what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 427 RSS Feed

Files Date: 2017-06-01 to 2017-06-30

IBM DB2 Command Line Processor Buffer Overflow
Posted Jun 26, 2017
Authored by Leon Juranic, DefenseCode

IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-1297
SHA-256 | 9fcbc5360bbab3d3d0d5f91e96ba944fd77fa77b62d50735a37991cb02aa1f1f
Microsoft Skype 7.2 / 7.35 / 7.36 Buffer Overflow
Posted Jun 26, 2017
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Microsoft Skype versions 7.2, 7.35 and 7.36 suffer from a stack buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 0e0544408b08435e8c9b2a3021530969e5be446fa97e97008d000530d1c7c8ad
JAD 1.5.8e-1kali1 Buffer Overflow
Posted Jun 26, 2017
Authored by Juan Sacco

JAD version 1.5.8e-1kali1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 802114a05907d65bb9ed538820a7f40a9bb461fc90ea763cdd2ae06a674e7c36
Linux/x86 Bind Shell Shellcode
Posted Jun 26, 2017
Authored by wetw0rk

75 bytes small Linux/x86 shellcode that binds a shell to port 4444. Contains no NULLs.

tags | shell, x86, shellcode
systems | linux
SHA-256 | d53564a1b5086ca9438ce3b8d47f4ecf791f83665b4a94bb8208f3045bba4d87
LAME 3.99.5 II_step_one Buffer Overflow
Posted Jun 26, 2017
Authored by Agostino Sarubbo

LAME version 3.99.5 suffers from a II_step_one buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | c0d47bb7301f022f6f4bca87c719e9d35f43e22feb39a4162f5c1684559fbe46
LAME 3.99.5 III_dequantize_sample Buffer Overflow
Posted Jun 26, 2017
Authored by Agostino Sarubbo

LAME version 3.99.5 suffers from a III_dequantize_sample stack buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-9872
SHA-256 | adb0e16c8d53d98759bcd81531a4dde6b96e3e0af1359518a613652b71bfdd37
NTFS 3.1 Denial Of Service
Posted Jun 26, 2017
Authored by EagleWire

NTFS version 3.1 master file table denial of service exploit.

tags | exploit, denial of service
SHA-256 | 023ff239fff9f7065185a583b55580bf454882eb7fde9dbcd03bd0550c46debe
D-Link DIR-100 Brute Force / Cross Site Request Forgery
Posted Jun 26, 2017
Authored by MustLive

D-Link DIR-100 suffers from brute force and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 386fd93a4422b5c30c240c4eb2594da9d9779d096bf555c60db8d9a08d208dae
Fully Undetectable Malware
Posted Jun 26, 2017
Authored by Alessandro Groppo

Whitepaper called Fully Undetectable Malware. Translated to English.

tags | paper
SHA-256 | a265b29ba1e3f7e24e1530963506da2733ed4e5a624e5dcab390f90cdf6911ae
Telegram 4.0.1 Two Factor Authentication Bypass
Posted Jun 25, 2017
Authored by Shahab Shamsi

Telegram version 4.0.1 suffers from a two-factor authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 5280b511f82107d0416f37f8c3ee94ea8bb4287712f2550f3aecfbdf4e24537a
PHPMailer Cross Site Scripting
Posted Jun 25, 2017
Authored by Shahab Shamsi

PHPMailer versions prior to 5.2.23 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1b25e7c937e0dcc26d33ddd071b6a29508d5f9760b15d8fd0b456d5b8050b7a9
AIEngine 1.8.0
Posted Jun 24, 2017
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Support for Point to Point over Ethernet protocol. Support for multiple schedulers (multiple Timers). Support for Radix trees on IP lookups. Various other updates and changes.
tags | tool
systems | unix
SHA-256 | ea9ff3fb24e8583466771348051186ca6b2ef4082149fe5e8d15e38b320506e5
Microsoft MsMpEng VFS API Heap Corruption
Posted Jun 24, 2017
Authored by Tavis Ormandy, Google Security Research

The Microsoft MsMpEng mpengine x86 emulator suffers from a heap corruption vulnerability in VFS API.

tags | exploit, x86
SHA-256 | 46362a2418387131b284b6f99ffbd92b63a52b28cf6850b31bc0119ebc171b9f
Microsoft Edge CssParser::RecordProperty Type Confusion
Posted Jun 24, 2017
Authored by Ivan Fratric, Google Security Research

Microsoft Edge suffers from a type confusion vulnerability in CssParser::RecordProperty.

