ignore security and it'll go away
Showing 1 - 25 of 27 RSS Feed

Files Date: 2017-02-01

LogicBoard CMS 3.0 / 4.0 / 4.1 Open Redirect
Posted Feb 1, 2017
Authored by Francisco Javier Santiago Vazquez

LogicBoard CMS versions 3.0, 4.0, and 4.1 suffer from an open redirection vulnerability.

tags | advisory
MD5 | f72982d51ddf9758feb3cd9289ebfd2a
QNAP NVR / NAS Overflows
Posted Feb 1, 2017
Authored by bashis

QNAP NVR and NAS devices suffer from multiple overflows. Various makes and models are affected. Full exploitation details provided.

tags | exploit, overflow
MD5 | 79e7e6a8b5a677547227e1b467b523a7
MailStore 10.0.1 Cross Site Scripting / Open Redirect
Posted Feb 1, 2017
Authored by Tobias Glemser | Site secuvera.de

MailStore versions 9.2 through 10.0.1 suffer from a cross site scripting vulnerability. Additionally, versions 9.0 through 10.0.1 suffer from an open redirection vulnerability.

tags | exploit, xss
MD5 | e2f7173205ec684e72bbf1b8c3de6ba2
HP Security Bulletin HPESBHF03700 1
Posted Feb 1, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03700 1 - A potential security vulnerability has been identified in iMC PLAT. The vulnerability could be exploited remotely resulting in disclosure of information or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2016-8525
MD5 | 233b865fb356aaeb1bf70244e0b56a69
Debian Security Advisory 3778-1
Posted Feb 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3778-1 - Michal Marek discovered that ruby-archive-tar-minitar, a Ruby library that provides the ability to deal with POSIX tar archive files, is prone to a directory traversal vulnerability. An attacker can take advantage of this flaw to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.

tags | advisory, arbitrary, ruby
systems | linux, debian, osx
advisories | CVE-2016-10173
MD5 | b910898d8052c81fee3aa14c5a0848f5
HP Security Bulletin HPESBGN03696 1
Posted Feb 1, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03696 1 - A potential security vulnerability has been identified in certain HPE Helion Eucalyptus services. The vulnerability allows a remote user to escalate privileges in Eucalyptus EC2, AutoScaling, CloudWatch, and Load Balancing services. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2016-8528
MD5 | cac099e5660ba5f4c8aa34190fe49f8b
Gentoo Linux Security Advisory 201702-01
Posted Feb 1, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201702-1 - Multiple vulnerabilities have been found in PCSC-Lite, the worst of which could lead to privilege escalation. Versions less than 1.8.20 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10109
MD5 | fb37608199f6ea34d7d1a4a419681584
Red Hat Security Advisory 2017-0225-01
Posted Feb 1, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0225-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Security Fix: Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2015-8870, CVE-2016-5652, CVE-2016-9533, CVE-2016-9534, CVE-2016-9535, CVE-2016-9536, CVE-2016-9537, CVE-2016-9540
MD5 | c65f25c00f5cbe395d29c754d859d5b7
POSNIC Unauthenticated Remote Code Execution
Posted Feb 1, 2017
Authored by Manish Tanwar

POSNIC versions prior to 1.03 suffer from a code execution vulnerability when set up to trust data from a compromised mysql instance.

tags | exploit, code execution
MD5 | d237daeb59142a52310c4201ceeaac15
Mobius Forensic Toolkit 0.5.27
Posted Feb 1, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: New extension lshw-agent. Various other improvements.
tags | tool, python, forensics
MD5 | c63bfb52c519dbb44c724037201f6ede
Cisco WebEx Chrome Extension Remote Command Execution
Posted Feb 1, 2017
Authored by Tavis Ormandy | Site metasploit.com

This Metasploit module exploits a vulnerability present in the Cisco WebEx Chrome Extension version 1.0.1 which allows an attacker to execute arbitrary commands on a system.

tags | exploit, arbitrary
systems | cisco
advisories | CVE-2017-3823
MD5 | ced9b1d7861a4400eae194631236378e
TrueOnline / ZyXEL P660HN-T v2 Router Authenticated Command Injection
Posted Feb 1, 2017
Authored by Pedro Ribeiro | Site metasploit.com

TrueOnline is a major ISP in Thailand, and it distributes a customized version of the ZyXEL P660HN-T v2 router. This customized version has an authenticated command injection vulnerability in the remote log forwarding page. This can be exploited using the "supervisor" account that comes with a default password on the device. This Metasploit module was tested in an emulated environment, as the author doesn't have access to the Thai router any more. Any feedback should be sent directly to the module's author, as well as to the Metasploit project. Note that the inline payloads work best. There are Turkish and other language strings in the firmware, so it is likely that this firmware is not only distributed in Thailand. Other P660HN-T v2 in other countries might be vulnerable too.

tags | exploit, remote
MD5 | 5144d45c548229d7ab14cb1798aacdb3
TrueOnline / Billion 5200W-T Router Unauthenticated Command Injection
Posted Feb 1, 2017
Authored by Pedro Ribeiro | Site metasploit.com

