Exploit the possiblities
Showing 1 - 25 of 25 RSS Feed

Files Date: 2016-11-15

BlackNurse Spoofed ICMP Denial Of Service Proof Of Concept
Posted Nov 15, 2016
Authored by Todor Donev

Blacknurse is a low bandwidth ICMP attack that is capable of doing denial of service to well known firewalls. Most ICMP attacks that we see are based on ICMP Type 8 Code 0 also called a ping flood attack. BlackNurse is based on ICMP with Type 3 Code 3 packets. We know that when a user has allowed ICMP Type 3 Code 3 to outside interfaces, the BlackNurse attack becomes highly effective even at low bandwidth. Low bandwidth is in this case around 15-18 Mbit/s. This is to achieve the volume of packets needed which is around 40 to 50K packets per second. It does not matter if you have a 1 Gbit/s Internet connection. The impact we see on different firewalls is typically high CPU loads. When an attack is ongoing, users from the LAN side will no longer be able to send/receive traffic to/from the Internet. All firewalls we have seen recover when the attack stops. Various firewalls such as Cisco ASA 5515/5525/5550/5515-X, Fortigate, SonicWall, and more are affected.

tags | exploit, denial of service
systems | cisco
MD5 | 1ce5fd54e281243721b63900ac937de9
Linux Kernel Keyctl Null Pointer Dereference
Posted Nov 15, 2016
Authored by Ralf Spenneberg, Hendrik Schwartke, Sergej Schumilo

A malicious interaction with the keyctl usermode interface allows an attacker to crash the kernel. Processing the attached certificate by the kernel leads to a kernel nullpointer dereference. This vulnerably can be triggered by any unprivileged user locally.

tags | exploit, kernel
MD5 | 478eb43ed2705fe03ff877734ccb1036
Linux Kernel EXT4 Memory Corruption / SLAB Out-Of-Bounds Read
Posted Nov 15, 2016
Authored by Ralf Spenneberg, Sergej Schumilo

Mounting a crafted EXT4 image read-only leads to a memory corruption and SLAB out of bounds reads (according to KASAN). Since the mounting procedure is a privileged operation, an attacker is probably not able to trigger this vulnerability on the commandline. Instead the automatic mounting feature of the GUI via a crafted USB device is required.

tags | advisory
MD5 | 913d567fda8fadad415b8771b911aa8e
Gentoo Linux Security Advisory 201611-08
Posted Nov 15, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-8 - Multiple vulnerabilities have been found in libpng, the worst of which may allow remote attackers to cause Denial of Service. Versions less than 1.6.21 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-7981, CVE-2015-8126, CVE-2015-8540
MD5 | 338856826bc1860d823880ef2a6c740d
Gentoo Linux Security Advisory 201611-07
Posted Nov 15, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-7 - polkit is vulnerable to local privilege escalation. Versions less than 0.113 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2015-3255
MD5 | dc52e8f731243822374a88f3c7ba2d1d
Gentoo Linux Security Advisory 201611-06
Posted Nov 15, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-6 - A vulnerability in xinetd could lead to privilege escalation. Versions less than 2.3.15-r2 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2013-4342
MD5 | f8fdda93fdb7d925c9681197b382488a
Gentoo Linux Security Advisory 201611-05
Posted Nov 15, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-5 - tnftp is vulnerable to remote code execution if output file is not specified. Versions less than 20141104 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2014-8517
MD5 | b8bf9de7801aed7871bd0a981f7be74b
Red Hat Security Advisory 2016-2750-01
Posted Nov 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2750-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. The memcache, mongo, and XDebug extensions are also included. The rh-php56 Software Collection has been upgraded to version 5.6.25, which provides a number of bug fixes and enhancements over the previous version. Security Fixes in the rh-php56-php component have been added.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2013-7456, CVE-2014-9767, CVE-2015-2325, CVE-2015-2326, CVE-2015-2327, CVE-2015-2328, CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383, CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391, CVE-2015-8392, CVE-2015-8395, CVE-2015-8835, CVE-2015-8865, CVE-2015-8866, CVE-2015-8867, CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8879, CVE-2016-1903
MD5 | 212c6ace5b1922e09d6bbc3fa03bbe65
Red Hat Security Advisory 2016-2749-01
Posted Nov 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2749-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-3492, CVE-2016-5507, CVE-2016-5616, CVE-2016-5617, CVE-2016-5626, CVE-2016-5629, CVE-2016-6662, CVE-2016-6663, CVE-2016-6664, CVE-2016-8283
MD5 | 0e5896714ac772d84a8ad0e7b8c11c19
Gentoo Linux Security Advisory 201611-09
Posted Nov 15, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-9 - Multiple vulnerabilities have been found in Xen, the worst of which allows gaining of privileges on the host system. Versions less than 4.6.3-r3 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2016-6258, CVE-2016-7092, CVE-2016-7093, CVE-2016-7094, CVE-2016-7777
MD5 | 023e91b60befde95a8b3b8550ed7d73b
Windows VHDMP ZwDeleteFile Arbitrary File Deletion Privilege Escalation
Posted Nov 15, 2016
Authored by Google Security Research, forshaw

The VHDMP driver does not safely delete files leading to arbitrary file deletion which could result in elevation of privilege.

tags | exploit, arbitrary
MD5 | cf4781183ffb73a29c60d739b40269ef
Windows Kernel Registry Hive Loading nt!RtlEqualSid Out-Of-Bounds Read
Posted Nov 15, 2016
Authored by Google Security Research, mjurczyk

A Windows kernel crash can occur in the nt!RtlEqualSid function invoked through nt!SeAccessCheck by nt!CmpCheckSecurityCellAccess while loading corrupted registry hive files.

