accept no compromises
Showing 26 - 50 of 506 RSS Feed

Files Date: 2016-11-01 to 2016-11-30

Disk Savvy Enterprise 9.1.14 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Disk Savvy Enterprise version 9.1.14 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 897df75e132522be3c66f4a32662acf1
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
Posted Nov 28, 2016
Authored by FireFart

This exploit uses the pokemon exploit as a base and automatically generates a new passwd line. The original /etc/passwd is then backed up to /tmp/passwd.bak and overwritten with the new line. The user will be prompted for the new password when the binary is run. After running the exploit you should be able to login with the newly created user.

tags | exploit
advisories | CVE-2016-5195
MD5 | 2d84b48a3c7259bdcfc8b09a0c2ed0c2
Disk Sorter Enterprise 9.1.12 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Disk Sorter Enterprise version 9.1.12 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | bc108454ec29731f734c2bbb84dc3b6a
Dup Scout Enterprise 9.1.14 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Dup Scout Enterprise version 9.1.14 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 60ab738e6533598fb59995c92077a7c3
VX Search Enterprise 9.1.12 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

VX Search Enterprise version 9.1.12 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 3ea51412ddc3f221b25e6182852d5a69
Disk Pulse Enterprise 9.1.16 Buffer Overflow
Posted Nov 28, 2016
Authored by Tulpa

Disk Pulse Enterprise version 9.1.16 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 33e796078156a7d3b2b85c19d9843d06
Microsoft Windows Kernel NtSetWindowLongPtr Privilege Escalation
Posted Nov 28, 2016
Authored by Enrique Nissim

Microsoft Windows Kernel win32k.sys NtSetWindowLongPtr privilege escalation proof of concept exploit. Leverages the issue as noted in MS16-135.

tags | exploit, kernel, proof of concept
systems | windows
advisories | CVE-2016-7255
MD5 | 22e9d6e6eea9e3931c0a3320e5216f50
ChatNow 1.1 SQL Injection
Posted Nov 27, 2016
Authored by ZwX

ChatNow version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 44b4a03c5e15d476f57a5e4ff1239ffc
Core FTP LE 2.2 Build 1883 Buffer Overflow
Posted Nov 27, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Core FTP LE version 2.2 build 1883 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 1262bf63504b6b688c5785c9a24aa7ac
AOMEI Backupper Standard 3.5 DLL Hijacking
Posted Nov 27, 2016
Authored by ZwX

AOMEI Backupper Standard version 3.5 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | d6a134889b0e692159c2ced391e53e2f
Atbox.io Open Redirect
Posted Nov 27, 2016
Authored by Ehsan Hosseini

Atbox.io suffers from an open redirection vulnerability.

tags | exploit
MD5 | 6f23453b455a1fade13c75689580197a
Burden TMA 2.1.1 Cross Site Scripting
Posted Nov 26, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Burden TMA version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5e56340983e59df55800b3430a3d8b0a
Apache OpenOffice 1.0 Windows Installer Trojan Execution
Posted Nov 26, 2016
Authored by Cyril Vallicari

The Apache OpenOffice installer for Windows contained a defective operation that could trigger execution of unwanted software installed by a Trojan Horse application. The installer defect is known as an unquoted Windows search path vulnerability. In the case of Apache OpenOffice installers for Windows, the PC must have previously been infected by a Trojan Horse application (or user) running with administrator privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. The exploit may already have operated on the user's PC.

tags | advisory, trojan
systems | windows
advisories | CVE-2016-6803
MD5 | 7705d5ab1a4089c1df13600a4048d119
Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation
Posted Nov 25, 2016
Authored by Phil Oester

Linux kernel versions 2.6.22 and below 3.9 Dirty COW PTRACE_POKEDATA race condition privilege escalation exploit that provides write access.

tags | exploit, kernel
systems | linux
advisories | CVE-2016-5195
MD5 | cd99656821f9a7a8679fc8c4c258ee15
I Know Where Your Page Lives
Posted Nov 25, 2016
Authored by Enrique Nissim

Whitepaper called I Know Where Your Page Lives - De-randomizing the latest Windows 10 Kernel.

tags | paper, kernel
systems | windows
MD5 | e28115dd81ed4a2e45036f18bf147575
WordPress Olimometer 2.56 SQL Injection
Posted Nov 25, 2016
Authored by TAD GROUP

WordPress Olimometer plugin versions 2.56 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 59bec4707656e08864e052fc7bffae1d
Less.js Untrusted File Compilation / Code Execution
Posted Nov 25, 2016
Site redteam-pentesting.de

RedTeam Pentesting discovered behavior in the Less.js compiler, which allows execution of arbitrary code if an untrusted LESS file is compiled.

tags | exploit, arbitrary
MD5 | 762aeabd4912f808d5cff9bea542904c
NTP 4.2.8p3 Denial Of Service
Posted Nov 25, 2016
Authored by Magnus Klaaborg Stubman

NTP version 4.2.8p3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2015-7855
MD5 | 0db2a24411693e3343d677a90ea11f8a
Osticket 1.9.14 Cross Site Scripting
Posted Nov 25, 2016
Authored by Joaquin Ramirez Martinez

Osticket versions 1.9.14 and below X-Forwarded-For stored cross site scripting exploit.

tags | exploit, xss
MD5 | 14551d34ccbbaf09866a1045b887adc9
Koken 0.22.7 / 0.22.11 Cross Site Scripting
Posted Nov 25, 2016
Authored by Taurus Omar

Koken versions 0.22.7 and 0.22.11 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | f201c54b7bd9fdb3ce09213bca0ef1a5
Microsoft Internet Explorer 11 MSHTML CGeneratedContent::HasGeneratedSVGMarker Type Confusion
Posted Nov 25, 2016
Authored by SkyLined

A specially crafted web-page can cause a type confusion in HTML layout in Microsoft Internet Explorer 11. An attacker might be able to exploit this issue to execute arbitrary code.

tags | exploit, web, arbitrary
MD5 | eeca27d50e656cf648bfb1ff31098d83
Microsoft Internet Explorer 10 MSHTML CEditAdorner::Detach Use-After-Free
Posted Nov 25, 2016
Authored by SkyLined

A specially crafted web-page can cause Microsoft Internet Explorer 10 to continue to use an object after freeing the memory used to store the object. An attacker might be able to exploit this issue to execute arbitrary code.

tags | exploit, web, arbitrary
advisories | CVE-2013-3120
MD5 | 84beda817d97c06187dbb0c22baef346
HS-110 Smart Plug Account Takeover / Insecure Design
Posted Nov 25, 2016
Site curesec.com

This is an interesting analysis that goes over reverse engineering access to the HS-110 Smart Plug and how secrets are insecurely transferred.

tags | exploit
MD5 | e8551961996d18494136e6e550f924e4
Linux ntpd 4.2.8 derive_nonce Stack Overflow
Posted Nov 25, 2016
Authored by Todor Donev

Linux ntpd 4.2.8 derive_nonce remote stack overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
systems | linux
MD5 | 82c7c116090828fd0e56ef327c62c461
Gstreamer Heap Corruption
Posted Nov 25, 2016
Authored by Chris Evans

A full analysis and proof of concept 0-day exploits for a heap corruption vulnerability in the gstreamer decoder.

tags | exploit, proof of concept
MD5 | 3a4f02974a472c9519faae24f2a7c085
Page 2 of 21
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close