Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-05-23

Red Hat Security Advisory 2017-1267-01
Posted May 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1267-01 - The rpcbind utility is a server that converts Remote Procedure Call program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. Security Fix: It was found that due to the way rpcbind uses libtirpc, a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer.

tags | advisory, remote, memory leak
systems | linux, redhat
advisories | CVE-2017-8779
MD5 | f12a37161d0be834040c1845b07d62f4
InvoicePlane 1.4.10 File Upload / Cross Site Scripting
Posted May 23, 2017
Authored by Jasveer Singh | Site sec-consult.com

InvoicePlane version 1.4.10 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
MD5 | 1373e25234204c3cbef3076b84706f7d
Simple ASC CMS 1.2 Cross Site Scripting
Posted May 23, 2017
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Simple ASC CMS version 1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2f942b0b3fc8bfc153790cbbb8d061f7
Microsoft Windows LoadUvsTable() / LoadFont() Overflows
Posted May 23, 2017
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. An error within the "LoadUvsTable()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. An integer overflow error within the "LoadFont()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. Successful exploitation of the vulnerabilities allows execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
systems | windows
advisories | CVE-2017-0014
MD5 | 9ea266579c96614001066291a5387054
KDE 4/5 KAuth Privilege Escalation
Posted May 23, 2017
Authored by stealth

KDE versions 4 and 5 suffer from a KAuth privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-8422, CVE-2017-8849
MD5 | 528f084d337783d989b2aea23435410c
HTTrack 3.x Stack Buffer Overflow
Posted May 23, 2017
Authored by Hosein Askari | Site vulnerability-lab.com

HTTrack version 3.x suffers from a stack buffer overflow vulnerability.

tags | exploit, overflow
MD5 | c337772f7a80c6173d423d424a64e546
WordPress Newsletter Supsystic 1.1.7 Cross Site Scripting
Posted May 23, 2017
Authored by King Coder | Site vulnerability-lab.com

WordPress Newsletter Supsystic plugin version 1.1.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6a107cc0deb0fa9a36d1f3c606c61921
Microsoft Azure Cloud Audit Using Powershell
Posted May 23, 2017
Authored by Parag Kamra

This brief whitepaper discusses using Powershell to audit Microsoft Azure Cloud.

tags | paper
MD5 | 562a9d145b27b96c4f8e9dd276fc0cbe
VX Search Enterprise GET Buffer Overflow
Posted May 23, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | d253f613c50ab1d748ea4f581c269908
Sure Thing Disc Labeler 6.2.138.0 Buffer Overflow
Posted May 23, 2017
Authored by Chance Johnson

Sure Thing Disc Labeler version 6.2.138.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 5393489e4342acdd7906ca6e07ce1082
Linux eBPF Verify Log Leak
Posted May 23, 2017
Authored by Google Security Research, jannh

On Linux, the eBPF verifier log leaks the lower half of a map pointer.

tags | advisory
systems | linux
MD5 | 4dc6117fdf8c57334009b5e438357d7d
MacOS Raw Frame Pointers In Stackshot
Posted May 23, 2017
Authored by Google Security Research, jannh

This is an issue on MacOS that allows un-entitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug.

tags | exploit, kernel, root
advisories | CVE-2017-2516
MD5 | 5681e6a07ccbf5cc21fde6f5e3fa61b7
LG OGMParser::VerifyVorbisHeader Uninitialized Pointer
Posted May 23, 2017
Authored by Google Security Research, Mark Brand

LG has an issue where a malformed OGM file can cause the use of an uninitialized pointer during Vorbis header verification - vorbis_info_clear is called on a vorbis_info structure that has not previously been initialised by a call to vorbis_info_init.

tags | exploit
MD5 | cc75081f5748ec93fe019a15eef25343
MacOS 32-Bit Syscall Exit Kernel Register Leak
Posted May 23, 2017
Authored by Google Security Research, jannh

MacOS suffers from a kernel register leak via 32-bit syscall exit.

tags | exploit, kernel
advisories | CVE-2017-2509
MD5 | 843234a6ae86bbe1332e22a54aaa96c1
Broadcom wldev_ioctl Information Leak
Posted May 23, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a host to dongle information leak via wldev_ioctl.

tags | advisory
advisories | CVE-2017-0633
MD5 | 4920ccd54f1c8e49e101f7bf4b8b956b
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close