This Metasploit module exploits a vulnerability found in Cisco Firepower Management Console. The management system contains a configuration flaw that allows the www user to execute the useradd binary, which can be abused to create backdoor accounts. Authentication is required to exploit this vulnerability.
98649baca4e20b64048f59a052bbbb1958604f2558f3e367647487756175a545During a summary code review of Ansible, Computest found and exploited several issues that allow a compromised host to execute commands on the Ansible controller and thus gain access to the other hosts controlled by that controller. Versions 2.1.4 and 2.2.1 are affected.
dad194656bd445e7bccee27069381669672bfa3d39f5a072bb73e2959b371a21This documented vulnerability allows a remote attacker to execute malicious code or access to a part of the dynamically allocated memory using a user interaction visiting a Web page or open a specially crafted SWF file, an attacker is able to create an "out of bound" memory corruption. A file with an "ActionRecord" structure that contains an invalid value in "ActionGetURL2" could lead to remote code execution in the context of the current user. Proof of concept code included.
a82caebb5c5fc9804ff5b2892d98866fc05cb593b2b4a76497466e64a24e0c5aMovie Portal Script version 7.35 suffers from a remote SQL injection vulnerability.
52b08327e77a927e5ac53d326fc5dbc373075fb528ef0690182fbea42833bc9aTravel Portal Script version 9.33 suffers from a remote SQL injection vulnerability.
99cc31218d222cbdc992e1810ebadeea3de4d29d11576521afdb7770f88895c3The SIMATIC CP 343-1 Advanced product allows configuration of the IKEv1 cipher suite configuration, which specifies the IKE and Encapsulating Security Payload (ESP) supported algorithms, with one cipher for each setting. It is evaluated that the configuration is not consistent with the supported ciphers that are eventually applied on the IPSec responder of the SIMATIC CP 343-1 Advanced. In fact, regardless of the selected choice for the ESP cipher, it is always possible for the IPSec client to propose, and successfully use, DES, 3DES, AES128 and AES256. This invalidates the potential desire to enforce a stronger cipher, as the client can always decide to use weaker. Siemens SIMATIC CP 343-1 Advanced tested with fw V3.0.44 is affected.
9250759f60c9b83870733f1e01826fa5ac1417d8f1d85e6505d03aeac9bf419cCobi Tools version 1.0.8 suffers from a malicious script insertion vulnerability that affects the client side application.
fa35b790b41ed7e117ea1ef7d553c02dd8194f56bef1f7f1f9a07c21a1f1d869Boxoft Wav version 1.1.0.0 suffers from a buffer overflow vulnerability.
774cfd268041e05549f9c0e26ca8b96934bfa8494c9c378e40ef9eeb9bccddf1Huawei Flybox B660 suffers from a cross site request forgery vulnerability.
1d27b6400e9564449202897321f4571ed881c4453df7121e74929b854e451c59Bit Defender's website suffered from an authentication token bypass vulnerability.
a7cb14a7774453e2f68dafc2102250ea89501557a432421b02392708cb44acb7Blackboard LMS version 9.1 SP14 suffers from a persistent cross site scripting vulnerability in the title functionality.
ff7b4351e36544404e85f4a95edf3f62644b7c829366cc0c64afc9876cf8f674Blackboard LMS version 9.1 SP14 suffers from a persistent cross site scripting vulnerability in the profile functionality.
c567dd338ab17b9303c4913ad57a8593e20abe52d5cc6429a7d1a782fea5c300Responsive File Manager version 9.11.0 suffers from a cross site scripting vulnerability.
7f7ce38cc78f93242a74a8859b055f73ca4783acbc3403a97eae45a277641f05Microsoft Windows 8.1 (x64) RBNOBJ integer overflow exploit leveraging the vulnerability noted in MS16-098.
606b9e6dba465c130e83c644bc12a43f60fda0e1656530691abb8389f7110bedMicrosoft Windows kernel win32k.sys NtSetWindowLongPtr privilege escalation exploit that leverages the vulnerability outlined in MS16-135.
0886e016e70846bd0cec9b33d83b2ba894773f4ecf6a24a7926f387fa80d665cProof of concept .mov that demonstrates a DecodeAdpcmImaQT buffer overflow vulnerability in VideoLAN VLC Media Player version 2.2.1.
b2140e78e2eafd68a1782f1756831e90e9f5982f5b995cfb92611c9d9ca12f6bFirejail suffers from a privilege escalation vulnerability.
c685e843415e63d8aeb7bb70240df4de17ccde2223dffc20dc2c1c6717219dfb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed