exploit the possibilities
Showing 1 - 25 of 27 RSS Feed

Files Date: 2017-05-17

Dup Scout Enterprise 9.5.14 Buffer Overflow
Posted May 17, 2017
Authored by Daniel Teixeira, Victor Portal Gonzalez | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Dup Scout Enterprise v9.5.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows
SHA-256 | 46f09d2f260a4c795547b4cce19e1ae4b6b57750101f9224839a951a9912fc72
Slackware Security Advisory - kdelibs Updates
Posted May 17, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kdelibs packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-8422
SHA-256 | e3d0280e7fe50b6079f3099a89014076b13b7fc7c1d0fb595e3667c25d2a70d6
PingID MFA Cross Site Scripting
Posted May 17, 2017
Authored by Stephan Sekula

PingID MFA suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 57db2d857b67db2cb5f666a09adf045cea62b437c8e44e89fed65992fb15d053
Serviio Media Server checkStreamUrl Command Execution
Posted May 17, 2017
Authored by LiquidWorm, Brendan Coles | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service (on port 23423 by default) exposes a REST API which which does not require authentication. The 'action' API endpoint does not sufficiently sanitize user-supplied data in the 'VIDEO' parameter of the 'checkStreamUrl' method. This parameter is used in a call to cmd.exe resulting in execution of arbitrary commands. This Metasploit module has been tested successfully on Serviio Media Server versions 1.4.0, 1.5.0, 1.6.0 and 1.8.0 on Windows 7.

tags | exploit, remote, arbitrary
systems | windows
advisories | OSVDB-41961
SHA-256 | ff2a44ff2877548d39a81f51946f0588cc16648df0f3bb46c2698ef963da2850
MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption
Posted May 17, 2017
Authored by Sean Dillon, Shadow Brokers, Dylan Davis, Equation Group | Site metasploit.com

This Metasploit module is a port of the Equation Group ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers. There is a buffer overflow memmove operation in Srv!SrvOs2FeaToNt. The size is calculated in Srv!SrvOs2FeaListSizeToNt, with mathematical error where a DWORD is subtracted into a WORD. The kernel pool is groomed so that overflow is well laid-out to overwrite an SMBv1 buffer. Actual RIP hijack is later completed in srvnet!SrvNetWskReceiveComplete. This exploit, like the original may not trigger 100% of the time, and should be run continuously until triggered. It seems like the pool will get hot streaks and need a cool down period before the shells rain in again.

tags | exploit, overflow, shell, kernel
advisories | CVE-2017-0143, CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, CVE-2017-0147, CVE-2017-0148
SHA-256 | fcd672e1db61c5667abd4ad7d59c77b0f8210801d49bddeb68652ed4c77084d2
WordPress PHPMailer Host Header Command Injection
Posted May 17, 2017
Authored by Dawid Golunski, wvu | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in WordPress version 4.6 with Exim as an MTA via a spoofed Host header to PHPMailer, a mail-sending library that is bundled with WordPress. A valid WordPress username is required to exploit the vulnerability. Additionally, due to the altered Host header, exploitation is limited to the default virtual host, assuming the header isn't mangled in transit. If the target is running Apache 2.2.32 or 2.4.24 and later, the server may have HttpProtocolOptions set to Strict, preventing a Host header containing parens from passing through, making exploitation unlikely.

tags | exploit, spoof
advisories | CVE-2016-10033
SHA-256 | 928eb6125df4b025be7b68270b411eb5dfb58e8b71a32b25b6ed380ce5e0f241
BuilderEngine Arbitrary File Upload / Execution
Posted May 17, 2017
Authored by Marco Rivoli, metanubix | Site metasploit.com

This Metasploit module exploits a vulnerability found in BuilderEngine 3.5.0 via elFinder 2.0. The jquery-file-upload plugin can be abused to upload a malicious file, which would result in arbitrary remote code execution under the context of the web server.

tags | exploit, remote, web, arbitrary, code execution
SHA-256 | 5ba5bb643f31ecc62484733644b0696342aaba16644737ef5bd5784d1a739d0d
Stegano 0.8.1
Posted May 17, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: It is now possible to specify the encoding (UTF-8 or UTF-32LE) of the message to hide/reveal through the command line. Various other updates.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | 5b6a243272b132eff48a91adcc2a4763fbe145810713d6f17a8d7b553d7189d5
Adobe Flash TextField Out-Of-Bounds Read
Posted May 17, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds read vulnerability in getting TextField width.

tags | exploit
advisories | CVE-2017-3064
SHA-256 | 9df26844062fc2ace52e85740d4fa13061df58424c3ec92399e04d0ada74a245
Adobe Flash Margin Handling Heap Corruption
Posted May 17, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from a heap corruption vulnerability in the margin handling.

tags | exploit
advisories | CVE-2017-3061
SHA-256 | 19f24cf279fd2e72d032220c5d8428c8270508c3c25f9006996eac40ba0cc4ad
Adobe Flash AVC Deblocking Out-Of-Bounds Read
Posted May 17, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an out-of-bounds read in AVC deblocking.

tags | exploit
advisories | CVE-2017-3068
SHA-256 | 750594de5f9554b1eb4832b7745301c0ab665475c1dbefff2c225998feca6426
Kernel Live Patch Security Notice LSN-0022-1
Posted May 17, 2017
Authored by Benjamin M. Romer

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges.

