Exploit the possiblities
Showing 1 - 25 of 30 RSS Feed

Files Date: 2017-06-07

Windows UAC Protection Bypass (Via FodHelper Registry Key)
Posted Jun 7, 2017
Authored by amaloteaux, winscriptingblog | Site metasploit.com

This Metasploit module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows fodhelper.exe application is launched. It will spawn a second shell that has the UAC flag turned off. This Metasploit module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process.

tags | exploit, shell, registry
systems | windows
MD5 | b20812c1abf3d3375be101013cd12af0
WiMAX CPE Authentication Bypass
Posted Jun 7, 2017
Authored by Stefan Viehbock | Site sec-consult.com

Various WiMAX CPEs are vulnerable to an authentication bypass. An attacker can set arbitrary configuration values without prior authentication. The vulnerability is located in commit2.cgi (implemented in libmtk_httpd_plugin.so).

tags | exploit, arbitrary, cgi
MD5 | cd86304aec43ab3feeb8080444d44eba
Craft CMS 2.6 Cross Site Scripting / File Upload
Posted Jun 7, 2017
Authored by Ahsan Tahir

Craft CMS version 2.6 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
MD5 | b6aa5cdb750e8030003b4b882082459e
Red Hat Security Advisory 2017-1409-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1409-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
MD5 | 7af8232e8cf016b9e7b0d7b784ab0895
Red Hat Security Advisory 2017-1414-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1414-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-6304, CVE-2016-7056, CVE-2016-8610, CVE-2016-8740, CVE-2016-8743
MD5 | 848fab94797eb5aa2aa12309ab277852
Red Hat Security Advisory 2017-1413-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1413-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-6304, CVE-2016-7056, CVE-2016-8610, CVE-2016-8740, CVE-2016-8743
MD5 | 09e08d9bd5d4778fc51fd66f08804151
Red Hat Security Advisory 2017-1415-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1415-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-6304, CVE-2016-7056, CVE-2016-8610, CVE-2016-8740, CVE-2016-8743
MD5 | c555d9948e27e5468c40aa139259d9cb
Ubuntu Security Notice USN-3253-2
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3253-2 - USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Nagios incorrectly handled certain long messages to cmd.cgi. A remote attacker could possibly use this issue to cause Nagios to crash, resulting in a denial of service. Dawid Golunski discovered that Nagios incorrectly handled symlinks when accessing log files. A local attacker could possibly use this issue to elevate privileges. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, local, cgi, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-1878, CVE-2016-9566
MD5 | 04f7a17df00f437de002a52271d94331
Ubuntu Security Notice USN-3316-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3316-1 - Stefan Winter and Lubos Pavlicek discovered that FreeRADIUS incorrectly handled the TLS session cache. A remote attacker could possibly use this issue to bypass authentication by resuming an unauthenticated session.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-9148
MD5 | 1545b96664196283cc37e93137c52e7d
Red Hat Security Advisory 2017-1411-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1411-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
MD5 | 0062fcbddb7f4979136a4d6c93b0feae
Red Hat Security Advisory 2017-1412-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1412-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.6.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
MD5 | d0bedea67c6fdc5cd045105320a52100
Red Hat Security Advisory 2017-1410-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1410-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
MD5 | 94a50a29559ac107f7345cd025e0baa6
Suricata IDPE 3.2.2
Posted Jun 7, 2017
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: This release fixes a fairly small number of issues. It also improves the unix-socket runmode by allowing both single and autofp runmodes to be specified.
tags | tool, intrusion detection
systems | unix
MD5 | a686400bf8eaa9eced918eed11e92bbe
DC/OS Marathon UI Docker Privilege Escalation
Posted Jun 7, 2017
Authored by Erik Daguerre | Site metasploit.com

Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to edit/create files owed by root. This exploit abuses this to create a cron job in the '/etc/cron.d/' path of the host server. Note that the docker image must be a valid docker image from hub.docker.com. Further more the docker container will only deploy if there are resources available in the DC/OS cluster.

