Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-05-31

Packet Storm New Exploits For May, 2017
Posted May 31, 2017
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 193 exploits added to Packet Storm in May, 2017.

tags | exploit
MD5 | 77068dced32a31098f24dfb6539c1ead
Ubuntu Security Notice USN-3305-1
Posted May 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3305-1 - It was discovered that the NVIDIA graphics drivers contained flaws in the kernel mode layer. A local attacker could use these issues to cause a denial of service or potentially escalate their privileges on the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0350, CVE-2017-0351, CVE-2017-0352
MD5 | 86c30f0580cd7c439b68a225c2ba0469
Red Hat Security Advisory 2017-1367-01
Posted May 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1367-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time, however if an attacker were able to man-in-the-middle an administrator while installing the new certificate the attacker could get a copy of the private key uploaded allowing for future attacks.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2016-4457, CVE-2017-2639
MD5 | 2cc36a54f3b8776f87f8d5727094be06
Piwigo Facetag 0.0.3 SQL Injection
Posted May 31, 2017
Authored by Touhid M.Shaikh

Piwigo Facetag plugin version 0.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 265f571ac1465bf00b85cfdccc57cffc
Falco 0.7.0
Posted May 31, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Update the priorities of falco rules to use a wider range of priorities rather than just ERROR/WARNING. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
MD5 | edd8b765f608c7a2e923e6a99b4a7e69
OV3 Online Administration 3.0 SQL Injection
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from multiple unauthenticated remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | b45182a216390d5400da665f979cc9ad
OV3 Online Administration 3.0 Authenticated Code Execution
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 4836439cfaece2fea647cf5c5b5bc314
OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from a traversal vulnerability that allows for arbitrary file access.

tags | exploit, arbitrary
MD5 | d59ba0c9c85323843417e3b44d2fa62b
WordPress Simple Slideshow Manager 2.2 Cross Site Scripting
Posted May 31, 2017
Authored by DefenseCode, Neven Biruski

WordPress Simple Slideshow Manager plugin versions 2.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6cafb010fb20043a5898706c8f032a6d
Red Hat Security Advisory 2017-1372-01
Posted May 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1372-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality can allow a remote attacker to force the kernel to enter a condition in which it can loop indefinitely.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-6214
MD5 | 537865e334898c109836d0adc5303dba
ModX CMS Proof Of Concept Shell Upload
Posted May 31, 2017
Authored by Cody Sixteen

This proof of concept code shows how manager functionality can be abused in ModX CMS to upload a shell.

tags | exploit, shell, proof of concept
MD5 | 4a9e82ae99c6a9dbf9554d110145a1a4
KEMP LoadMaster 7.135.0.13245 XSS / Code Execution
Posted May 31, 2017
Site securiteam.com

KEMP LoadMaster version 7.135.0.13245 suffers from persistent cross site scripting and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss
MD5 | 05f5ea97f61f9b6d72385ba9076f9126
IBM Informix Dynamic Server DLL Injection / Code Execution
Posted May 31, 2017
Site securiteam.com

IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.

tags | exploit, overflow, php, vulnerability
advisories | CVE-2016-2183, CVE-2017-1092
MD5 | acf1047cf6ec465e6ff49df652940fd6
Trend Micro Deep Security 6.5 XXE / Code Execution
Posted May 31, 2017
Site securiteam.com

Trend Micro Deep Security version 6.5 suffers from XML external entity injection, local privilege escalation, and remote code execution vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution
MD5 | 14d6ad8c29d1b68a5710f229a32f0da6
Microsoft MsMpEng Saved Callers Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, lokihardt

Microsoft Windows MsMpEng suffers from a saved caller use-after-free vulnerability.

tags | exploit
systems | windows
advisories | CVE-2017-8541
MD5 | 05faef0a20f3572f0904838b08cace5c
TerraMaster F2-420 NAS TOS 3.0.30 Code Execution
Posted May 31, 2017
Authored by Simone Margaritelli

TerraMaster F2-420 NAS TOS version 3.0.30 suffers from an unauthenticated remote root code execution vulnerability.

tags | exploit, remote, root, code execution
MD5 | 2719a3913cd96f69928a95ca4f994342
Microsoft MsMpEng GC Engine Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, ianbeer

Microsoft Windows MsMpEng suffers from a remotely exploitable use-after-free vulnerability due to a design issue in the GC engine.

tags | exploit
systems | windows
advisories | CVE-2017-8540
MD5 | b3d45bc0bcfc72ee99f5a1e8c697ddc5
uc-httpd Local File Inclusion / Traversal
Posted May 31, 2017
Authored by keksec

uc-httpd suffers from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
MD5 | 1ea3e2779de86530c91d5d4ec0c8c541
Intel SSD Toolbox 3.4.3 DLL Hijacking
Posted May 31, 2017
Authored by Stefan Kanthak

Intel SSD Toolbox version 3.4.3 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | cfd10a2e92d00e760fa07674700e0a87
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close