exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2018-07-04

Intel Processor Diagnostic Tool (IPDT) Privilege Escalation
Posted Jul 4, 2018
Authored by Stefan Kanthak

Intel Processor Diagnostic Tool (IPDT) versions prior to 4.1.0.27 suffer from three code execution and privilege escalation vulnerabilities.

tags | exploit, vulnerability, code execution
advisories | CVE-2018-3667, CVE-2018-3668
SHA-256 | c6970c00b903e7c20f1d36cf862c9883331d5c92e439e99f419b8b4d7ab7809e
Sophos SafeGuard Priivlege Escalation
Posted Jul 4, 2018
Authored by Kyriakos Economou

Sophos SafeGuard Enterprise versions 8.00.4 and earlier, SafeGuard Easy versions 7.00.2.35 and earlier, and SafeGuard LAN Crypt versions 3.95.1.13 and earlier suffer from privilege escalation vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2018-6851, CVE-2018-6852, CVE-2018-6853, CVE-2018-6854, CVE-2018-6855, CVE-2018-6856, CVE-2018-6857
SHA-256 | 9d5c7e91f7c46dfdf969ae19225d278303fd9a6345ad15d65c8e24018ea0b127
ADB Group Manipulation Privilege Escalation
Posted Jul 4, 2018
Authored by Johannes Greil | Site sec-consult.com

An attacker with standard / low access rights within the web GUI is able to gain access to the CLI (if it has been previously disabled by the configuration) and escalate his privileges. Depending on the CLI features it is possible to extract the whole configuration and manipulate settings or gain access to debug features of the device, e.g. via "debug", "upgrade", "upload" etc. commands in the CLI. Attackers can gain access to sensitive configuration data such as VoIP credentials or other information and manipulate any settings of the device. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

tags | exploit, web
advisories | CVE-2018-13110
SHA-256 | 90ac2bef39fc223d39c55dd25d8c1c7649eef240a5d176c34c393459939c1b5d
ADB Authorization Bypass
Posted Jul 4, 2018
Authored by Johannes Greil | Site sec-consult.com

Depending on the firmware version/feature-set of the ISP deploying the ADB device, a standard user account may not have all settings enabled within the web GUI. An authenticated attacker is able to bypass those restrictions by adding a second slash in front of the forbidden entry of the path in the URL. It is possible to access forbidden entries within the first layer of the web GUI, any further subsequent layers/paths (sub menus) were not possible to access during testing but further exploitation can't be ruled out entirely. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

tags | exploit, web
advisories | CVE-2018-13109
SHA-256 | 224fe403284f3f8aa1fc76600cf0efb9753737797fe2fc4605009e3ffb114dc8
ADB Local Root Jailbreak
Posted Jul 4, 2018
Authored by Johannes Greil | Site sec-consult.com

ADB broadband gateways and routers suffer from a local root jailbreak vulnerability via a network file sharing flaw. Versions affected include ADB P.RG AV4202N, DV2210, VV2220, and VV5522.

tags | exploit, local, root
advisories | CVE-2018-13108
SHA-256 | 7dce607bd3e5e3f6e26587a92d82df41533ac622acb4e023f4d607f0a8326860
Ubuntu Security Notice USN-3703-2
Posted Jul 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3703-2 - USN-3703-1 fixed a vulnerability in Archive Zip module. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the Archive Zip module incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-10860
SHA-256 | ad169f2f60b246c4e86fc4b527ce15285ca2220ece2a061b3efa552570fb888a
Ubuntu Security Notice USN-3703-1
Posted Jul 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3703-1 - It was discovered that the Archive Zip module incorrectly handled certain inputs. An attacker could possibly use this to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-10860
SHA-256 | d3e7ef46d96106466295b083675f345b00679612061cabea89f9604540b0d2d1
Ubuntu Security Notice USN-3702-1
Posted Jul 4, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3702-1 - It was discovered that PHP incorrectly handled exif tags in certain images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2018-12882
SHA-256 | 0176f3af91b747a77454e3ac979b4c928a0d3282e07fa78adb92414245da5398
Online Trade 1 Credential Disclosure
Posted Jul 4, 2018
Authored by Borna Nematzadeh

Online Trade version 1 suffers from an information leakage vulnerability.

tags | exploit, info disclosure
advisories | CVE-2018-12908
SHA-256 | 058b8342c1b479ec4d5149eeb88b6cc57c2a2155b2186c8b6002e01c9d68c13a
ShopNx Arbitrary File Upload
Posted Jul 4, 2018
Authored by Borna Nematzadeh

ShopNx suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
advisories | CVE-2018-12519
SHA-256 | 707965dec9475bfc2c203dd7d2e6ea59ef8016d4378130a67346d6d486813027
CMS Made Simple 2.2.5 Remote Code Execution
Posted Jul 4, 2018
Authored by Mustafa Hasan

CMS Made Simple version 2.2.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-1000094
SHA-256 | 2eda133a9630043692f259669d24c38f1bd3467fc0120bc869ace374cf33b47d
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close