what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2015-11-17

Open-Xchange Guard 2.0 Cross Site Scripting
Posted Nov 17, 2015
Authored by Martin Heiland, Eduard Hauck

Open-Xchange Guard version 2.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-7385
SHA-256 | 888154affc2ef5c3a8d0c97e1dc560312910892473344310de9e89d6ca8fcd4c
Gentoo Linux Security Advisory 201511-02
Posted Nov 17, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201511-2 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.548 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-5569, CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7628, CVE-2015-7629, CVE-2015-7630, CVE-2015-7631, CVE-2015-7632, CVE-2015-7633, CVE-2015-7634, CVE-2015-7643, CVE-2015-7644, CVE-2015-7645, CVE-2015-7646, CVE-2015-7647, CVE-2015-7648, CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661
SHA-256 | e6845cf2bd6a0e075d4dc6bfd3258c520129150cb19c3a4b1781f97ae1ad7e3b
Free WMA MP3 Converter 1.8 Buffer Overflow
Posted Nov 17, 2015
Authored by Vulnerability Laboratory, ZwX | Site vulnerability-lab.com

Free WMA MP3 Converter version 1.8 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 405e1a5c47ed2d7f68d824586599986b2c40de899c0466366ebf697fa61505de
Murgent CMS SQL Injection
Posted Nov 17, 2015
Authored by Vulnerability Laboratory, Sia Turk | Site vulnerability-lab.com

Murgent CMS from 2015Q4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3d3c1ae69315f62677ef5cb67d8cd395a1393075c74dfc1d329ba7fc8f456883
LineNity WP Premium Theme Local File Inclusion
Posted Nov 17, 2015
Authored by Vulnerability Laboratory, Sajjad Sotoudeh | Site vulnerability-lab.com

LineNity WP premium theme suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | aedb3c213591ef0023a5bac52d0988f5003d14829fbb8554821e52c538078db3
Ebay Magento Cross Site Request Forgery
Posted Nov 17, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ebay Magento suffered from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 9100b8e6174a98fe814cca49771a623e8ed97ea3ca97aba563a8cdfb93846e04
Ebay Magento Commerce Cross Site Scripting
Posted Nov 17, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ebay Magento Commerce suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d053d31a2e30a77f10b17da4ec3786d918f2e3f72ec4c69bda9bb8bedc20b230
Lan Scan HD 1.20 Command Injection
Posted Nov 17, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Lan Scan HD version 1.20 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | a6f4b3a9396e8402950f0d05045b64e5fa21dea5031ee2933070b42412e31732
Port Scan 2.0 Command Injection
Posted Nov 17, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Port Scan version 2.0 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | e0354f5b75c9099132633c4b052838d46b8bbee6c82c53020df95d4ea18525b4
Bluto 1.1.5
Posted Nov 17, 2015
Authored by Darryl Lane | Site github.com

Bluto is a dns reconnaissance, vulnerability checking, and enumeration tool.

tags | tool
systems | unix
SHA-256 | 431c6f71e045b8def154280f8fbd6fb5f8dd6b7b32299a86768ff218522a8265
PHP Address Book 8.2.5.2 SQL Injection
Posted Nov 17, 2015
Authored by Rahul Pratap Singh

PHP Address Book version 8.2.5.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 74ce6b4fbc3365f91ad208910228a3874d6c832b0bfb7575b3a009ca64d52058
Microsoft Windows Hardlink Permission Issue
Posted Nov 17, 2015
Authored by Google Security Research, forshaw

On Microsoft Windows you can create NTFS hardlinks without needing write permissions on the target file.

tags | advisory
systems | linux, windows
advisories | CVE-2015-6113
SHA-256 | 760348b2c259a8688b4643226d703dcb86c3811fe54ead7f25e0acc81110138d
zTree 3.5.19.1 Cross Site Scripting
Posted Nov 17, 2015
Authored by Onur YILMAZ | Site netsparker.com

zTree version 3.5.19.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7348
SHA-256 | 74c4694fccb338eef0b0a66ddd1bd35451475c0c7f74ebe8ff6a29b02a59712f
Microsoft Windows Kernel Win32k.sys TTF Font Processing Buffer Overflow
Posted Nov 17, 2015
Authored by Google Security Research, mjurczyk

A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. This finding documents an overflow with a malformed OS/2 table.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-6103
SHA-256 | 8fe968ce622cf9113f76404623b7e14a9b2abf8080a96adb4115cbf39cfdec56
Kaspersky Antivirus RAR File Format Parsing Memory Corruption
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing the RAR file format found multiple crashes, some of which are obviously exploitable for remote code execution as NT AUTHORITY\\SYSTEM on any system with Kaspersky Antivirus.

tags | advisory, remote, code execution
systems | linux
SHA-256 | 840a6644fa6473e395e71ccc99acd288e2ea564ff3edbc779548159cd42980df
Cisco FireSIGHT Management Center Certificate Validation
Posted Nov 17, 2015
Authored by Matthew Flanagan

