Exploit the possiblities
Showing 1 - 25 of 35 RSS Feed

Files Date: 2015-11-17

Open-Xchange Guard 2.0 Cross Site Scripting
Posted Nov 17, 2015
Authored by Martin Heiland, Eduard Hauck

Open-Xchange Guard version 2.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-7385
MD5 | 7bcf96196babe6f26d2f7cccfa2c4dd3
Gentoo Linux Security Advisory 201511-02
Posted Nov 17, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201511-2 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.548 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-5569, CVE-2015-7625, CVE-2015-7626, CVE-2015-7627, CVE-2015-7628, CVE-2015-7629, CVE-2015-7630, CVE-2015-7631, CVE-2015-7632, CVE-2015-7633, CVE-2015-7634, CVE-2015-7643, CVE-2015-7644, CVE-2015-7645, CVE-2015-7646, CVE-2015-7647, CVE-2015-7648, CVE-2015-7651, CVE-2015-7652, CVE-2015-7653, CVE-2015-7654, CVE-2015-7655, CVE-2015-7656, CVE-2015-7657, CVE-2015-7658, CVE-2015-7659, CVE-2015-7660, CVE-2015-7661
MD5 | abe57d817c86653f34077c4da7a51402
Free WMA MP3 Converter 1.8 Buffer Overflow
Posted Nov 17, 2015
Authored by ZwX | Site vulnerability-lab.com

Free WMA MP3 Converter version 1.8 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | a56e3d8f786cc89931952d4be1b9dcbc
Murgent CMS SQL Injection
Posted Nov 17, 2015
Authored by Sia Turk | Site vulnerability-lab.com

Murgent CMS from 2015Q4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | efd58a0a4cd46188c7cbdfb7ce1e3d03
LineNity WP Premium Theme Local File Inclusion
Posted Nov 17, 2015
Authored by Sajjad Sotoudeh | Site vulnerability-lab.com

LineNity WP premium theme suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | d748094bf7c3642da731c558a74f50ab
Ebay Magento Cross Site Request Forgery
Posted Nov 17, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

Ebay Magento suffered from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 2c275c07df42702fa6eb87eac434c451
Ebay Magento Commerce Cross Site Scripting
Posted Nov 17, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

Ebay Magento Commerce suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8ccc3f8b041d22843ec0866c0b90b6aa
Lan Scan HD 1.20 Command Injection
Posted Nov 17, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Lan Scan HD version 1.20 suffers from a command injection vulnerability.

tags | exploit
MD5 | 972f15217e4cdf382ecce15be1d8d909
Port Scan 2.0 Command Injection
Posted Nov 17, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Port Scan version 2.0 suffers from a command injection vulnerability.

tags | exploit
MD5 | 5009afc4aa8430149a1131f361c29057
Bluto 1.1.5
Posted Nov 17, 2015
Authored by Darryl Lane | Site github.com

Bluto is a dns reconnaissance, vulnerability checking, and enumeration tool.

tags | tool
systems | unix
MD5 | 7b83f0d196ef5f598f31e169dd0ba859
PHP Address Book 8.2.5.2 SQL Injection
Posted Nov 17, 2015
Authored by Rahul Pratap Singh

PHP Address Book version 8.2.5.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 82119fb66f0eb3c19483f48e4caab904
Microsoft Windows Hardlink Permission Issue
Posted Nov 17, 2015
Authored by Google Security Research, forshaw

On Microsoft Windows you can create NTFS hardlinks without needing write permissions on the target file.

tags | advisory
systems | linux, windows
advisories | CVE-2015-6113
MD5 | 6075d3d3870b6e4c1f75b3c3c5e80210
zTree 3.5.19.1 Cross Site Scripting
Posted Nov 17, 2015
Authored by Onur YILMAZ

zTree version 3.5.19.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7348
MD5 | 4f1b5eac5224de4bb342af7ad15cda70
Microsoft Windows Kernel Win32k.sys TTF Font Processing Buffer Overflow
Posted Nov 17, 2015
Authored by Google Security Research, mjurczyk

A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. This finding documents an overflow with a malformed OS/2 table.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-6103
MD5 | 4013c8d4f0eff12607dc7b602a884894
Kaspersky Antivirus RAR File Format Parsing Memory Corruption
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

Fuzzing the RAR file format found multiple crashes, some of which are obviously exploitable for remote code execution as NT AUTHORITY\\SYSTEM on any system with Kaspersky Antivirus.

tags | advisory, remote, code execution
systems | linux
MD5 | 15e714e02c2b2c35b51c291c143a1b5a
Cisco FireSIGHT Management Center Certificate Validation
Posted Nov 17, 2015
Authored by Matthew Flanagan

