Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-11-18

Teradata Virtual Machine Community Edition 15.0 Insecure File Creation
Posted Nov 18, 2016
Authored by Larry W. Cashdollar

Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure creation of files in /tmp that may lead to elevated code execution.

tags | exploit, code execution
advisories | CVE-2016-7489
MD5 | 858a0a8230038643938ef1ce1d6b7ec6
FUDforum 3.0.6 Local File Inclusion
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

FUDforum version 3.0.6 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | db24a30d7761e6bb6bb533ee10239b16
Jaws 1.1.1 Open Redirect / Object Injection / Cookie Flags
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Jaws version 1.1.1 suffers from object injection, open redirection, and cookie flag related vulnerabilities.

tags | exploit, vulnerability
MD5 | d34c43ace9a5f5f0406383082bba3f09
FUDforum 3.0.6 Cross Site Request Forgery / Cross Site Scripting
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

FUDforum version 3.0.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 69f014635b335940322fbdfc8fe76d9d
Jaws 1.1.1 Code Execution
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Jaws version 1.1.1 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
MD5 | 564d9baa8d96a6ee13f1a5c91e7cbe36
Lepton 2.2.2 Stable Shell Upload
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Lepton version 2.2.2 Stable suffers from a remote code execution vulnerability via a remote shell upload.

tags | exploit, remote, shell, code execution
MD5 | cc626c53950ccf8268538ae70d9b1785
Lepton 2.2.2 Stable CSRF / Open Redirect / Password Handling
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Lepton version 2.2.2 Stable suffers from password handling, insecure bruteforce protection, cross site request forgery, and open redirection vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 0a8117073acfb0f9cdb45bb268c7359a
Lepton 2.2.2 Stable SQL Injection
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Lepton version 2.2.2 Stable suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 345ee999ef49f7b3a31b8f0c91ac5b1c
MoinMoin 1.9.8 Cross Site Scripting
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

MoinMoin version 1.9.8 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-7146, CVE-2016-7148
MD5 | dd721622ee3d415a27f0420ff46f39db
MyLittleForum 2.3.6.1 Cross Site Request Forgery
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

MyLittleForum version 2.3.6.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 596a1a1d2a90028b287b76661f64639e
Mezzanine 4.2.0 Cross Site Scripting
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

Mezzanine version 4.2.0 suffers from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 5d59ec21351d723dae98438bf380e0f0
SPIP 3.1 Cross Site Scripting / Header Injection
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

SPIP version 3.1 suffers from head injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | be3e1af0bd82a66a898d6c20a78e7286
MyLittleForum 2.3.6.1 XSS / Path Overwrite
Posted Nov 18, 2016
Authored by Tim Coen | Site curesec.com

MyLittleForum version 2.3.6.1 suffers from path overwrite and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | c3dc442f099e6f3a56a5ec7b4863b31c
Bro Network Security Monitor 2.5
Posted Nov 18, 2016
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Bro now requires a compiler with C++11 support for building the source code. Bro now requires Python instead of Perl to compile the source code. When enabling Broker (which is disabled by default), Bro now requires version 0.14 of the C++ Actor Framework. New SMB analyzer added. Inclusion of multiple frameworks has been added. Multiple other additions and improvements.
tags | tool, intrusion detection
systems | unix
MD5 | 729883ae9196faafd49fed6e5fad53fe
PowerShellEmpire Arbitrary File Upload (Skywalker)
Posted Nov 18, 2016
Authored by Spencer McIntyre, Erik Daguerre | Site metasploit.com

A vulnerability existed in the PowerShellEmpire server prior to commit f030cf62 which would allow an arbitrary file to be written to an attacker controlled location with the permissions of the Empire server. This exploit will write the payload to /tmp/ directory followed by a cron.d file to execute the payload.

tags | exploit, arbitrary
MD5 | 6dd255ac3b4ace7f8e1264d54a7d922b
Microsoft Edge FillFromPrototypes Type Confusion
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

JavascriptArray::FillFromPrototypes is a method that is used by several Javascript functions available in the browser to set the native elements of an array to the values provide by its prototype. This function calls JavascriptArray::ForEachOwnMissingArrayIndexOfObject with the prototype of the object as a parameter, and if the prototype of the object is an array, it assumes that it is a Var array. While arrays are generally converted to var arrays if they are set as an object's prototype, if an object's prototype is a Proxy object, it can return a parent prototype that is a native int array. This can lead to type confusing, allowing an integer to be treated as an absolute pointer, when JavascriptArray::FillFromPrototypes is called.

tags | exploit, javascript
advisories | CVE-2016-7201
MD5 | b19c83ae2ea66b65599361a571b8fa62
Microsoft Edge Array.splice Heap Overflow
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

There is a heap overflow in Array.splice in Chakra. When an array is spliced, and overflow check is performed, but ArraySpeciesCreate, which can execute code and alter the array is called after this. This can allow an Array with boundaries that cause integer overflows to be spliced, leading to heap overflows in several situations.

tags | exploit, overflow
advisories | CVE-2016-7203
MD5 | 2b0a7cdc0447e687b7cec1b0daabf2b7
Microsoft Edge Array.reverse Overflow
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

There is an overflow when reversing arrays in Chakra. On line 5112 of JavascriptArray::EntryReverse, the length of the array is fetched and stored. It is then passed as a parameter into JavascriptArray::ReverseHelper, which then calls FillFromPrototypes, which can change the size of the array.

tags | exploit, overflow
MD5 | f2c225d012a2a129ecb7dc8108d43a51
Microsoft Edge Array.filter Information Leak
Posted Nov 18, 2016
Authored by Google Security Research, natashenka

There is an info leak in Array.filter. In Chakra, the destination array that arrays are filtered into is initialized using ArraySpeciesCreate, which can create both native and variable arrays. However, the loop that calls the filter function assumes that the destination array is a variable array, and sets each value using DirectSetItemAt, which is unsafe, and can lead to a var pointer being written to an integer array.

tags | exploit
advisories | CVE-2016-7200
MD5 | e03e02f8e9916146fcd8f55f00588e95
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close