The Cisco FireSIGHT Management Center appliance suffers from a certificate validation vulnerability. FirePWNER exploit included. Versions affected include 5.2.x, 5.3.x, and 5.4.x.

tags | exploit
systems | cisco, linux
advisories | CVE-2015-6357
SHA-256 | 3fc2f6862036f1dcec916cfa817e09ceabd99af239e63cb74877b949a1537809
Kaspersky Antivirus Incorrect %PROGRAMDATA% ACL
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

The ACL on %PROGRAMDATA%\Kaspersky Lab allows BUILTIN\Users to create new files. This can be abused to create new plugins and modules during update, and other filesystem races to gain elevated privileges.

tags | advisory
systems | linux
SHA-256 | 5123890ee94b7febd160cd7bdcce88da33225fd6e226283bf65d0ea4999f84e3
Kaspersky Antivirus DEX File Format Memory Corruption
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

The attached testcase was found by fuzzing DEX files, and results in a heap overflow with a wild memcpy. Note that Kaspersky catch exceptions and continue execution, so running into unmapped pages doesn't terminate the process, this should make exploitation quite realistic.

tags | exploit, overflow
systems | linux
SHA-256 | 6751e071bf8dd3497577b29fbf7d097aa98be4740d9f645d2afa24cded401776
BSidesCharm 2016 Call For Papers
Posted Nov 17, 2015
Site securitybsides.com

BSidesCharm 2016 has announced its Call For Papers. It will be held in Baltimore, MD, USA April 23rd through the 24th, 2016.

tags | paper, conference
SHA-256 | 48cc7c98a1bb52a5c1c079a1de9041accf0850c7a5363cb2ab610746fa6409fb
Adobe Reader X / XI Out Of Bounds Read
Posted Nov 17, 2015
Authored by Google Security Research, mjurczyk

Adobe Reader X and XI for Windows suffer from an out-of-bounds read in CoolType.dll.

tags | exploit
systems | linux, windows
advisories | CVE-2014-9161
SHA-256 | bc8c45d0bc029bbfe2dcb8a7c8653db43d3be01d2877e59509fb180abdbeb922
Microsoft Windows 8.1 Ahcache.sys/NtApphelpCacheControl Privilege Escalation
Posted Nov 17, 2015
Authored by Google Security Research, forshaw

On Windows 8.1 Update 32/64 bit, the system call NtApphelpCacheControl (the code is actually in ahcache.sys) allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function AhcVerifyAdminContext. This function has a vulnerability where it doesn't correctly check the impersonation token of the caller to determine if the user is an administrator. It reads the caller's impersonation token using PsReferenceImpersonationToken and then does a comparison between the user SID in the token to LocalSystem's SID. It doesn't check the impersonation level of the token so it's possible to get an identify token on your thread from a local system process and bypass this check.

tags | exploit, local
systems | linux, windows
advisories | CVE-2015-0001
SHA-256 | 72088e382599651c32cb9cdc5567e22509289abb4b5d97381967f2aafa755155
TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow
Posted Nov 17, 2015
Authored by LiquidWorm | Site zeroscience.mk

TECO JN5 L510-DriveLink version 1.482 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .LF5 file. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
SHA-256 | 0a17862b17b3d467c4d8f98421a8360fdbcb7dc4e4083cf422ec3cebfc1dcc18
TECO AP-PCLINK 1.094 TPC File Handling Buffer Overflow
Posted Nov 17, 2015
Authored by LiquidWorm | Site zeroscience.mk

TECO AP-PCLINK version 1.094 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
systems | linux
SHA-256 | 05a9e596617eb5f861cd0aa93ea5277f10981c522596b213248bf09866d332c4
TECO SG2 FBD Client 3.51 SEH Overwrite Buffer Overflow
Posted Nov 17, 2015
Authored by LiquidWorm | Site zeroscience.mk

TECO SG2 FBD Client version 3.51 suffers from a vulnerability that is caused due to a boundary error in the processing of a Genie FBD, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GFB file. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
systems | linux
SHA-256 | 9e734f6542911311ba1c133e0986c8e5fe18cf3fbb2d5b7622a8b4a411038008
Mac OS X Networkd XPC Type Confusion Sandbox Escape
Posted Nov 17, 2015
Authored by Google Security Research, Ian Beer

networkd is the system daemon which implements the com.apple.networkd XPC service. It's unsandboxed but runs as its own user. com.apple.networkd is reachable from many sandboxes including the Safari WebProcess and ntpd (plus all those which allow system-network). networkd parses quite complicated XPC messages and there are many cases where xpc_dictionary_get_value and xpc_array_get_value are used without subsequent checking of the type of the returned value.

tags | exploit
systems | linux, apple
advisories | CVE-2014-4492
SHA-256 | 8f3b0d4e8a89ad64284b0b7f58567f82fed3eee85dac017382e0f65c2b11a7e5
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close