Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-12-19

Huawei P8 wkupccpu debugfs Kernel Buffer Overflow
Posted Dec 19, 2017
Authored by Maor Shwartz | Site beyondsecurity.com

This advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 - wkupccpu debugfs driver.

tags | exploit, overflow
MD5 | 3b61a90ece6911aa41e566b8c42b727f
BSidesLjubljana 2018 Call For Papers
Posted Dec 19, 2017
Site bsidesljubljana.si

B-Sides Ljubljana will be held March 10th, 2018 in Ljubljana, Slovenia.

tags | paper, conference
MD5 | 38284c5e10a12c97ee4941aa672bb23c
Microsoft Windows Hello Face Authentication Bypass
Posted Dec 19, 2017
Authored by Matthias Deeg, Philipp Buchegger

Microsoft Windows 10 offers a biometric authentication mechanism using "near infrared" face recognition technology with specific Windows Hello compatible cameras. Due to an insecure implementation of the biometric face recognition in some Windows 10 versions, it is possible to bypass the Windows Hello face authentication via a simple spoofing attack using a modified printed photo of an authorized person.

tags | advisory, spoof
systems | windows
MD5 | 27d01277917e11c6b9cd575274f17600
Palo Alto Networks PAN-OS Cookie Injection
Posted Dec 19, 2017
Authored by Zerial

Palo Alto Networks PAN-OS versions before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.

tags | exploit, remote, arbitrary
advisories | CVE-2017-15944
MD5 | 81f2b82084563391a7851afad1e1220c
Joomla! NextGen Editor 2.1.0 SQL Injection
Posted Dec 19, 2017
Authored by Ihsan Sencan

Joomla! NextGen Editor component version 2.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2c8b85eabf5921ee744c2ed6017bd135
BrightSign Digital Signage XSS / Traversal / File Upload
Posted Dec 19, 2017
Authored by singularitysec

BrightSign Digital Signage suffers from cross site scripting, directory traversal, and file upload vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, file upload
advisories | CVE-2017-17737, CVE-2017-17738, CVE-2017-17739
MD5 | d7db3e462951f413cc5395b7b18f9b1c
Intel Content Protection HECI Service Privilege Escalation
Posted Dec 19, 2017
Authored by James Forshaw, Google Security Research

The Intel Content Protection HECI Service exposes a DCOM object to all users and most sandboxes (such as Edge LPAC and Chrome GPU). It has a type confusion vulnerability which can be used to elevate to SYSTEM privileges.

tags | exploit
advisories | CVE-2017-5717
MD5 | a4c2f8375ebdc7ea8ce2023d56ff8651
Red Hat Security Advisory 2017-3485-01
Posted Dec 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3485-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Security Fix: A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064
MD5 | 3600c3f840b4088b74aad6855538448c
WordPress Itinerary 1.0.0 Cross Site Scripting
Posted Dec 19, 2017
Authored by Ricardo Sanchez

WordPress Itinerary plugin version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3b3e55bc570c582ddcd2ca8f9f399e32
Tuleap 9.6 Second-Order PHP Object Injection
Posted Dec 19, 2017
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap <= 9.6 which could be abused by authenticated users to execute arbitrary PHP code with the permissions of the webserver. The vulnerability exists because of the User::getRecentElements() method is using the unserialize() function with data that can be arbitrarily manipulated by a user through the REST API interface. The exploit's POP chain abuses the __toString() method from the Mustache class to reach a call to eval() in the Transition_PostActionSubFactory::fetchPostActions() method.

tags | exploit, arbitrary, php
advisories | CVE-2017-7411
MD5 | bf85aad5adfa9342783213505d464d8c
Jenkins XStream Groovy Classpath Deserialization
Posted Dec 19, 2017
Authored by Arshan Dabirsiaghi | Site metasploit.com

This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default installations. Authentication is not required to exploit the vulnerability.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2016-0792
MD5 | 7f530661ba062452c62003b449e8f990
Joomla! JB Visa 1.0 SQL Injection
Posted Dec 19, 2017
Authored by Ihsan Sencan

Joomla! JB Visa component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fbd83c6c528edfa7d34d2326d265b26a
Man-In-The-Middling TOR
Posted Dec 19, 2017
Authored by Kr1pt0nGirl

This is a brief whitepaper discussing how to perform man-in-the-middle attacks as an exit node on TOR.

tags | paper
MD5 | 0397952789142ad6428f23b95f03f8c2
Microsoft Windows jscript!RegExpFncObj::LastParen Out-Of-Bounds Read
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds read in jscript.dll library (used in IE, WPAD and other places).

tags | exploit
advisories | CVE-2017-11906
MD5 | 5d6d4de766996a82680340bb4a93c196
Microsoft Windows Array.sort jscript.dll Heap Overflow
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an heap overflow vulnerability in jscript.dll library (used in IE, WPAD and other places). The bug affects 2 functions, JsArrayStringHeapSort and JsArrayFunctionHeapSort.

tags | exploit, overflow
advisories | CVE-2017-11907
MD5 | 615276599b5ee6f637294ed8b1cf135c
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close