tags | exploit
advisories | CVE-2017-8496
SHA-256 | 1aa785f1fd6f0eb74b2354c469073d303a744ebbead37d6b9b3783902311bdfb
Adobe Flash ATF Parser Heap Corruption
Posted Jun 24, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from a heap corruption vulnerability in the ATF parser.

tags | exploit
advisories | CVE-2017-3078
SHA-256 | aa2b6fd4f44a098e6ecba7504988e0d89a5e75e3bc29a11c164bf7ac741679b8
Adobe Flash Image Decoding Out-Of-Bounds Read
Posted Jun 24, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an image decoding out-of-bounds read vulnerability.

tags | exploit
advisories | CVE-2017-3077
SHA-256 | ed9044e4b79f06703ef40af5da53a9e9a388c8c9448c95d856dc28954cdd4c1a
Adobe Flash AVC Edge Processing Out-Of-Bounds Read
Posted Jun 24, 2017
Authored by Google Security Research, natashenka

Adobe Flash suffers from an avc edge processing out-of-bounds read vulnerability.

tags | exploit
advisories | CVE-2017-3076
SHA-256 | d111143f959eac16a5ac31bce6622f40e6dd0f4a712d9c78aedc9111f504fb20
Easy File Sharing HTTP Server 7.2 POST Buffer Overflow
Posted Jun 24, 2017
Authored by bl4ck h4ck3r | Site metasploit.com

This Metasploit module exploits a POST buffer overflow in the Easy File Sharing FTP Server 7.2 software.

tags | exploit, overflow
SHA-256 | 4a93277c80577e51f05d3a867109d74d266c265a7afc0d44a519a77e90b3dcd1
Symantec Messaging Gateway Remote Code Execution
Posted Jun 24, 2017
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits the command injection vulnerability of Symantec Messaging Gateway product. An authenticated user can execute a terminal command under the context of the web server user which is root. backupNow.do endpoint takes several user inputs and then pass them to the internal service which is responsible for executing operating system command. One of the user input is being passed to the service without proper validation. That cause an command injection vulnerability. But given parameters, such a SSH ip address, port and credentials are validated before executing terminal command. Thus, you need to configure your own SSH service and set the required parameter during module usage. This Metasploit module was tested against Symantec Messaging Gateway 10.6.2-7.

tags | exploit, web, root
advisories | CVE-2017-6326
SHA-256 | 65388a1ffa6f7c2c3a870b20d908b020bed384530b6eb97b4dccaaf421a58506
Netgear DGN2200 dnslookup.cgi Command Injection
Posted Jun 24, 2017
Authored by SivertPL, thecarterb | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in NETGEAR DGN2200v1/v2/v3/v4 routers by sending a specially crafted post request with valid login details.

tags | exploit
advisories | CVE-2017-6334
SHA-256 | 1fec4e5211012852df5a0c5522fb686d79ac9dee14476e919180c9eb884159d8
Eltek SmartPack Backdoor Account
Posted Jun 24, 2017
Authored by Saeed reza Zamanian

Eltek SmartPack has backdoor accounts that are disclosed via some json files.

tags | exploit
SHA-256 | 35314e73b316d0100a38a94bd56fbfe77f2b0f17b9eae437dbc56ea636f9b4ef
Introduction To Honeypots
Posted Jun 24, 2017
Authored by Ahmed Al Mutairi

This whitepaper gives an introduction to honeypots. Written in Arabic.

tags | paper
SHA-256 | 358326e486f7f83b93ee8d5c46ee9b94fcfa15682c2ad182d0a826b620d3b182
Red Hat Security Advisory 2017-1574-01
Posted Jun 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1574-01 - The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix: It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root.

tags | advisory, local, root
systems | linux, redhat
advisories | CVE-2017-1000368
SHA-256 | a3fd6f04b6ad8fda2683b5fb984f344082cd866c71e638d5c9353f10fb2aa301
Gentoo Linux Security Advisory 201706-26
Posted Jun 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-26 - Multiple vulnerabilities have been found in Vim and gVim, the worst of which might allow remote attackers to execute arbitrary code. Versions less than 8.0.0386 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-5953, CVE-2017-6349, CVE-2017-6350
SHA-256 | 7c10733701e29eeac37e6aa8fe06cb324e6b890f4459b3cb0b45ca1fc384e0e9
Gentoo Linux Security Advisory 201706-25
Posted Jun 23, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-25 - An out-of-bounds write in Graphite might allow remote attackers to execute arbitrary code. Versions less than 1.3.8-r1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-5436
SHA-256 | 1946705f6b04b4a318b88a460932bc22203cf80d8a418c8a00f59203e127b15d
Page 3 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close