what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-09-14 to 2015-09-15

TP-Link NC200/NC220 Cloud Camera 300Mbps Wi-Fi Hard-Coded Credentials
Posted Sep 14, 2015
Authored by LiquidWorm | Site zeroscience.mk

NC220 and NC200 utilizes hard-coded credentials within its Linux distribution image. These sets of credentials (root:root) are never exposed to the end-user and cannot be changed through any normal operation of the camera.

tags | exploit, root
systems | linux
SHA-256 | 75afdba7df6115f0fcf582aeaa5d0f0235301fc2dbb1e912b582b5293b9e51f6
IKEView.exe Feature Pack NGX R60 - Build 591000004 Buffer Overflow
Posted Sep 14, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

IKEView.exe is vulnerable to local stack based buffer overflow when parsing an malicious (internet key exchange) ".elg" file. Vulnerability causes nSEH & SEH pointer overwrites at 4432 bytes after IKEView parses our malicious file, which may result then result in arbitrary attacker supplied code execution.

tags | exploit, overflow, arbitrary, local, code execution
SHA-256 | 3523ab1269c0f4187c4a7efd81aecbce5f6a22206941e828961c579c48b6285c
Openfire 3.10.2 Cross Site Request Forgery
Posted Sep 14, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Openfire version 3.10.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-6973
SHA-256 | 0e24b5cc34f5f30e0f92cdca09e38caa5c6a3aa1e7231a61f43ed26e5a092d1c
Windows Type-Confusion / Memory Corruption
Posted Sep 14, 2015
Authored by Google Security Research, matttait

The Windows Kernel is subject to two related kernel-mode type-confusion vulnerabilities inside win32k!xxxRemoteReconnect. In both cases, a user-mode parameter passed to the syscall is incorrectly resolved to its underlying kernel representation via ObReferenceObjectByHandle passing NULL as the "ObType" field (rather than *IoFileTypeObject and *IoDeviceTypeObject respectively). Because the type is not checked, if a handle of a type other than a HANDLE to a file and a device are passed, the kernel incorrectly uses the underlying representation of the object as a PFILE_OBJECT and a PDEVICE_OBJECT, causing memory corruption in the kernel.

tags | advisory, kernel, vulnerability
systems | linux, windows
SHA-256 | 1fc87129199a0c6cd9e6a9fa146cc6e891c7331266896538d14fc884c57013ba
OS X Suid Privilege Escalation
Posted Sep 14, 2015
Authored by Google Security Research, Ian Beer

The Install.framework runner suid root binary does not correctly account for the fact that Distributed Objects can be connected to by multiple clients at the same time. By connecting two proxy objects to an IFInstallRunner and calling [IFInstallRunner makeReceiptDirAt:asRoot:] in the first and passing a custom object as the directory name we can get a callback to our code just after the makeReceiptDirAt code has called seteuid(0);setguid(0) to regain privs. Since BSD priviledges are per-process this means that our other proxy object will now have euid 0 without having to provide an authorization reference. In this second proxy we can then just call runTaskSecurely and get a root shell before returning from the first proxy's callback function which will then drop privs.

tags | exploit, shell, root
systems | linux, bsd
advisories | CVE-2015-5754
SHA-256 | 1fd4f2bf985f7460d71d17680841dc5c059fe7c05b9a7ac1a776291868ff74e3
Typo3 CMS 6.2.14 / 4.5.40 Cross Site Scripting
Posted Sep 14, 2015
Authored by Julien Ahrens

Typo3 CMS versions 6.2.14 and below and 4.5.40 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-5956
SHA-256 | 5fe660afc121bc98f78855bc4c8a79507bdd0980f0cc631158e37e50937cd828
OS X Privilege Escalation
Posted Sep 14, 2015
Authored by Google Security Research, Ian Beer

The private Install.framework has a few helper executables in /System/Library/PrivateFrameworks/Install.framework/Resources, one of which is suid root and exploitable.

tags | exploit, root
systems | linux
advisories | CVE-2015-3704
SHA-256 | a34aa2485110ffeff9b63cf7063d71e3ac6548549f001e7517073b7f1ffaa5ca
Monsta FTP 1.6.2 Cross Site Request Forgery / Cross Site Scripting
Posted Sep 14, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Monsta FTP version 1.6.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 9e2f6e57e61d7dfed914ab5ebf4683e9e1336d21bab66f7429ecdcdf9b40f933
OS X Install.framework Suid Root Binary
Posted Sep 14, 2015
Authored by Google Security Research, Ian Beer

Install.framework has a suid root binary at /System/Library/PrivateFrameworks/Install.framework/Resources/runner that allows for arbitrary mkdir, unlink, and chown.

tags | exploit, arbitrary, root
systems | linux
advisories | CVE-2015-5784
SHA-256 | 4b9ea14e8540ddbdec18fe305074224119369e420b4ed663a1f2bac393fa7f15
IKEView.exe Fox Beta 1 Buffer Overflow
Posted Sep 14, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

IKEView.exe is vulnerable to local stack based buffer overflow when parsing an malicious (internet key exchange) ".elg" file.

tags | exploit, overflow, local
SHA-256 | c258823e04d1c5912714ecf6c5d251c4962d8a64211d99317db61683332eab73
POC OR GTFO 0x09
Posted Sep 14, 2015
Authored by pocgtfo

This is the ninth issue of POC || GTFO.

tags | magazine
SHA-256 | 8ad70d4dd0c0f53e8c479d1d573e5a365ea673acafa9fd61fa5231e18502a6ad
Magento 1.9.2 File Inclusion
Posted Sep 14, 2015
Authored by EgiX

Magento versions 1.9.2 and below suffer from an autoloaded file inclusion vulnerability.

tags | exploit, file inclusion
advisories | CVE-2015-6497
SHA-256 | fc7990f532774d8eb7b6c58646a4184c066856b3fb99521ec6baa6859a83e854
OpenLDAP 2.4.42 Denial Of Service
Posted Sep 14, 2015
Authored by Denis Andzakovic | Site security-assessment.com

OpenLDAP versions 2.4.42 and below suffer from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | 0c1bf0a1bcf96cdd744d44d9297e87b79b407bd844d5d254ee0ba7ef0957f829
Silver Peak VX Command Injection / Shell Upload / File Read
Posted Sep 14, 2015
Authored by Daniel Jensen | Site security-assessment.com

Silver Peak VX virtual appliance running VXOA before version 6.2.11 contains a number of security vulnerabilities, including command injection, unauthenticated file read, mass assignment, shell upload, and hardcoded credentials. By combining these vulnerabilities, an attacker may remotely obtain root privileges on the underlying host.

tags | exploit, shell, root, vulnerability
SHA-256 | 36799a3c7e2af82faa6d01908af9360ddba720c30151c46a004891b6be136f05
Shopify Input Validation
Posted Sep 14, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Shopify suffered from an input validation vulnerability.

tags | exploit
SHA-256 | 3b22718ee3a691098c84a1145c3a76387a4be88f853e0df123706369b26b2ff9
Magento Cross Site Scripting
Posted Sep 14, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Magento suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1f9abe773c72fc70b1cfb69868ae0352dbc9344a10814fdaedb052f41ced7505
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close