what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-11-18

Teradata Virtual Machine Community Edition 15.0 Insecure File Creation
Posted Nov 18, 2016
Authored by Larry W. Cashdollar

Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure creation of files in /tmp that may lead to elevated code execution.

tags | exploit, code execution
advisories | CVE-2016-7489
SHA-256 | e691a1d0946b6dec697dabedfd9fbb69365159048c57b7f3860a30cc91f0e9aa
FUDforum 3.0.6 Local File Inclusion
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

FUDforum version 3.0.6 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | bcd00c03ce8a9755bd546700f2fbc239b3aafb0185c943844ef047327e5cf4ea
Jaws 1.1.1 Open Redirect / Object Injection / Cookie Flags
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Jaws version 1.1.1 suffers from object injection, open redirection, and cookie flag related vulnerabilities.

tags | exploit, vulnerability
SHA-256 | cb9a3ba5d344303ff237151422a740234563518e4eddcbcf33f01bd3c1edc233
FUDforum 3.0.6 Cross Site Request Forgery / Cross Site Scripting
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

FUDforum version 3.0.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 55e60a064182f3909e91b5e12b09cee0d522257682b5ec51178c366ce49b06dc
Jaws 1.1.1 Code Execution
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Jaws version 1.1.1 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
SHA-256 | f1ac8e059024b6d543654b98ea962126a4712333b7af780c3dab82cf9a059f7a
Lepton 2.2.2 Stable Shell Upload
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Lepton version 2.2.2 Stable suffers from a remote code execution vulnerability via a remote shell upload.

tags | exploit, remote, shell, code execution
SHA-256 | 8663af49ec6d8452bc4632a183607bae585d36a51bed1d527eeed84afed70485
Lepton 2.2.2 Stable CSRF / Open Redirect / Password Handling
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Lepton version 2.2.2 Stable suffers from password handling, insecure bruteforce protection, cross site request forgery, and open redirection vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | df1f3345f2e86eee1b373326e540a9ee8f1abfcff075fd6b3f8e424a50bd8910
Lepton 2.2.2 Stable SQL Injection
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Lepton version 2.2.2 Stable suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 95850d5028036da80ebf188fdc254367da972342753ef2bb43fdd5faf279746f
MoinMoin 1.9.8 Cross Site Scripting
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

MoinMoin version 1.9.8 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-7146, CVE-2016-7148
SHA-256 | 807d401e79d629f871dda62fa80f8ff1b98894e57637524b21c3634e05083794
MyLittleForum 2.3.6.1 Cross Site Request Forgery
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

MyLittleForum version 2.3.6.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 7fe46d44b9d07b2f2790059197fa1a0d5965fe71fb59e18ac8eed67a4aad2ab4
Mezzanine 4.2.0 Cross Site Scripting
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Mezzanine version 4.2.0 suffers from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 07691273ae2e982a02c69e586d9a93bce699ef7d4503063d38ea4e7ae5e7707e
SPIP 3.1 Cross Site Scripting / Header Injection
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

SPIP version 3.1 suffers from head injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 394b3d785040fd809c2f73dd314d77d88779b3b4ac9853ba82bee47980e9b796
MyLittleForum 2.3.6.1 XSS / Path Overwrite
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

MyLittleForum version 2.3.6.1 suffers from path overwrite and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | fbfa8336328d916623ab45c704db7f5e26dba888f35f477ccd5cf6f293848f19
Bro Network Security Monitor 2.5
Posted Nov 18, 2016
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Bro now requires a compiler with C++11 support for building the source code. Bro now requires Python instead of Perl to compile the source code. When enabling Broker (which is disabled by default), Bro now requires version 0.14 of the C++ Actor Framework. New SMB analyzer added. Inclusion of multiple frameworks has been added. Multiple other additions and improvements.
tags | tool, intrusion detection
systems | unix
SHA-256 | 1502a290d3663fa67a44ff6c1c8e8e9434b8ae5e76be5c2a02b06a0e391dc080
PowerShellEmpire Arbitrary File Upload (Skywalker)
Posted Nov 18, 2016
Authored by Spencer McIntyre, Erik Daguerre | Site metasploit.com

A vulnerability existed in the PowerShellEmpire server prior to commit f030cf62 which would allow an arbitrary file to be written to an attacker controlled location with the permissions of the Empire server. This exploit will write the payload to /tmp/ directory followed by a cron.d file to execute the payload.

tags | exploit, arbitrary
SHA-256 | 36491dd12b6c42a1f65d906a4cbc99b3799866ff52ce18af79b2b9c27d2497d6
Microsoft Edge FillFromPrototypes Type Confusion
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

JavascriptArray::FillFromPrototypes is a method that is used by several Javascript functions available in the browser to set the native elements of an array to the values provide by its prototype. This function calls JavascriptArray::ForEachOwnMissingArrayIndexOfObject with the prototype of the object as a parameter, and if the prototype of the object is an array, it assumes that it is a Var array. While arrays are generally converted to var arrays if they are set as an object's prototype, if an object's prototype is a Proxy object, it can return a parent prototype that is a native int array. This can lead to type confusing, allowing an integer to be treated as an absolute pointer, when JavascriptArray::FillFromPrototypes is called.

tags | exploit, javascript
advisories | CVE-2016-7201
SHA-256 | 101dc4b8ff4f7d1e144aeed9b089ca5fedd08e6c84b3be506d775adb205e3772
Microsoft Edge Array.splice Heap Overflow
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

There is a heap overflow in Array.splice in Chakra. When an array is spliced, and overflow check is performed, but ArraySpeciesCreate, which can execute code and alter the array is called after this. This can allow an Array with boundaries that cause integer overflows to be spliced, leading to heap overflows in several situations.

tags | exploit, overflow
advisories | CVE-2016-7203
SHA-256 | 6a5819407b1a08e3e5fb1fe3572513e26e584b6fd29bae8efb15d284321b36d2
Microsoft Edge Array.reverse Overflow
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

There is an overflow when reversing arrays in Chakra. On line 5112 of JavascriptArray::EntryReverse, the length of the array is fetched and stored. It is then passed as a parameter into JavascriptArray::ReverseHelper, which then calls FillFromPrototypes, which can change the size of the array.

tags | exploit, overflow
SHA-256 | 51efc1a7f671ca4ab3f0714c3f5a4fe110049441aaaf858fda262b78d884d718
Microsoft Edge Array.filter Information Leak
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

There is an info leak in Array.filter. In Chakra, the destination array that arrays are filtered into is initialized using ArraySpeciesCreate, which can create both native and variable arrays. However, the loop that calls the filter function assumes that the destination array is a variable array, and sets each value using DirectSetItemAt, which is unsafe, and can lead to a var pointer being written to an integer array.

tags | exploit
advisories | CVE-2016-7200
SHA-256 | b151790aef488a9024d8165bd0cf284b8a3f10045d03d24b0017ec0d7a8eab30
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close