43e0dac2f1e71dc5364d5c46b61
Google Compute Engine VMs Denial Of Service
Posted May 30, 2014
Authored by Scott T. Cameron

Google Compute Engine VMs suffer from multiple traffic-based denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
MD5 | b861d62d563726bbdecf79b01b1b1a88
Videos Tube 1.0 SQL Injection
Posted May 30, 2014
Authored by Mustafa ALTINKAYNAK

Videos Tube version 1.0 suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | ccb3a178d4e858d1ca8070b269c9f9e4
oclHashcat For AMD 1.21
Posted May 30, 2014
Authored by dropdead | Site hashcat.net

oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.

Changes: Various updates.
tags | tool, cracker
MD5 | bcff9f9e01eecb7687f9395d02a05725
Pixie CMS 1.04 Cross Site Scripting
Posted May 30, 2014
Authored by Simone Memoli, Filippos Mastrogiannis

Pixie CMS version 1.04 suffers from multiple POST cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2014-3786
MD5 | 9b78558a09ae81ed7d384962b97ffafa
ElasticSearch Dynamic Script Arbitrary Java Execution
Posted May 30, 2014
Authored by juan vazquez, Alex Brasetvik, Bouke van der Bijl | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.2.0. The bug is found in the REST API, which requires no authentication or authorization, where the search function allows dynamic scripts execution, and can be used for remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully on ElasticSearch 1.1.1 on Ubuntu Server 12.04 and Windows XP SP3.

tags | exploit, java, remote, arbitrary
systems | linux, windows, xp, ubuntu
advisories | CVE-2014-3120
MD5 | 935d0eaea1b955a877d9b174038a6a06
webEdition CMS 6.3.8.0 svn6985 SQL Injection
Posted May 30, 2014
Site redteam-pentesting.de

RedTeam Pentesting discovered an SQL injection vulnerability in the file browser component of webEdition CMS during a penetration test. Unauthenticated attackers can get read-only access on the SQL database used by webEdition and read for example password hashes used by administrative accounts. webEdition versions 6.3.8.0 svn6985 down to 6.3.3.0 is affected.

tags | exploit, sql injection
advisories | CVE-2014-2303
MD5 | f869ef0dc2d236d1e4a5feaa1d142941
webEdition CMS 2.8.0.0 Remote Command Execution
Posted May 30, 2014
Site redteam-pentesting.de

RedTeam Pentesting discovered a remote command execution vulnerability in the installer script of the webEdition CMS during a penetration test. If the installer script is not manually removed after installation, attackers cannot only reinstall webEdition, but also gain remote command execution. webEdition CMS version 2.8.0.0 is affected.

tags | exploit, remote
advisories | CVE-2014-2302
MD5 | d0a8861e7ba29a4e2197e879c76789ad
Microsoft DHCP INFORM Configuration Overwrite
Posted May 30, 2014
Authored by laurent gaffie

A vulnerability in Windows DHCP was found on Windows OS versions ranging from Windows 2000 through to Windows server 2003. This vulnerability allows an attacker to remotely overwrite DNS, Gateway, IP Addresses, routing, WINS server, WPAD, and server configuration with no user interaction. Successful exploitation of this issue will result in a remote network configuration overwrite. Microsoft acknowledged the issue but has indicated no plans to publish a patch to resolve it.

tags | advisory, remote
systems | windows, 2k
MD5 | 535d32799e8d5c79bd314ee2a3a71e9b
Sharetronix 3.3 Cross Site Request Forgery / SQL Injection
Posted May 30, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Sharetronix version 3.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
advisories | CVE-2014-3414, CVE-2014-3415
MD5 | 39662671a2172e1d6cb0875e06d10f9a
NICE Recording eXpress 6.x Root Backdoor / XSS / Bypass
Posted May 30, 2014
Authored by Johannes Greil | Site sec-consult.com

NICE Recording eXpress versions 6.0.x, 6.1.x, 6.2.x, 6.3.x, and 6.5.x suffer from cross site scripting, root backdoor, unauthenticated access, fail authorization, insecure cookie handling, and remote SQL injection vulnerabilities.

tags | exploit, remote, root, vulnerability, xss, sql injection, insecure cookie handling
MD5 | 84c627abbbedce37f8fcc1d6c972b8f4
Fiyo CMS 1.5.7 Cross Site Scripting
Posted May 30, 2014
Authored by Mustafa ALTINKAYNAK

