Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-12-19

Huawei P8 wkupccpu debugfs Kernel Buffer Overflow
Posted Dec 19, 2017
Authored by Maor Shwartz | Site beyondsecurity.com

This advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 - wkupccpu debugfs driver.

tags | exploit, overflow
MD5 | 3b61a90ece6911aa41e566b8c42b727f
BSidesLjubljana 2018 Call For Papers
Posted Dec 19, 2017
Site bsidesljubljana.si

B-Sides Ljubljana will be held March 10th, 2018 in Ljubljana, Slovenia.

tags | paper, conference
MD5 | 38284c5e10a12c97ee4941aa672bb23c
Microsoft Windows Hello Face Authentication Bypass
Posted Dec 19, 2017
Authored by Matthias Deeg, Philipp Buchegger

Microsoft Windows 10 offers a biometric authentication mechanism using "near infrared" face recognition technology with specific Windows Hello compatible cameras. Due to an insecure implementation of the biometric face recognition in some Windows 10 versions, it is possible to bypass the Windows Hello face authentication via a simple spoofing attack using a modified printed photo of an authorized person.

tags | advisory, spoof
systems | windows
MD5 | 27d01277917e11c6b9cd575274f17600
Palo Alto Networks PAN-OS Cookie Injection
Posted Dec 19, 2017
Authored by Zerial

Palo Alto Networks PAN-OS versions before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.

tags | exploit, remote, arbitrary
advisories | CVE-2017-15944
MD5 | 81f2b82084563391a7851afad1e1220c
Joomla! NextGen Editor 2.1.0 SQL Injection
Posted Dec 19, 2017
Authored by Ihsan Sencan

Joomla! NextGen Editor component version 2.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2c8b85eabf5921ee744c2ed6017bd135
BrightSign Digital Signage XSS / Traversal / File Upload
Posted Dec 19, 2017
Authored by singularitysec

BrightSign Digital Signage suffers from cross site scripting, directory traversal, and file upload vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, file upload
advisories | CVE-2017-17737, CVE-2017-17738, CVE-2017-17739
MD5 | d7db3e462951f413cc5395b7b18f9b1c
Intel Content Protection HECI Service Privilege Escalation
Posted Dec 19, 2017
Authored by James Forshaw, Google Security Research

The Intel Content Protection HECI Service exposes a DCOM object to all users and most sandboxes (such as Edge LPAC and Chrome GPU). It has a type confusion vulnerability which can be used to elevate to SYSTEM privileges.

tags | exploit
advisories | CVE-2017-5717
MD5 | a4c2f8375ebdc7ea8ce2023d56ff8651
Red Hat Security Advisory 2017-3485-01
Posted Dec 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3485-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Security Fix: A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064
MD5 | 3600c3f840b4088b74aad6855538448c
WordPress Itinerary 1.0.0 Cross Site Scripting
Posted Dec 19, 2017
Authored by Ricardo Sanchez

WordPress Itinerary plugin version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3b3e55bc570c582ddcd2ca8f9f399e32
Tuleap 9.6 Second-Order PHP Object Injection
Posted Dec 19, 2017
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap <= 9.6 which could be abused by authenticated users to execute arbitrary PHP code with the permissions of the webserver. The vulnerability exists because of the User::getRecentElements() method is using the unserialize() function with data that can be arbitrarily manipulated by a user through the REST API interface. The exploit's POP chain abuses the __toString() method from the Mustache class to reach a call to eval() in the Transition_PostActionSubFactory::fetchPostActions() method.

tags | exploit, arbitrary, php
advisories | CVE-2017-7411
MD5 | bf85aad5adfa9342783213505d464d8c
Jenkins XStream Groovy Classpath Deserialization
Posted Dec 19, 2017
Authored by Arshan Dabirsiaghi | Site metasploit.com

This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default installations. Authentication is not required to exploit the vulnerability.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2016-0792
MD5 | 7f530661ba062452c62003b449e8f990
Joomla! JB Visa 1.0 SQL Injection
Posted Dec 19, 2017
Authored by Ihsan Sencan

Joomla! JB Visa component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fbd83c6c528edfa7d34d2326d265b26a
Man-In-The-Middling TOR
Posted Dec 19, 2017
Authored by Kr1pt0nGirl

This is a brief whitepaper discussing how to perform man-in-the-middle attacks as an exit node on TOR.

tags | paper
MD5 | 0397952789142ad6428f23b95f03f8c2
Microsoft Windows jscript!RegExpFncObj::LastParen Out-Of-Bounds Read
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds read in jscript.dll library (used in IE, WPAD and other places).

tags | exploit
advisories | CVE-2017-11906
MD5 | 5d6d4de766996a82680340bb4a93c196
Microsoft Windows Array.sort jscript.dll Heap Overflow
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an heap overflow vulnerability in jscript.dll library (used in IE, WPAD and other places). The bug affects 2 functions, JsArrayStringHeapSort and JsArrayFunctionHeapSort.

tags | exploit, overflow
advisories | CVE-2017-11907
MD5 | 615276599b5ee6f637294ed8b1cf135c
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close