Twenty Year Anniversary
Showing 1 - 25 of 1,830 RSS Feed

Operating System: Cisco

Cisco Prime Infrastructure Unauthenticated Remote Code Execution
Posted Nov 13, 2018
Authored by Pedro Ribeiro | Site metasploit.com

Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing. The file upload vulnerability should have been fixed in versions 3.4.1 and 3.3.1 Update 02.

tags | exploit, remote, root, vulnerability, code execution, file upload
systems | cisco
advisories | CVE-2018-15379
MD5 | 2c9170145359581c4c8d1c13f564bce3
Cisco Immunet / Cisco AMP For Endpoints Scanning Denial Of Service
Posted Nov 9, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. Cisco Immunet versions prior to 6.2.0 and Cisco AMP For Endpoints version 6.2.0 are affected.

tags | exploit, local
systems | cisco, windows
advisories | CVE-2018-15437
MD5 | 7a4ff17f412569211f6751de8fc14501
Cisco WebEx Meetings Server XML Injection
Posted Nov 5, 2018
Authored by Alphan Yavas

Cisco WebEx Meetings Server suffers from an XML external entity injection vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2018-18895
MD5 | 152a45418f4705a70acc44ed4c1917c1
iOS copyin Check Kernel Stack Memory Disclosure
Posted Oct 19, 2018
Authored by Google Security Research, ianbeer

iOS suffers from a kernel stack memory disclosure due to failure to check copyin return value.

tags | advisory, kernel
systems | cisco, ios
advisories | CVE-2018-4363
MD5 | dabae5d2d2f7dfbc02093d00e56e96e6
Cisco Prime Infrastructure Remote Code Execution / Privilege Escalation
Posted Oct 9, 2018
Authored by Pedro Ribeiro

Full write up on the unauthenticated remote code execution and privilege escalation vulnerability in Cisco Prime Infrastructure.

tags | advisory, remote, code execution
systems | cisco
advisories | CVE-2018-15379
MD5 | 463b73ab6b4dc341e0abdb15816e4711
Apple Security Advisory 2018-10-08-1
Posted Oct 9, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-10-08-1 - iOS 12.0.1 is now available and addresses lock screen issues.

tags | advisory
systems | cisco, apple, ios
advisories | CVE-2018-4379, CVE-2018-4380
MD5 | 7973fb64f647f02a30d5b632ad7521b0
Cisco Prime Infrastructure Unauthenticated Remote Code Execution
Posted Oct 8, 2018
Authored by Pedro Ribeiro | Site metasploit.com

Cisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing.

tags | exploit, remote, root, vulnerability, code execution, file upload
systems | cisco
advisories | CVE-2018-15379
MD5 | 05f34986eb4c21ba7fbb27faa2f9bc8f
Apple Security Advisory 2018-9-24-4
Posted Sep 25, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-9-24-4 - APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple, ios
advisories | CVE-2016-1777, CVE-2018-4191, CVE-2018-4197, CVE-2018-4299, CVE-2018-4305, CVE-2018-4306, CVE-2018-4307, CVE-2018-4309, CVE-2018-4311, CVE-2018-4312, CVE-2018-4313, CVE-2018-4314, CVE-2018-4315, CVE-2018-4316, CVE-2018-4317, CVE-2018-4318, CVE-2018-4319, CVE-2018-4321, CVE-2018-4322, CVE-2018-4323, CVE-2018-4325, CVE-2018-4328, CVE-2018-4329, CVE-2018-4333, CVE-2018-4335, CVE-2018-4336, CVE-2018-4338, CVE-2018-4344
MD5 | be61103916d6a6155c475e643895c9b9
Apple Security Advisory 2018-9-17-1
Posted Sep 17, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-9-17-1 - iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.

tags | advisory, vulnerability
systems | cisco, apple, ios
advisories | CVE-2016-1777, CVE-2018-4305, CVE-2018-4307, CVE-2018-4313, CVE-2018-4322, CVE-2018-4325, CVE-2018-4329, CVE-2018-4330, CVE-2018-4335, CVE-2018-4338, CVE-2018-4352, CVE-2018-4356, CVE-2018-4362, CVE-2018-4363, CVE-2018-5383
MD5 | 94c7b08f05542c1e82ef6e458f60b472
Cisco Umbrella Roaming Client 2.0.168 Privilege Escalation
Posted Sep 6, 2018
Authored by ParagonSec

Cisco Umbrella Roaming Client version 2.0.168 suffers from a privilege escalation vulnerability.

tags | exploit
systems | cisco
advisories | CVE-2018-0437, CVE-2018-0438
MD5 | 077c7382cf0843a8338f4cafa0c01262
Cisco AnyConnect Secure Mobility Client 4.6.01099 Denial Of Service
Posted Aug 30, 2018
Authored by Luis Martinez

Cisco AnyConnect Secure Mobility Client version 4.6.01099 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
MD5 | 5ed808e3cadb933dedf1473553a3dc6e
Cisco Network Assistant 6.3.3 Denial Of Service
Posted Aug 28, 2018
Authored by Luis Martinez

Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | cisco
MD5 | 375bcf577cae1bcc14c321a3df4e319b
Linkedin iOS 9.11.8592.4 CPU Resource Exhaustion
Posted Aug 2, 2018
Authored by Juan Sacco

Linkedin mobile iOS application version 9.11.8592.4 suffers from a CPU resource exhaustion vulnerability.