Fiyo CMS version 1.5.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cef86b73cd9a6056bc247e24da162ccc
TORQUE Resource Manager 2.5.13 Buffer Overflow
Posted May 30, 2014
Authored by bwall

TORQUE Resource Manager versions 2.5.x through 2.5.13 suffer from a stack buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2014-0749
MD5 | 470b1d1a56ee44f68d79e62d8c5debbf
Castor Library XXE Disclosure
Posted May 30, 2014
Authored by Ron Gutierrez

Castor Library version 1.3.3-RC1 suffers from a file disclosure vulnerability via XXE injection.

tags | exploit, info disclosure
advisories | CVE-2014-3004
MD5 | ba85851f4d1f764fd0e6058721c2d966
Apache Tomcat XML Parser Information Disclosure
Posted May 30, 2014
Authored by Mark Thomas | Site tomcat.apache.org

In limited circumstances it was possible for a malicious web application to replace the XML parsers used by Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs) and tag plugin configuration files. The injected XMl parser(s) could then bypass the limits imposed on XML external entities and/or have visibility of the XML files processed for other web applications deployed on the same Tomcat instance. Versions affected include Apache Tomcat 8.0.0-RC1 to 8.0.5, Apache Tomcat 7.0.0 to 7.0.53, and Apache Tomcat 6.0.0 to 6.0.39.

tags | advisory, web
advisories | CVE-2014-0119
MD5 | 5bf0de101075a8680add82c3a1818657
Apache Tomcat XSLT Information Disclosure
Posted May 30, 2014
Authored by Mark Thomas | Site tomcat.apache.org

The default servlet allows web applications to define (at multiple levels) an XSLT to be used to format a directory listing. When running under a security manager, the processing of these was not subject to the same constraints as the web application. This enabled a malicious web application to bypass the file access constraints imposed by the security manager via the use of external XML entities. Versions affected include Apache Tomcat 8.0.0-RC1 to 8.0.3, Apache Tomcat 7.0.0 to 7.0.52, and Apache Tomcat 6.0.0 to 6.0.39.

tags | advisory, web
advisories | CVE-2014-0096
MD5 | 6239c35f875e5fb748a963512ba6bf99
XML Security Library 1.2.20
Posted May 30, 2014
Site aleksey.com

XML Security Library is a C library based on LibXML2. It provides an implementation for major XML security standards: XML Digital Signature and XML Encryption.

Changes: This release fixed a number of miscellaneous bugs and updated expired or soon-to-be-expired certificates in the test suite.
tags | library
systems | unix
MD5 | ce12af00283eb90d9281956524250d6e
Wireshark CAPWAP Dissector Denial Of Service
Posted May 30, 2014
Authored by Laurent Butti, j0sm1 | Site metasploit.com

This Metasploit module injects a malicious udp packet to crash Wireshark 1.8.0 to 1.8.7 and 1.6.0 to 1.6.15. The vulnerability exists in the capwap dissector which fails to handle an incomplete packet.

tags | exploit, denial of service, udp
advisories | CVE-2013-4074, OSVDB-94091
MD5 | 95b5a8eb1d95df0bcc04737288bcd492
InterScan Messaging Security Virtual Appliance 8.5.1.1516 Cross Site Scripting
Posted May 30, 2014
Authored by William Costa

InterScan Messaging Security Virtual Appliance version 8.5.1.1516 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4278ef2985d9212d5f17304df293d1a2
WordPress DZS Video Gallery Cross Site Scripting / Content Spoofing
Posted May 30, 2014
Authored by MustLive

WordPress DZS Video Gallery plugin suffers from cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | d9670acbbfc340e93f7cc89cb99b6f0b
Easy File Sharing FTP Server 3.5 Buffer Overflow
Posted May 30, 2014
Authored by superkojiman

Easy File Sharing FTP Server version 3.5 suffers from a stack buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2006-3952, OSVDB-27646
MD5 | 28daba762d05b952e079a7f838afd7f8
ProtonMail.ch Header Injection / CSRF
Posted May 30, 2014
Authored by Juan Carlos Garcia, Francisco Moraga

ProtonMail.ch suffers from cross site request forgery, header injection, and out of date software vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, vulnerability, csrf
MD5 | 3a3771bd65c50a7abe9a35a69d808576
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close