what you don't know can hurt you
Showing 101 - 125 of 410 RSS Feed

Files Date: 2017-12-01 to 2017-12-31

Intel Content Protection HECI Service Privilege Escalation
Posted Dec 19, 2017
Authored by James Forshaw, Google Security Research

The Intel Content Protection HECI Service exposes a DCOM object to all users and most sandboxes (such as Edge LPAC and Chrome GPU). It has a type confusion vulnerability which can be used to elevate to SYSTEM privileges.

tags | exploit
advisories | CVE-2017-5717
MD5 | a4c2f8375ebdc7ea8ce2023d56ff8651
Red Hat Security Advisory 2017-3485-01
Posted Dec 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3485-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Security Fix: A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064
MD5 | 3600c3f840b4088b74aad6855538448c
WordPress Itinerary 1.0.0 Cross Site Scripting
Posted Dec 19, 2017
Authored by Ricardo Sanchez

WordPress Itinerary plugin version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3b3e55bc570c582ddcd2ca8f9f399e32
Tuleap 9.6 Second-Order PHP Object Injection
Posted Dec 19, 2017
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap <= 9.6 which could be abused by authenticated users to execute arbitrary PHP code with the permissions of the webserver. The vulnerability exists because of the User::getRecentElements() method is using the unserialize() function with data that can be arbitrarily manipulated by a user through the REST API interface. The exploit's POP chain abuses the __toString() method from the Mustache class to reach a call to eval() in the Transition_PostActionSubFactory::fetchPostActions() method.

tags | exploit, arbitrary, php
advisories | CVE-2017-7411
MD5 | bf85aad5adfa9342783213505d464d8c
Jenkins XStream Groovy Classpath Deserialization
Posted Dec 19, 2017
Authored by Arshan Dabirsiaghi | Site metasploit.com

This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default installations. Authentication is not required to exploit the vulnerability.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2016-0792
MD5 | 7f530661ba062452c62003b449e8f990
Joomla! JB Visa 1.0 SQL Injection
Posted Dec 19, 2017
Authored by Ihsan Sencan

Joomla! JB Visa component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fbd83c6c528edfa7d34d2326d265b26a
Man-In-The-Middling TOR
Posted Dec 19, 2017
Authored by Kr1pt0nGirl

This is a brief whitepaper discussing how to perform man-in-the-middle attacks as an exit node on TOR.

tags | paper
MD5 | 0397952789142ad6428f23b95f03f8c2
Microsoft Windows jscript!RegExpFncObj::LastParen Out-Of-Bounds Read
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds read in jscript.dll library (used in IE, WPAD and other places).

tags | exploit
advisories | CVE-2017-11906
MD5 | 5d6d4de766996a82680340bb4a93c196
Microsoft Windows Array.sort jscript.dll Heap Overflow
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an heap overflow vulnerability in jscript.dll library (used in IE, WPAD and other places). The bug affects 2 functions, JsArrayStringHeapSort and JsArrayFunctionHeapSort.

tags | exploit, overflow
advisories | CVE-2017-11907
MD5 | 615276599b5ee6f637294ed8b1cf135c
GoAhead LD_PRELOAD Remote Code Execution
Posted Dec 18, 2017
Authored by Daniel Hodson | Site github.com

GoAhead http versions 2.5 through 3.6.5 LD_PRELOAD remote code execution exploit.

tags | exploit, remote, web, code execution
advisories | CVE-2017-17562
MD5 | f9e2734b50e21720d76a8c8736df6a20
Microsoft Internet Explorer 11 jscript!JSONStringifyObject Use-After-Free
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free in jscript.dll library that can be exploited in IE11.

tags | exploit
advisories | CVE-2017-11793
MD5 | 70d9dab62006eb1aac80ab95307a311b
Windows jscript!NameTbl::GetValDef Use-After-Free
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is a use-after-free vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors.

tags | exploit
advisories | CVE-2017-11903
MD5 | aec6b9f25c8ebc849fe5b43820ec5473
Red Hat Security Advisory 2017-3484-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3484-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. CloudForms Management Engine Appliance. CloudForms Management Engine Gemset. Multiple security issues have been addressed.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-2664
MD5 | 664a0547e1fd2c77754dc2ae4f23b341
Ubuntu Security Notice USN-3382-2
Posted Dec 18, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3382-2 - USN-3382-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass hostname-specific URL checks. Various other issues were also addressed.

tags | advisory, remote, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-10397, CVE-2017-11143, CVE-2017-11144, CVE-2017-11145, CVE-2017-11147, CVE-2017-11628, CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229
MD5 | 7269132db23a11adac8f0ac74885aade
Red Hat Security Advisory 2017-3481-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3481-01 - Heketi provides a RESTful management interface which can be used to manage the life cycle of GlusterFS volumes. With Heketi, cloud services like OpenStack Manila, Kubernetes, and OpenShift can dynamically provision GlusterFS volumes with any of the supported durability types. Heketi will automatically determine the location for bricks across the cluster, making sure to place bricks and its replicas across different failure domains. Heketi also supports any number of GlusterFS clusters, allowing cloud services to provide network file storage without being limited to a single GlusterFS cluster. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-15103, CVE-2017-15104
MD5 | f4948d96eaff5eed37c2c2cb9ce41fea
Red Hat Security Advisory 2017-3479-01
Posted Dec 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3479-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 63.0.3239.108. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-15429
MD5 | 68eed7e922f6e51ce77a93144706ca10
Microsoft Windows jscript!RegExpComp::Compile Heap Overflow
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is a heap overflow in jscript.dll when compiling a regex. This issue could potentially be exploited through multiple vectors.

tags | exploit, overflow
advisories | CVE-2017-11890
MD5 | 6090424aeefb73a1046a5bb0694554fc
Joomla! User Bench 1.0 SQL Injection
Posted Dec 18, 2017
Authored by Ihsan Sencan

Joomla! User Bench component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 13472b1d713be21862827fd58ce8f843
Joomla! My Projects 2.0 SQL Injection
Posted Dec 18, 2017
Authored by Ihsan Sencan

Joomla! My Projects component version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1ee1a7305c003aca777f6b9ef8b13a9f
CDex 1.96 Stack Buffer Overflow
Posted Dec 18, 2017
Authored by bzyo

CDex version 1.96 suffers from a local stack buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | d81dc1a4ab91adc10b15ae556ba4dc07
WIndows jscript!JsArraySlice Uninitialized Variable
Posted Dec 18, 2017
Authored by Ivan Fratric, Google Security Research

There is an uninitialized variable vulnerability in jscript.dll. This issue could potentially be exploited through multiple vectors.

tags | exploit
advisories | CVE-2017-11855
MD5 | 07bd43902bf61cc1da46b2ac1db3304c
Joomla! Guru Pro SQL Injection
Posted Dec 18, 2017
Authored by Ihsan Sencan

Joomla! Guru Pro component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6bcc9ffa556598c711e6441c5ca6c96e
Clockwork SMS Cross Site Scripting
Posted Dec 18, 2017
Authored by Dimopoulos Elias

Eight different Clockwork SMS WordPress plugins suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 849b4fd8e2b4a250bccd9260931568bf
WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS
Posted Dec 18, 2017
Authored by Ricardo Sanchez

WordPress Yakadanda Google+ Hangout Events plugin version 0.3.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0cf37c2b6acfe4ef6a2fcef9bda9bcb5
WordPress Share This Image 1.03 Cross Site Scripting
Posted Dec 18, 2017
Authored by Ricardo Sanchez

WordPress Share This Image plugin version 1.03 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8c279646db7474fe261b669a6ac121d9
Page 5 of 17
Back34567Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close