what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2017-06-29

FreeBSD setrlimit Stack Clash Proof Of Concept
Posted Jun 29, 2017
Site qualys.com

FreeBSD setrlimit stack clash proof of concept exploit.

tags | exploit, proof of concept
systems | freebsd, bsd
advisories | CVE-2017-1085
SHA-256 | 55fb8566c8dcae52540b3d92f7a1228604de1093d9d64e40a1cebbbe5ec1f611
Linux Kernel ldso_hwcap Stack Clash Privilege Escalation
Posted Jun 29, 2017
Site qualys.com

Linux kernel ldso_hwcap stack clash privilege escalation exploit. This affects Debian 7/8/9/10, Fedora 23/24/25, and CentOS 5.3/5.11/6.0/6.8/7.2.1511.

tags | exploit, kernel
systems | linux, debian, fedora, centos
advisories | CVE-2017-1000366, CVE-2017-1000370
SHA-256 | e3bc684fbe0cc5c683f1e0aa4b3c0294f9ee713b3f50398609a3d2677cd20406
FreeBSD FGPE Stack Clash Proof Of Concept
Posted Jun 29, 2017
Site qualys.com

FreeBSD FGPE stack clash proof of concept exploit.

tags | exploit, proof of concept
systems | freebsd, bsd
advisories | CVE-2017-1084
SHA-256 | 2dddaf6810e24694581a3d0559ab7f60f9bdef61855acef6f9cdc6c393b35315
FreeBSD FGPU Stack Clash Proof Of Concept
Posted Jun 29, 2017
Site qualys.com

FreeBSD FGPU stack clash proof of concept exploit.

tags | exploit, proof of concept
systems | freebsd, bsd
advisories | CVE-2017-1084
SHA-256 | fa4055aa1f668bb096eafa433dace0e75f81c48fefa47f2d5271474380116c6b
Oracle Solaris 11.1 / 11.3 rsh Stack Clash Privilege Escalation
Posted Jun 29, 2017
Site qualys.com

Oracle Solaris versions 11.1 and 11.3 rsh local privilege escalation stack clash exploit.

tags | exploit, local
systems | solaris
advisories | CVE-2017-3629, CVE-2017-3630, CVE-2017-3631
SHA-256 | d6fc2124ab39b596a408ba197a8da71c03b284c1dac54ac107cc4d471c892d32
Veritas/Symantec Backup Exec SSL NDMP Connection Use-After-Free
Posted Jun 29, 2017
Authored by Matthew Daley | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability in the handling of SSL NDMP connections in Veritas/Symantec Backup Exec's Remote Agent for Windows. When SSL is re-established on a NDMP connection that previously has had SSL established, the BIO struct for the connection's previous SSL session is reused, even though it has previously been freed. This Metasploit module supports 3 specific versions of the Backup Exec agent in the 14, 15 and 16 series on 64-bit and 32-bit versions of Windows and has been tested from Vista to Windows 10.

tags | exploit, remote
systems | windows
advisories | CVE-2017-8895
SHA-256 | 18615ac29398d7f2d7f4f16eff1790cc387a69c2808a4e6bb7a5632253c7e45f
Apache ActiveMQ 5.x Web Shell Upload
Posted Jun 29, 2017
Authored by Hillary Benson, Ian Anderson | Site metasploit.com

The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request.

tags | exploit, remote, web, arbitrary
advisories | CVE-2016-3088
SHA-256 | 0bc2dbf6d87b6049a30cf872cd58cbce1c72539afcf4cc3fcb3c44514b701ed1
Kaspersky Anti-Virus File Server 8.0.3.297 XSS / CSRF / Code Execution
Posted Jun 29, 2017
Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Kaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, virus, xss, info disclosure, csrf
systems | linux
advisories | CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813
SHA-256 | 1011f2188afe2cfa015134b365c225eb892ed298b59a2beb4cc63a8e09cdc1b0
VASA Provider Virtual Appliance 8.3.x Remote Code Execution
Posted Jun 29, 2017
Authored by rgod | Site emc.com

VASA Provider Virtual Appliance versions prior to 8.3.x may potentially be vulnerable to an unauthenticated remote code execution vulnerability. An unauthenticated remote attacker could upload a malicious file to run arbitrary code on the system with root privileges.

tags | advisory, remote, arbitrary, root, code execution
advisories | CVE-2017-4997
SHA-256 | a4d0a8672e720b49dae2fef3ee2fa48acda55214ead9237b46537b91eade0b32
Ubuntu Security Notice USN-3345-1
Posted Jun 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3345-1 - USN 3324-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, java, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000363, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9150, CVE-2017-9242
SHA-256 | 4fad8a2d68a376e72996bff518accee987d6531fbdbaade3e1a8aafe24ebd666
Ubuntu Security Notice USN-3344-2
Posted Jun 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3344-2 - USN-3344-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. USN 3334-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Various other issues were also addressed.

tags | advisory, java, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000363, CVE-2017-7487, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
SHA-256 | ec10468c5bcc0374a009d044a4736922434eb7ade1b26c45c16cecb020b07caf
Ubuntu Security Notice USN-3344-1
Posted Jun 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3344-1 - USN 3328-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, java, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000363, CVE-2017-7487, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
SHA-256 | a4f0efc2b95ce1da0e5cacbafafb82858ba2e9f6956f158428863e22f80ea6d3
Ubuntu Security Notice USN-3342-1
Posted Jun 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3342-1 - USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service. Roee Hay discovered that the parallel port printer driver in the Linux kernel did not properly bounds check passed arguments. A local attacker with write access to the kernel command line arguments could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, java, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000363, CVE-2017-5577, CVE-2017-7294, CVE-2017-7374, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
SHA-256 | 02f110dbf3f133d2c7e542623023dfb8fc8045b5c5147b836e889becc448b849
Ubuntu Security Notice USN-3343-1
Posted Jun 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3343-1 - USN 3335-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. It was discovered that a use-after-free vulnerability in the core voltage regulator driver of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, java, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9940, CVE-2017-0605, CVE-2017-1000363, CVE-2017-7294, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
SHA-256 | 9ea59fe7184daae4dabc3d41854293f31717e8ced346b9507f46908a71b2ba14
Ubuntu Security Notice USN-3343-2
Posted Jun 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3343-2 - USN 3343-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. USN 3335-2 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. Various other issues were also addressed.

tags | advisory, java, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-9940, CVE-2017-0605, CVE-2017-1000363, CVE-2017-7294, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
SHA-256 | f56a67ded25cba5991da6e27ed05f27e72923a50d6768bc40e175e9410f6a869
Ubuntu Security Notice USN-3338-2
Posted Jun 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3338-2 - USN-3338-1 fixed vulnerabilities in the Linux kernel. However, the fix for CVE-2017-1000364 introduced regressions for some Java applications. This update addresses the issue. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges Various other issues were also addressed.

tags | advisory, java, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-4997, CVE-2017-1000364
SHA-256 | 5a99af3894c4fc090fac2baaecc7fd883c01e2ad021d13522a1c7fa248f1aaf7
NetBSD Stack Clash Proof Of Concept
Posted Jun 29, 2017
Site qualys.com

NetBSD stack clash proof of concept exploit.

tags | exploit, proof of concept
systems | netbsd
advisories | CVE-2017-1000375
SHA-256 | 79d2a60bd57d2106ec864e90aa5a2a7fafd9984de7938980ff4f491b72819769
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close