what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-04-24

Microsoft Office Word Malicious Hta Execution
Posted Apr 24, 2017
Authored by Haifei Li, Didier Stevens, sinn3r, Nixawk, ryHanson, vysec, wdormann | Site metasploit.com

This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how an olelink object can make a http(s) request, and execute hta code in response. This bug was originally seen being exploited in the wild starting in Oct 2016. This Metasploit module was created by reversing a public malware sample.

tags | exploit, web, code execution
advisories | CVE-2017-0199
SHA-256 | 7e6b9ea3c2f7098466493a6d04a3625fe49a4a591628f01dcefb67c6615f8b03
Solarwinds LEM 6.3.1 Hardcoded Credentials
Posted Apr 24, 2017
Authored by Matthew Bergin | Site korelogic.com

The Postgres database on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 has default hardcoded credentials. While some security measures were taken to ensure that network connectivity to the Postgres database wouldn't be possible using IPv4, the same measures were not taken for IPv6.

tags | exploit
SHA-256 | ad169956f0f3396698d40c18a3a0e55793e890d9d218704c030183521609a602
Solarwinds LEM 6.3.1 Management Shell Arbitrary File Read
Posted Apr 24, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file system into the editor. An attacker can abuse this to read arbitrary files within the allowed permissions.

tags | exploit, arbitrary, shell, local
SHA-256 | 2a881d9217c48b1606ec88d0bb0823e2e6d7359165db582cfbbd90943ae24f0e
Solarwinds LEM 6.3.1 Shell Escape Command Injection
Posted Apr 24, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

Insufficient input validation in the management interface can be leveraged in order to execute arbitrary commands. This can lead to (root) shell access to the underlying operating system on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.

tags | exploit, arbitrary, shell, root
SHA-256 | fe9867b691ca5367a9f8e75d21f16e8f3d6804f2ad561bedd0abd524a2546349
Solarwinds LEM 6.3.1 Sudo Script Abuse Privilege Escalation
Posted Apr 24, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

An attacker can abuse functionality provided by a script which may be run with root privilege in order to elevate privilege on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.

tags | exploit, root
SHA-256 | 541cc742cf8744931b966ccfc14ec82005cd85e4a6e1bff7ce5f93c7ba245576
Solarwinds LEM 6.3.1 Sudo Privilege Escalation
Posted Apr 24, 2017
Authored by Hank Leininger, Matthew Bergin | Site korelogic.com

Due to lax filesystem permissions, an attacker can take control of a hardcoded sudo path in order to execute commands as a privileged user on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1.

tags | exploit
SHA-256 | 3f138413d3ee07b7fb98c0ec9430dcebbf62f40cd8ffb3fa592f0455512444f9
Slackware Security Advisory - proftpd Updates
Posted Apr 24, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-7418
SHA-256 | 4dc0c7f616e5a08691f41b50024d5cde24ec3fc8bee6bd91a0d897bf20523bab
Slackware Security Advisory - ntp Updates
Posted Apr 24, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-9042, CVE-2017-6451, CVE-2017-6452, CVE-2017-6455, CVE-2017-6458, CVE-2017-6459, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464
SHA-256 | 8ebef10dc26715edf05044fa1397cb02c9aaa68b0b15d9b0882c1f4e80053a4a
Slackware Security Advisory - mozilla-firefox Updates
Posted Apr 24, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 to fix security and stability issues.

tags | advisory
systems | linux, slackware
SHA-256 | 2a732aa4a2ed6b992aaa7d7b95620a3bc6749f1b0ba8f4a80225c274701c4d46
Microsoft Windows Dolby Audio X2 Service Privilege Escalation
Posted Apr 24, 2017
Authored by Google Security Research, forshaw

The DAX2API service installed as part of the Realtek Audio Driver on Windows 10 is vulnerable to a privilege escalation vulnerability which allows a normal user to get arbitrary system privileges.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2017-7293
SHA-256 | 648ba1e2f3e829a53ac3a224f73958fcb62fd2097a728a0530b0740b66b425dc
Disk Sorter Enterprise 9.5.12 GET Buffer Overflow
Posted Apr 24, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Disk Sorter Enterprise version 9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows
SHA-256 | 866e21d79501ea487d559431b3368082a2de3dd683255e5247782c95b4d89bdd
WePresent WiPG-1000 Command Injection
Posted Apr 24, 2017
Authored by Matthias Brun | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in an undocumented CGI file in several versions of the WePresent WiPG-1000 devices. Version 2.0.0.7 was confirmed vulnerable, 2.2.3.0 patched this vulnerability.

tags | exploit, cgi
SHA-256 | fdde35982e5ae8f4f3cfc494b6eb51af6b81f5d276ee9db4ad67d0db0267baf2
Red Hat Security Advisory 2017-1119-01
Posted Apr 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1119-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 151. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2017-3509, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
SHA-256 | 8033dc25cd5c092a94214c33b3def6150039e9911ab2e1d9863ae8c3e1b8755e
Red Hat Security Advisory 2017-1117-01
Posted Apr 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1117-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 131. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
SHA-256 | dda9c2f8caefd595e4c56cbc4ad839f73919c439cdcce475c7dcabd9d6a1ccff
Red Hat Security Advisory 2017-1118-01
Posted Apr 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1118-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 141. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
SHA-256 | 01ab25f8082a2a3af9b96248e029bdfd55d2e3b74b4bfeebbb3567c2cbb08be5
Gnome Keyring Daemon Credential Disclosure
Posted Apr 24, 2017
Authored by Luca Ercoli | Site lucaercoli.it

The gnome-keyring-daemon is vulnerable to local credential disclosure as it leaves credentials accessible in memory.

tags | exploit, local, info disclosure
SHA-256 | 6697cd1cd04eb6ae92213c8cfaf4b457d5ddee242e09603a1e96f9336687274c
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close