TrueOnline is a major ISP in Thailand, and it distributes a customized version of the Billion 5200W-T router. This customized version has at least two command injection vulnerabilities, one authenticated and one unauthenticated, on different firmware versions. This Metasploit module will attempt to exploit the unauthenticated injection first, and if that fails, it will attempt to exploit the authenticated injection. This Metasploit module was tested in an emulated environment, as the author doesn't have access to the Thai router any more. Any feedback should be sent directly to the module's author, as well as to the Metasploit project. There are other language strings in the firmware, so it is likely that this firmware is not only distributed in Thailand. Other Billion 5200W-T in other countries might be vulnerable too.

tags | exploit, vulnerability
MD5 | a23cc92232428177c4f3ec4f89a7822d
TrueOnline / ZyXEL P660HN-T v1 Router Unauthenticated Command Injection
Posted Feb 1, 2017
Authored by Pedro Ribeiro | Site metasploit.com

TrueOnline is a major ISP in Thailand, and it distributes a customised version of the ZyXEL P660HN-T v1 router. This customised version has an unauthenticated command injection vulnerability in the remote log forwarding page. This Metasploit module was tested in an emulated environment, as the author doesn't have access to the Thai router any more. Any feedback should be sent directly to the module's author, as well as to the Metasploit project. There are other language strings in the firmware, so it is likely that this firmware is not only distributed in Thailand. Other P660HN-T v1 in other countries might be vulnerable too.

tags | exploit, remote
MD5 | dd4213c7e16f8b71eda3aa6be42156f4
Packet Storm New Exploits For January, 2017
Posted Feb 1, 2017
Authored by Todd J. | Site packetstormsecurity.com

This archive contains 229 exploits that were added to Packet Storm in January, 2017.

tags | exploit
MD5 | 77208c271a53f9f4560bcf46374ded6c
Apple WebKit HTMLFormElement::reset() Use-After-Free
Posted Feb 1, 2017
Authored by Google Security Research, ifratric

Apple WebKit suffers from a use-after-free vulnerability in HTMLFormElement::reset().

tags | exploit
systems | apple
advisories | CVE-2017-2362
MD5 | 04e51a4dfe000c117e1d07687727a729
Apple WebKit Renderbox Type Confusion
Posted Feb 1, 2017
Authored by Google Security Research, ifratric

Apple WebKit suffers from a type confusion vulnerability in RenderBox with accessibility enabled.

tags | exploit
systems | apple
advisories | CVE-2017-2373
MD5 | a57fc3cd871934c52280d9d31b4ac50e
Apple WebKit HTMLKeygenElement Type Confusion
Posted Feb 1, 2017
Authored by Google Security Research, ifratric

Apple WebKit suffers from a HTMLKeygenElement type confusion vulnerability.

tags | exploit
systems | apple
advisories | CVE-2017-2369
MD5 | b2b371f7a519cba0903b3c27c4de13bf
Google Chrome HTMLKeygenElement::shadowSelect() Type Confusion
Posted Feb 1, 2017
Authored by Google Security Research, ifratric

Google Chrome suffers from a HTMLKeygenElement::shadowSelect() type confusion vulnerability.

tags | exploit
MD5 | 168b1b09fd69496535d413637d17166c
Android RKP Information Disclosure
Posted Feb 1, 2017
Authored by Google Security Research, laginimaineb

Android suffers from an RKP information disclosure vulnerability via s2-remapping physical ranges.

tags | exploit, info disclosure
MD5 | c8886b34542d30541c79aec54288d716
Stegano 0.6.3
Posted Feb 1, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Support for transparent PNG images has been added (lsb and lsbset modules).
tags | tool, encryption, steganography, python
systems | unix
MD5 | edf049af0de135b84632221dc5a4bd43
Android RKP EL1 Code Loading Bypass
Posted Feb 1, 2017
Authored by Google Security Research, laginimaineb

Android suffers from an RKP EL1 code loading bypass vulnerability.

tags | exploit, bypass
MD5 | 12f85e60ce1fd1b4a0ca4dd9425daf90
Android RKP Privilege Escalation
Posted Feb 1, 2017
Authored by Google Security Research, laginimaineb

Android suffers from an RKP privilege escalation via unprotected MSRs in EL1 to memory management control registers.

tags | exploit
MD5 | 7c5c704e2dc2291ce6737a7129cef42a
Packet Fence 6.5.0
Posted Feb 1, 2017
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Adding OAuth defaults for dns_filter for inline and dnsenforcement techniques. Updated translations. Various other updates.
tags | tool, remote
systems | unix
MD5 | 0563fbc0b849e320425d3905e18cc498
Android cfp_ropp_new_key_reenc / cfp_ropp_new_key RKP Memory Corruption
Posted Feb 1, 2017
Authored by Google Security Research, laginimaineb

Android suffers from an RKP memory corruption vulnerability in "cfp_ropp_new_key_reenc" and "cfp_ropp_new_key".

tags | exploit
MD5 | 1c5fc932f500fcdccdd9d0e9cbcbfaa3
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close