tags | exploit, denial of service
systems | cisco, ios
MD5 | 548e38902cc5abaceaeb0c3f8618bdd6
Cisco Adaptive Security Appliance Path Traversal
Posted Jul 23, 2018
Authored by Angelo Ruwantha, Yassine Aboukir | Site metasploit.com

This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.

tags | exploit
systems | cisco
advisories | CVE-2018-0296
MD5 | bea90e46bf066fcc060cb43fe700e2fe
Apple Security Advisory 2018-7-23-3
Posted Jul 23, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | cisco, apple, ios
advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241
MD5 | 8427cf26d14947f142aa0d01ecf6404a
macOS / iOS OfficeImporter JavaScript Injection
Posted Jul 13, 2018
Authored by Google Security Research, lokihardt

macOS and iOS suffer from a javascript injection bug in OfficeImporter.

tags | exploit, javascript
systems | cisco, ios
MD5 | 8a77e3c5cc05866fe394bdbf6a928d1b
Apple Security Advisory 2018-7-9-1
Posted Jul 9, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-7-9-1 - iOS 11.4.1 is now available and addresses code execution and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | cisco, apple, ios
advisories | CVE-2018-4248, CVE-2018-4260, CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4266, CVE-2018-4267, CVE-2018-4270, CVE-2018-4271, CVE-2018-4272, CVE-2018-4273, CVE-2018-4274, CVE-2018-4275, CVE-2018-4277, CVE-2018-4278, CVE-2018-4280, CVE-2018-4282, CVE-2018-4284, CVE-2018-4290, CVE-2018-4293
MD5 | 45d49e10a5c072897d4d320a7c5c9ee5
Cisco Adaptive Security Appliance Path Traversal
Posted Jun 28, 2018
Authored by Yassin Aboukir

Cisco Adaptive Security Appliance suffers from a path traversal vulnerability.

tags | exploit, file inclusion
systems | cisco
advisories | CVE-2018-0296
MD5 | ff28a3e2da7f0ca29f3c16fb1eb66ca1
macOS / iOS Kernel Heap Overflow
Posted Jun 5, 2018
Authored by Google Security Research, ianbeer

The macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.

tags | exploit, overflow, kernel
systems | cisco, ios
advisories | CVE-2018-4243
MD5 | 8bc2ddee4be107c0fed7f5978e377f2c
Apple Security Advisory 2018-06-01-4
Posted Jun 4, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-06-01-4 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | cisco, apple
advisories | CVE-2018-4100, CVE-2018-4188, CVE-2018-4190, CVE-2018-4192, CVE-2018-4198, CVE-2018-4199, CVE-2018-4201, CVE-2018-4202, CVE-2018-4204, CVE-2018-4211, CVE-2018-4214, CVE-2018-4215, CVE-2018-4218, CVE-2018-4221, CVE-2018-4222, CVE-2018-4223, CVE-2018-4224, CVE-2018-4225, CVE-2018-4226, CVE-2018-4227, CVE-2018-4232, CVE-2018-4233, CVE-2018-4235, CVE-2018-4237, CVE-2018-4238, CVE-2018-4239, CVE-2018-4240, CVE-2018-4241
MD5 | fc219795904c819a159600cbcb5fc99d
Cisco SA520W Security Appliance Path Traversal
Posted May 18, 2018
Authored by Nassim Asrir

Cisco SA520W Security Appliance suffers from a path traversal vulnerability.

tags | exploit, file inclusion
systems | cisco
MD5 | d8f45b8bfc45f6a23ec142f301ed9a58
macOS/iOS ReportCrash Mach Port Replacement
Posted May 1, 2018
Authored by Google Security Research, ianbeer

macOS/iOS ReportCrash suffers from a mach port replacement due to failure to respect MIG ownership rules.

tags | exploit
systems | cisco, ios
advisories | CVE-2018-4206
MD5 | afd5e9434d99e4e48e8d1ec634a2c115
Apple Security Advisory 2018-04-24-1
Posted Apr 26, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-04-24-1 - iOS 11.3.1 is now available and addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | cisco, apple
advisories | CVE-2018-4187, CVE-2018-4200, CVE-2018-4204, CVE-2018-4206
MD5 | 98de22f1867cacebe8daa6b856915c99
Apple Security Advisory 2018-3-29-1
Posted Mar 30, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-3-29-1 - iOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, code execution
systems | cisco, apple
advisories | CVE-2018-4101, CVE-2018-4104, CVE-2018-4110, CVE-2018-4113, CVE-2018-4114, CVE-2018-4115, CVE-2018-4117, CVE-2018-4118, CVE-2018-4119, CVE-2018-4120, CVE-2018-4121, CVE-2018-4122, CVE-2018-4123, CVE-2018-4125, CVE-2018-4127, CVE-2018-4128, CVE-2018-4129, CVE-2018-4130, CVE-2018-4131, CVE-2018-4134, CVE-2018-4137, CVE-2018-4140, CVE-2018-4142, CVE-2018-4143, CVE-2018-4144, CVE-2018-4146, CVE-2018-4149, CVE-2018-4150
MD5 | 5b92704b509fc3379df8205091238791
Cisco node-jos Resign Tokens Proof Of Concept
Posted Mar 22, 2018
Authored by Andrea Cappa

Cisco node-jos versions prior to 0.11.0 re-sign tokens proof of concept exploit.

tags | exploit, proof of concept
systems | cisco
advisories | CVE-2018-0114
MD5 | 824c38b2de2a94881f541edcaf6779f3
Page 1 of 74
Back12345Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    11 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close