tags | exploit, kernel, registry
systems | windows
advisories | CVE-2016-7216
MD5 | c0756254e4e1ccc1568e1ae96ebe1bbe
Windows VHDMP Arbitrary Physical Disk Cloning Privilege Escalation
Posted Nov 15, 2016
Authored by Google Security Research, forshaw

The VHDMP driver does not open physical disk drives securely when creating a new VHD leading to information disclosure and elevation of privilege by allowing a user to access data they should not have access to.

tags | exploit, info disclosure
advisories | CVE-2016-7224
MD5 | a811b9e9fd1f114f692f1e2497c401f9
Windows VHDMP Incorrect Impersonation Handling Privilege Escalation
Posted Nov 15, 2016
Authored by Google Security Research, forshaw

The VHDMP driver does not correctly handle impersonation levels leading to the possibility of impersonating a privileged token when performing certain actions such as creating/modifying a VHD leading to elevation of privilege.

tags | advisory
advisories | CVE-2016-7223
MD5 | aa7026f26462d80ce8c2c8e8aec38ed0
Windows VHDMP Arbitrary File Creation Privilege Escalation
Posted Nov 15, 2016
Authored by Google Security Research, forshaw

The VHDMP driver does not safely create files related to Resilient Change Tracking leading to arbitrary file overwrites under user control leading to elevation of privilege.

tags | exploit, arbitrary
advisories | CVE-2016-7226
MD5 | ffa87b52eeaf7af18b7cf72474d60fef
Microsoft Edge CAttrArray::Destroy Use-After-Free
Posted Nov 15, 2016
Authored by SkyLined

A specially crafted web-page can cause Microsoft Edge to free memory used for a CAttrArray object. The code continues to use the data in freed memory block immediately after freeing it. It does not appear that there is enough time between the free and reuse to exploit this issue.

tags | advisory, web
MD5 | 750b9024264a960bc76224c12c11f4f2
WinaXe 7.7 FTP Client Remote Buffer Overflow
Posted Nov 15, 2016
Authored by hyp3rlinx, Chris Higgins | Site metasploit.com

This Metasploit module exploits a buffer overflow in the WinaXe 7.7 FTP client. This issue is triggered when a client connects to the server and is expecting the Server Ready response.

tags | exploit, overflow
MD5 | 3781025058503ee9a37f795ee1c78a31
Trend Micro Smart Protection Server Exec Remote Code Injection
Posted Nov 15, 2016
Authored by Quentin Kaiser | Site metasploit.com

This Metasploit module exploits a vulnerability found in TrendMicro Smart Protection Server where untrusted inputs are fed to ServWebExec system command, leading to command injection. Please note: authentication is required to exploit this vulnerability.

tags | exploit
MD5 | 9f38f195a977ff44bf8c8f1d118e3eba
Red Hat Security Advisory 2016-2718-01
Posted Nov 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2718-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 54.0.2840.100. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5199, CVE-2016-5200, CVE-2016-5201, CVE-2016-5202
MD5 | f8305d9878d5687898063408b6da045e
Red Hat Security Advisory 2016-2706-01
Posted Nov 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2706-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. The following packages have been upgraded to a newer upstream version: qemu-kvm-rhev. Security Fix: An out-of-bounds flaw was found in the QEMU emulator built using 'address_space_translate' to map an address to a MemoryRegionSection. The flaw could occur while doing pci_dma_read/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw to crash the guest instance.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-8817, CVE-2015-8818
MD5 | 6b5cf9ea00df7a1a356bd5cb862ae6d5
HP Security Bulletin HPSBUX03665 2
Posted Nov 15, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03665 2 - Potential security vulnerabilities have been identified in the HP-UX Tomcat-based Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) and URL Redirection. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-3092, CVE-2016-5388
MD5 | 480052879d35670838aad2ad42cda60c
HP Security Bulletin HPSBGN03669 1
Posted Nov 15, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03669 1 - Potential vulnerabilities have been identified in HPE SiteScope. The vulnerabilities could be exploited to allow local elevation of privilege and exploited remotely to allow denial of service, arbitrary code execution, cross-site request forgery. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, local, vulnerability, code execution, csrf
advisories | CVE-2013-6429, CVE-2014-0050, CVE-2014-0107, CVE-2014-0114, CVE-2015-3253, CVE-2015-5652, CVE-2016-0763
MD5 | 9c99b97a183917775b0c0418b4194854
Red Hat Security Advisory 2016-2705-01
Posted Nov 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2705-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. The following packages have been upgraded to a newer upstream version: qemu-kvm-rhev. Security Fix: An out-of-bounds flaw was found in the QEMU emulator built using 'address_space_translate' to map an address to a MemoryRegionSection. The flaw could occur while doing pci_dma_read/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw to crash the guest instance.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-8817, CVE-2015-8818
MD5 | 32693d29fd227ca3355fabb7cb74ffcd
Red Hat Security Advisory 2016-2704-01
Posted Nov 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2704-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. The following packages have been upgraded to a newer upstream version: qemu-kvm-rhev. Security Fix: An out-of-bounds flaw was found in the QEMU emulator built using 'address_space_translate' to map an address to a MemoryRegionSection. The flaw could occur while doing pci_dma_read/write calls, resulting in an out-of-bounds read-write access error. A privileged user inside a guest could use this flaw to crash the guest instance.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-8817, CVE-2015-8818
MD5 | 2068075c31c55fa9b4638a7ed511ec45
Cybercrime Report Template
Posted Nov 15, 2016
Authored by Bart Blaze

This document is meant to be a general purpose cybercrime report template for victims.

tags | paper
MD5 | d8a13b10ba4375189813d0663478c87a
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close