tags | advisory, denial of service, kernel, local
systems | linux
advisories | CVE-2016-7097, CVE-2017-7374
SHA-256 | bcd1da354e95152a1d55d4594bee07001348114c492bc49628b78a071250ded3
Ubuntu Security Notice USN-3293-1
Posted May 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3293-1 - Dmitry Vyukov discovered that KVM implementation in the Linux kernel improperly emulated the VMXON instruction. A local attacker in a guest OS could use this to cause a denial of service in the host OS. Dmitry Vyukov discovered that the generic SCSI subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to an sg device could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-2596, CVE-2017-7187, CVE-2017-7261, CVE-2017-7294, CVE-2017-7477, CVE-2017-7616
SHA-256 | 28157ece7b6c36fc871846f3ef26802654c9896b6d03a1845e875c1ba8ff42c5
Ubuntu Security Notice USN-3292-2
Posted May 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3292-2 - USN-3292-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. Jason Donenfeld discovered a heap overflow in the MACsec module in the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2017-7477
SHA-256 | c70c25536e78eb1d5e5730eb6cfcbdfa1a826986f0778fd2b9aafa9670420171
Ubuntu Security Notice USN-3292-1
Posted May 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3292-1 - Jason Donenfeld discovered a heap overflow in the MACsec module in the Linux kernel. An attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2017-7477
SHA-256 | 15becdcfe59fab923e4f0382140bc6a53bdcc9af8157e9c595c1154313cb3a28
Ubuntu Security Notice USN-3291-1
Posted May 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3291-1 - Dmitry Vyukov discovered that the generic SCSI subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to an sg device could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a NULL pointer dereference existed in the Direct Rendering Manager driver for VMWare devices in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7187, CVE-2017-7261, CVE-2017-7294, CVE-2017-7616
SHA-256 | 05f516d2c78087b37f79d5897941e0baeb1fa7d78c58cbca2ed7c06448fd6d02
Ubuntu Security Notice USN-3276-2
Posted May 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3276-2 - USN-3276-1 intended to fix a vulnerability in su. The solution introduced a regression in su signal handling. This update modifies the security fix. Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. Various other issues were also addressed.

tags | advisory, overflow, local
systems | linux, ubuntu
advisories | CVE-2016-6252, CVE-2017-2616
SHA-256 | 196b09de8d68cc19eac4858a35f520d013c4a0d8bb8846854e50d6a4d29138bd
Ubuntu Security Notice USN-3290-1
Posted May 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3290-1 - Marco Grassi discovered that the TCP implementation in the Linux kernel mishandles socket buffer truncation. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp
systems | linux, ubuntu
advisories | CVE-2016-8645
SHA-256 | 563dfece3f8a1381536c36b79fbc4030397cf159f54546dca4e75ff220374ea6
Ubuntu Security Notice USN-3278-1
Posted May 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3278-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code. Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to spoof the addressbar contents, conduct cross-site scripting attacks, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, xss
systems | linux, ubuntu
advisories | CVE-2017-10195, CVE-2017-10196, CVE-2017-10197, CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5449, CVE-2017-5451, CVE-2017-5454, CVE-2017-5459, CVE-2017-5460, CVE-2017-5461, CVE-2017-5462
SHA-256 | 5918077f633274f279ab87c4b055ad1b8af6e26633eab66e02241fb795da1fa5
Trend Micro Interscan Web Security Virtual Appliance (IWSVA) 6.5 SP2 XSS / Disclosure
Posted May 17, 2017
Authored by SlidingWindow

Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5 SP2 suffers from faulty access controls, stored cross site scripting, and information disclosure vulnerabilities

tags | exploit, web, vulnerability, xss, info disclosure
advisories | CVE-2017-6338, CVE-2017-6339, CVE-2017-6340
SHA-256 | 637d47762288a065abb2a7389848251703d887b374e4c7cdadcc2d3c44a2c27a
Sophos Web Appliance 4.3.1.1 Session Fixation
Posted May 17, 2017
Authored by SlidingWindow

Sophos Web Appliance version 4.3.1.1 suffers from a session fixation vulnerability.

tags | exploit, web
advisories | CVE-2017-6412
SHA-256 | 50104c16e61bf331cca13385710e48feaf4c03fa10d141d75f89fe85b2673a48
LabF nfsAxe FTP Client 3.7 Buffer Overflow
Posted May 17, 2017
Authored by Tulpa

LabF nfsAxe ftp client version 3.7 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 21172dda65256d99b65a588422dfc1ba3443d59700c3ea4bf4852e4d14c2b0ed
Mozilla Firefox 55 Denial Of Service
Posted May 17, 2017
Authored by Brian Carpenter

Mozilla Firefox versions 50 through 55 suffer from a stack overflow denial of service vulnerability.

tags | exploit, denial of service, overflow
SHA-256 | 496d3fe6b582ccad08cca37270b28de1e1f2b55543965b032b3071d9d8886ead
WordPress EELV Newsletter 4.5 XSS / CSRF
Posted May 17, 2017
Authored by Vulnerability Laboratory, King Coder | Site vulnerability-lab.com

WordPress EELV Newsletter plugin version 4.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | ed9b4741ae9c7e9e168aa3084dcca418fd46cf5c966e1c17db39872a293fafb0
MikroTik RouterBoard 6.38.5 Denial Of Service
Posted May 17, 2017
Authored by Vulnerability Laboratory, Hosein Askari | Site vulnerability-lab.com

MikroTik RouterBoard version 6.38.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 4001fd282fffed16b5ad785b1d53ac73fab845e9ac37ffcfc5b516d70d7d657e
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close