tags | exploit, root
MD5 | 5134d61680c1d915bf6df2f271f0ef72
Xavier 2.4 SQL Injection
Posted Jun 7, 2017
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Xavier PHP Login Script and User Management Admin Panel version 2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 1da452202b8527a25808c6c827c89575
Perch CMS 3.0.3 Cross Site Scripting / File Upload
Posted Jun 7, 2017
Authored by SaifAllah benMassaoud | Site vulnerability-lab.com

Perch CMS version 3.0.3 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
MD5 | 9fd148d51b3b6699cac026fb23c0013f
GravCMS Core 1.4.2 Cross Site Scripting
Posted Jun 7, 2017
Authored by Ahsan Tahir

GravCMS Core version 1.4.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7923e66314d07f36647036f7990b989b
Ubuntu Security Notice USN-3313-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3313-1 - It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0605
MD5 | f42e3c2c3ba85da5ad0a776b704e9d23
Ubuntu Security Notice USN-3312-2
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3312-2 - USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information or cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7913, CVE-2016-7917, CVE-2016-8632, CVE-2016-9083, CVE-2016-9084, CVE-2016-9604, CVE-2017-0605, CVE-2017-2596, CVE-2017-2671, CVE-2017-6001, CVE-2017-7472, CVE-2017-7618, CVE-2017-7645, CVE-2017-7889, CVE-2017-7895
MD5 | f8dcccce709ef81f0592b215acb9e196
Ubuntu Security Notice USN-3312-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3312-1 - It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information or cause a denial of service. Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build function in the Linux kernel. A local attacker could use to cause a denial of service or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7913, CVE-2016-7917, CVE-2016-8632, CVE-2016-9083, CVE-2016-9084, CVE-2016-9604, CVE-2017-0605, CVE-2017-2596, CVE-2017-2671, CVE-2017-6001, CVE-2017-7472, CVE-2017-7618, CVE-2017-7645, CVE-2017-7889, CVE-2017-7895
MD5 | faa65f948d2b34a3bc146375c9d83828
Gentoo Linux Security Advisory 201706-14
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-14 - Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.8 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10244, CVE-2016-10328, CVE-2017-7857, CVE-2017-7858, CVE-2017-7864, CVE-2017-8105, CVE-2017-8287
MD5 | 903223e6e0a125479fda30d0fa04e3b3
Gentoo Linux Security Advisory 201706-13
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-13 - An out-of-bounds data access in minicom might allow remote attackers to execute arbitrary code. Versions less than 2.7.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-7467
MD5 | b503862af0c9e979c841e9d8c5415b98
Gentoo Linux Security Advisory 201706-12
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-12 - Multiple vulnerabilities have been found in Wireshark, the worst of which allows remote attackers to cause a Denial of Service condition. Versions less than 2.2.6 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-6014, CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703, CVE-2017-7704, CVE-2017-7705
MD5 | 46eaff1735a7ce587cc13cc80d6ad423
Gentoo Linux Security Advisory 201706-15
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-15 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.16.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2330, CVE-2015-7096, CVE-2015-7098, CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727, CVE-2016-1728, CVE-2016-4692, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7589, CVE-2016-7592, CVE-2016-7598, CVE-2016-7599, CVE-2016-7610, CVE-2016-7611, CVE-2016-7623, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639, CVE-2016-7640, CVE-2016-7641, CVE-2016-7642, CVE-2016-7645, CVE-2016-7646
MD5 | 3cf0cc3173edfacd9ca20b3b6d313f90
Ubuntu Security Notice USN-3314-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3314-1 - It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9604, CVE-2017-0605, CVE-2017-2671, CVE-2017-7277, CVE-2017-7472, CVE-2017-7618, CVE-2017-7645, CVE-2017-7889, CVE-2017-7895, CVE-2017-7979, CVE-2017-8063, CVE-2017-8064, CVE-2017-8067
MD5 | 8561a3f60f80492e6117f72e7afc1f1a
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close