exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-05-31 to 2017-05-31

Packet Storm New Exploits For May, 2017
Posted May 31, 2017
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 193 exploits added to Packet Storm in May, 2017.

tags | exploit
SHA-256 | 26fc166294f508802d9d337041eea7e914e6da3ef5ab631fc1d0144d30fcb790
Ubuntu Security Notice USN-3305-1
Posted May 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3305-1 - It was discovered that the NVIDIA graphics drivers contained flaws in the kernel mode layer. A local attacker could use these issues to cause a denial of service or potentially escalate their privileges on the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0350, CVE-2017-0351, CVE-2017-0352
SHA-256 | 5a4035534975370cde44d757670aec428e9fc47fd2fa11dc88db41feb6be6ac4
Red Hat Security Advisory 2017-1367-01
Posted May 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1367-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: CloudForms includes a default SSL/TLS certificate for the web server. This certificate is replaced at install time, however if an attacker were able to man-in-the-middle an administrator while installing the new certificate the attacker could get a copy of the private key uploaded allowing for future attacks.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2016-4457, CVE-2017-2639
SHA-256 | e3a4946886a23c02c2bddf4ad7aae93f8050a67aad92b2206614f0a720a56271
Piwigo Facetag 0.0.3 SQL Injection
Posted May 31, 2017
Authored by Touhid M.Shaikh

Piwigo Facetag plugin version 0.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3f72fcb8ece0adc26b0ccbdbcfeb68fd34b23af7b91df6f5b9dc2fe3a3041a20
Falco 0.7.0
Posted May 31, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Update the priorities of falco rules to use a wider range of priorities rather than just ERROR/WARNING. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 23ac653efca14dbb54a5bc40842a645086eb97d1c91aa81595b16d3498d4b544
OV3 Online Administration 3.0 SQL Injection
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from multiple unauthenticated remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f4e0ed42c7cdf22bd2a600ec5839995ad5649db85fc9209f988faf25d90d15e1
OV3 Online Administration 3.0 Authenticated Code Execution
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from an authenticated remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 9b12192c30c33bbae65bf04c6774a126a919f815212c82f293754d45342d964d
OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access
Posted May 31, 2017
Authored by LiquidWorm | Site zeroscience.mk

OV3 Online Administration version 3.0 suffers from a traversal vulnerability that allows for arbitrary file access.

tags | exploit, arbitrary
SHA-256 | a392bf3b481a40ea58d1544ce2ba02f18757959c59d6184fa4e3fed5fdca7576
WordPress Simple Slideshow Manager 2.2 Cross Site Scripting
Posted May 31, 2017
Authored by DefenseCode, Neven Biruski

WordPress Simple Slideshow Manager plugin versions 2.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | de8d084a354a9a22976a85a2b82537644cf6619fed4c57ece740d7a79e011e9d
Red Hat Security Advisory 2017-1372-01
Posted May 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1372-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality can allow a remote attacker to force the kernel to enter a condition in which it can loop indefinitely.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-6214
SHA-256 | 1048de110dd6490790a9aa7f54f6a7a37704f3ff959dd20b4aa404be8f5cd3e9
ModX CMS Proof Of Concept Shell Upload
Posted May 31, 2017
Authored by Cody Sixteen

This proof of concept code shows how manager functionality can be abused in ModX CMS to upload a shell.

tags | exploit, shell, proof of concept
SHA-256 | 716aad67ffbd1e03ee636500fb005acbd2d5d6ac6569cc879ee02aa5114964b1
KEMP LoadMaster 7.135.0.13245 XSS / Code Execution
Posted May 31, 2017
Site securiteam.com

KEMP LoadMaster version 7.135.0.13245 suffers from persistent cross site scripting and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss
SHA-256 | 40a63bf9cbf46ca01a18785c8a019b65341c0efbcd81542b5279e2a98b25ce9c
IBM Informix Dynamic Server DLL Injection / Code Execution
Posted May 31, 2017
Site securiteam.com

IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.

tags | exploit, overflow, php, vulnerability
advisories | CVE-2016-2183, CVE-2017-1092
SHA-256 | ac5d0ef0f10cad9d7b9a1524abc605c6815ee7dc5254833cf12c5cdbb411f95b
Trend Micro Deep Security 6.5 XXE / Code Execution
Posted May 31, 2017
Site securiteam.com

Trend Micro Deep Security version 6.5 suffers from XML external entity injection, local privilege escalation, and remote code execution vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, xxe
SHA-256 | 7734e239114061512b4ac1ebb3b04a639de98f84e9b038a1c584b34f794fd8ce
Microsoft MsMpEng Saved Callers Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, lokihardt

Microsoft Windows MsMpEng suffers from a saved caller use-after-free vulnerability.

tags | exploit
systems | windows
advisories | CVE-2017-8541
SHA-256 | eb08a025f45ed24c82f64c6675c1bb35662e65430180b83f4bb679101ca6fdab
TerraMaster F2-420 NAS TOS 3.0.30 Code Execution
Posted May 31, 2017
Authored by Simone Margaritelli

TerraMaster F2-420 NAS TOS version 3.0.30 suffers from an unauthenticated remote root code execution vulnerability.

tags | exploit, remote, root, code execution
SHA-256 | aec3efc9d8d66284f07bd071e69c63cdec654b577e52326543bbb519412ea907
Microsoft MsMpEng GC Engine Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, Ian Beer

Microsoft Windows MsMpEng suffers from a remotely exploitable use-after-free vulnerability due to a design issue in the GC engine.

tags | exploit
systems | windows
advisories | CVE-2017-8540
SHA-256 | d279bd01ec69e2a865d0f1da9c97d28f84fd74c96f36a4000b1826c9ad115979
uc-httpd Local File Inclusion / Traversal
Posted May 31, 2017
Authored by keksec

uc-httpd suffers from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 3a341738a708f989775254401f6a4b13470afc5a93121ecd88281080592e613a
Intel SSD Toolbox 3.4.3 DLL Hijacking
Posted May 31, 2017
Authored by Stefan Kanthak

Intel SSD Toolbox version 3.4.3 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | bca118f21515d6e1ab924c929e6631ec6f06fdcdc4033d6b440b013abd6b8660
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close