The Cisco FireSIGHT Management Center appliance suffers from a certificate validation vulnerability. FirePWNER exploit included. Versions affected include 5.2.x, 5.3.x, and 5.4.x.

tags | exploit
systems | cisco, linux
advisories | CVE-2015-6357
MD5 | da0f9d9c73fd3177d6912a31e9fa8374
Kaspersky Antivirus Incorrect %PROGRAMDATA% ACL
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

The ACL on %PROGRAMDATA%\Kaspersky Lab allows BUILTIN\Users to create new files. This can be abused to create new plugins and modules during update, and other filesystem races to gain elevated privileges.

tags | advisory
systems | linux
MD5 | a6d4d15e29c3f878c2fa722c590cf022
Kaspersky Antivirus DEX File Format Memory Corruption
Posted Nov 17, 2015
Authored by Tavis Ormandy, Google Security Research

The attached testcase was found by fuzzing DEX files, and results in a heap overflow with a wild memcpy. Note that Kaspersky catch exceptions and continue execution, so running into unmapped pages doesn't terminate the process, this should make exploitation quite realistic.

tags | exploit, overflow
systems | linux
MD5 | 60df8874ca86e1eb8cb83a2495341cee
BSidesCharm 2016 Call For Papers
Posted Nov 17, 2015
Site securitybsides.com

BSidesCharm 2016 has announced its Call For Papers. It will be held in Baltimore, MD, USA April 23rd through the 24th, 2016.

tags | paper, conference
MD5 | 6938bb3390fcd3ca1a68e28c7d0e3e2a
Adobe Reader X / XI Out Of Bounds Read
Posted Nov 17, 2015
Authored by Google Security Research, mjurczyk

Adobe Reader X and XI for Windows suffer from an out-of-bounds read in CoolType.dll.

tags | exploit
systems | linux, windows
advisories | CVE-2014-9161
MD5 | 0a2360b1de1e5b51caa0ec4eb4bf880d
Microsoft Windows 8.1 Ahcache.sys/NtApphelpCacheControl Privilege Escalation
Posted Nov 17, 2015
Authored by Google Security Research, forshaw

On Windows 8.1 Update 32/64 bit, the system call NtApphelpCacheControl (the code is actually in ahcache.sys) allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function AhcVerifyAdminContext. This function has a vulnerability where it doesn't correctly check the impersonation token of the caller to determine if the user is an administrator. It reads the caller's impersonation token using PsReferenceImpersonationToken and then does a comparison between the user SID in the token to LocalSystem's SID. It doesn't check the impersonation level of the token so it's possible to get an identify token on your thread from a local system process and bypass this check.

tags | exploit, local
systems | linux, windows
advisories | CVE-2015-0001
MD5 | 60f7d8c70155b2b1c5f188a27a78d2f2
TECO JN5 L510-DriveLink 1.482 SEH Overwrite Buffer Overflow
Posted Nov 17, 2015
Authored by LiquidWorm | Site zeroscience.mk

TECO JN5 L510-DriveLink version 1.482 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .LF5 file. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
MD5 | c7c47e823cb7e8d20db01aa272437ce8
TECO AP-PCLINK 1.094 TPC File Handling Buffer Overflow
Posted Nov 17, 2015
Authored by LiquidWorm | Site zeroscience.mk

TECO AP-PCLINK version 1.094 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .TPC file. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
systems | linux
MD5 | 4dac7a0ff2022d61000974887e0d8091
TECO SG2 FBD Client 3.51 SEH Overwrite Buffer Overflow
Posted Nov 17, 2015
Authored by LiquidWorm | Site zeroscience.mk

TECO SG2 FBD Client version 3.51 suffers from a vulnerability that is caused due to a boundary error in the processing of a Genie FBD, which can be exploited to cause a buffer overflow when a user opens e.g. a specially crafted .GFB file. Successful exploitation could allow execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
systems | linux
MD5 | d772b6472e6c5d4a3e78bb6433f943cf
Mac OS X Networkd XPC Type Confusion Sandbox Escape
Posted Nov 17, 2015
Authored by Google Security Research, ianbeer

networkd is the system daemon which implements the com.apple.networkd XPC service. It's unsandboxed but runs as its own user. com.apple.networkd is reachable from many sandboxes including the Safari WebProcess and ntpd (plus all those which allow system-network). networkd parses quite complicated XPC messages and there are many cases where xpc_dictionary_get_value and xpc_array_get_value are used without subsequent checking of the type of the returned value.

tags | exploit
systems | linux, apple
advisories | CVE-2014-4492
MD5 | 8735745305c64f5827fe6f8e813c215f
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close