exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2015-06-16

RSA Validation Manager POODLE / DoS / XSS / Race Condition
Posted Jun 16, 2015
Site emc.com

RSA Validation Manager versions 3.2 prior to build 201 suffer from race condition, cross site scripting, denial of service, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
advisories | CVE-2012-3499, CVE-2013-1862, CVE-2013-2566, CVE-2014-0098, CVE-2014-0226, CVE-2014-0231, CVE-2014-3566, CVE-2015-0526
SHA-256 | 703e04b821a0df9e65975d31c6a38a8fc2688b91256b2bfeecf3b49ca2c66426
Ubuntu 12.04 / 14.04 / 14.10 / 15.04 overlayfs Local Root
Posted Jun 16, 2015
Authored by rebel

The overlayfs filesystem does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIG_USER_NS=y and where overlayfs has the FS_USERNS_MOUNT flag, which allows the mounting of overlayfs inside unprivileged mount namespaces. This is the default configuration of Ubuntu 12.04, 14.04, 14.10, and 15.04. Included is a full exploit demonstration root code execution.

tags | exploit, kernel, root, code execution
systems | linux, ubuntu
advisories | CVE-2015-1328
SHA-256 | f86829bc8ea48c36f6d3cd054fa6293bb6beab50057404ccaddcd6c16e8bed3c
Ubuntu Security Notice USN-2649-1
Posted Jun 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2649-1 - It was discovered that the uupdate tool incorrectly handled symlinks. If a user or automated system were tricked into processing specially crafted files, a remote attacker could possibly replace arbitrary files, leading to a privilege escalation.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-1833
SHA-256 | 7d5451bdd010c364078a583ebeb8b2ea946413d031c6886bd1a9f1f94760b3fa
Ubuntu Security Notice USN-2650-1
Posted Jun 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2650-1 - Kostya Kortchinsky discovered multiple flaws in wpa_supplicant and hostapd. A remote attacker could use these issues to cause wpa_supplicant or hostapd to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146
SHA-256 | c3ee6d4a5670629f11fe50ed57e6cdd0dc404dd3bb4af89ba16a428653faabeb
CellPipe 7130 Cross Site Scripting
Posted Jun 16, 2015
Authored by Dionisia Lerataki

CellPipe 7130 router version 1.0.0.20h.HOL suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-4587
SHA-256 | 3dbbd6127d694b4edcf1b718fd1acdcbca841f4fde9082ba044f21f713cb578d
Red Hat Security Advisory 2015-1120-01
Posted Jun 16, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1120-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2015-1805
SHA-256 | 3ec1967895e1681c1fef937c63310959e9099d0c14bde83f555875f3684d3b70
Ubuntu Security Notice USN-2648-1
Posted Jun 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2648-1 - Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2015-1323
SHA-256 | e05a32cadd10925759bdbae89726726df91c6208026ce4e19f73e37857c62c94
CellPipe 7130 Cross Site Request Forgery
Posted Jun 16, 2015
Authored by Dionisia Lerataki

CellPipe 7130 router version 1.0.0.20h.HOL suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-4586
SHA-256 | b4208c80088ecfa773353853c2cf70171df70a35ad267695d22e5afeee28d344
EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass
Posted Jun 16, 2015
Site emc.com

EMC UIM/P version 4.1 contains an authentication bypass vulnerability that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, bypass
advisories | CVE-2015-0546
SHA-256 | 78dbdf84e5e6fea60c5c569a4239e7b4a69a9358a122b03e7e12294bc7f068de
BlackCat CMS 1.1.1 Arbitrary File Download
Posted Jun 16, 2015
Authored by d4rkr0id

BlackCat CMS version 1.1.1 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | f8fe91c327a9426411a6ab0146f398710c166865e0b8856056ca898353a6d541
RealTimes (Realplayer) 18.0.1.6 Privilege Escalation
Posted Jun 16, 2015
Authored by Jay Turla

RealTimes (Realplayer) versions 18.0.1.6 and below suffer from a desktop service trusted path privilege escalation vulnerability.

tags | exploit
SHA-256 | a464f6ef7f8e5ab701f2dd718de925bb0e3201cd2c1a94efc90b3b217d06f0bc
XtMediaPlayer 0.93 Memory Corruption
Posted Jun 16, 2015
Authored by Sathish Arthar

XtMediaPlayer version 0.93 memory corruption proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 6f20422bb0ff521e463929e32ec936ee0b979b95a289460be8c2a8c3b0461fd5
Linux/x86 /etc/passwd Reading Shellcode
Posted Jun 16, 2015
Authored by B3mB4m

58 bytes small Linux/x86 /etc/passwd reading shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 6563636ad1d60a1ea50d144df18758818cb2033648591b1d94ca955faf18635f
FinePlayer 2.20 Memory Corruption
Posted Jun 16, 2015
Authored by Sathish Arthar

FinePlayer version 2.20 memory corruption proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | cfd118d530c7f9ec518ef261b7367e07b28950a2f5988cee0e98550918186628
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close