Exploit the possiblities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2015-06-19

Adobe Flash Player ShaderJob Buffer Overflow
Posted Jun 19, 2015
Authored by Chris Evans, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability related to the ShaderJob workings on Adobe Flash Player. The vulnerability happens when trying to apply a Shader setting up the same Bitmap object as src and destination of the ShaderJob. Modifying the "width" attribute of the ShaderJob after starting the job it's possible to create a buffer overflow condition where the size of the destination buffer and the length of the copy are controlled.

tags | exploit, overflow
advisories | CVE-2015-3090
MD5 | 27e6364d703ca0c934dda145b1becbea
Debian Security Advisory 3292-1
Posted Jun 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3292-1 - Bastian Blank from credativ discovered that cinder, a storage-as-a-service system for the OpenStack cloud computing suite, contained a bug that would allow an authenticated user to read any file from the cinder server.

tags | advisory
systems | linux, debian
advisories | CVE-2015-1851
MD5 | 287ab812bbc7e47c86b846eef93d08f8
ManageEngine SupportCenter Plus 7.90 XSS / Traversal / Password Disclosure
Posted Jun 19, 2015
Authored by Alain Homewood | Site vulnerability-lab.com

ManageEngine SupportCenter Plus version 7.90 suffers from cross site scripting, password disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cf71a54df4ca0dfd05fd6e284f9b4f23
Duo Push Timing Attack
Posted Jun 19, 2015
Authored by Josh Stone, Patrick Fussell

Duo push authentications are susceptible to a low-profile timing-based attack that permits an intruder to steal an authenticated session from an end-user accessing Duo-protected resources. Specifically, when multiple push notifications arrive simultaneously (or nearly so), only the final one is shown to the user. When the user authenticates that notification, only the corresponding session will actually be authenticated. If an attacker can initiate an equivalent connection slightly after the client?s session, then the user will typically authorize the malicious session rather than his or her own. Configurations affected include Duo Security Authentication Proxy version 2.4.8 and Duo Win Login version 1.1.8.

tags | advisory
MD5 | 4d7c9e856d0c3eb1f1d7f750af0a89c8
Tango FTP 1.0 Active-X Heap Spray
Posted Jun 19, 2015
Authored by metacom

Tango FTP active-x heap spray exploit that leverages a vulnerability in the COM component used eSellerateControl350.dll (3.6.5.0) method of the GetWebStoreURL member. Affects version 1.0 build 136.

tags | exploit, activex
MD5 | 98b386456927ea49ced509247d671e07
Tango DropBox 3.1.5 Active-X Heap Spray
Posted Jun 19, 2015
Authored by metacom

Tango DropBox active-x heap spray exploit that leverages a vulnerability in the COM component used eSellerateControl350.dll (3.6.5.0) method of the GetWebStoreURL member. Affects versions 3.1.5 and PRO.

tags | exploit, activex
MD5 | 49f9337a83c7ed744b2fbc9dc80f97e5
OpenEMR 4.2.0 Authentication Bypass
Posted Jun 19, 2015
Authored by Brian D. Hysell

OpenEMR versions 4.2.0 and 4.2.0 patch 1 suffer from an authentication bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2015-4453
MD5 | b1ce5eba069c8568b01d087def397c4c
ZTE ZXV10 W300 3.1.0c_DR0 UI Session Delete
Posted Jun 19, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

ZTE ZXV10 W300 version 3.1.0c_DR0 suffers from a session vulnerability that allows a remote attacker to delete network settings and more.

tags | exploit, remote
MD5 | f15717e936bdcc37fa85bb86d161be46
eBay Magento Cross Site Request Forgery
Posted Jun 19, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

eBay Magento suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 42cc40e772a2de9f0d60282600e98d9a
Red Hat Security Advisory 2015-1127-02
Posted Jun 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1127-02 - In accordance with the Red Hat Enterprise Linux OpenStack Platform Support Policy, the life cycle of Production Support for version 4 will end on June 19, 2015. On June 20, 2015, Red Hat Enterprise Linux OpenStack Platform version 4 will enter an inactive state and will no longer receive updated packages, including Critical-impact security patches or urgent-priority bug fixes. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date.

tags | advisory
systems | linux, redhat
MD5 | e28c6f616c35ec727ec1e2b7edd75987
eBay Magento Persistent Script Insertion
Posted Jun 19, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

A persistent input validation web vulnerability has been discovered in the official Magento xCommerce web-application. The vulnerability allows remote attackers to inject own script code to the application-side of the affected service module. The vulnerability is located in the filename value of the image upload module. The attacker needs to create a New Message with upload to change the filename to a malicious payload. The attack vector of the issue is located on the application-side and the request method to inject the script code is POST.

tags | exploit, remote, web
MD5 | fc338dbdaabef9998d5187c7d8c7c867
ApPHP Hotel Site 3.x.x SQL Injection
Posted Jun 19, 2015
Authored by wishnusakti

ApPHP Hotel Site version 3.x.x suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | bfc06c6801fb5c17db1a17d17a79fd60
eBay Magento Cross Site Scripting
Posted Jun 19, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

A client-side cross site scripting web vulnerability has been discovered in the official Magento Commerce Premium Theme front-end web-application. The non-persistent xss vulnerability allows remote attackers to inject own script code to the application-side of the vulnerable online-service module.

tags | exploit, remote, web, xss
MD5 | c3c7ce428dd6903c2d09fca6ea5eeaaf
WinylPlayer 3.0.3 Memory Corruption
Posted Jun 19, 2015
Authored by Rajganesh Pandurangan

WinylPlayer version 3.0.3 memory corruption proof of concept exploit.

tags | exploit, proof of concept
MD5 | afb7af302dba1de0f7d74950550385f8
Linux/x86 chmod('/etc/passwd','777') Shellcode
Posted Jun 19, 2015
Authored by Mohammad Reza Espargham

42 bytes small Linux/x86 chmod('/etc/passwd','777') shellcode.

tags | x86, shellcode
systems | linux
MD5 | f8567828e24918d9b326a6ae3dceadd6
HansoPlayer 3.4.0 Memory Corruption
Posted Jun 19, 2015
Authored by Rajganesh Pandurangan

HansoPlayer version 3.4.0 memory corruption proof of concept exploit.

tags | exploit, proof of concept
MD5 | 7a9eea032a32a751257bcc510e76c448
SAP Mobile Platform 3.0 XXE Injection
Posted Jun 19, 2015
Authored by Vahagn Vardanyan, Vahagn Vardanyan (ERPScan)

SAP Mobile Platform version 3.0 suffers from an XXE injection vulnerability. The problem is caused by a program error due to the incorrect use of an XML parser (/mobiliser servlet). By default, the parser opens external entities referenced within an XML input, which can then lead to malicious content being parsed. This malicious content can reference internal resources, such as files. These internal resources can be disclosed in the response to the request, or can be used to perform a denial of service attack on the parsing system, rendering the application content temporarily unavailable.

tags | advisory, denial of service
MD5 | 2fe3fef2e40f0f3f9cf1aa296a6d9698
SYBASE SQL Anywhere 12 / 16 Denial Of Service
Posted Jun 19, 2015
Authored by Vahagn Vardanyan

SYBASE SQL Anywhere versions 12 and 16 suffer from a denial of service vulnerability. An attacker can trigger a condition in which the process ceases to run. This condition can be intentionally provoked by an attacker to cause denial of service.

tags | advisory, denial of service
advisories | CVE-2015-2819
MD5 | b8f7e2fb546862a8b93930fd4e78c21a
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close