the original cloud security
Showing 51 - 75 of 5,157 RSS Feed

Operating System: Windows

Parallels Desktop 12.2.0 Virtual Machine Escape
Posted Jun 3, 2017
Authored by Mohammad Reza Espargham | Site twitter.com

Parallels Desktop version 12.2.0 and below suffer from a vulnerability that allows remote file sharing to be leveraged against the host operating system for arbitrary code execution.

tags | exploit, remote, arbitrary, code execution
systems | windows, apple, osx
MD5 | 69a4be4fd7692e5549456f998744139a
Wireshark Analyzer 2.2.7
Posted Jun 1, 2017
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Removed imagemagick and demote xdg-utils dependencies. Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | a4d880554c7f925dafef60fa313b580d
Microsoft MsMpEng Saved Callers Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, lokihardt

Microsoft Windows MsMpEng suffers from a saved caller use-after-free vulnerability.

tags | exploit
systems | windows
advisories | CVE-2017-8541
MD5 | 05faef0a20f3572f0904838b08cace5c
Microsoft MsMpEng GC Engine Use-After-Free
Posted May 31, 2017
Authored by Google Security Research, ianbeer

Microsoft Windows MsMpEng suffers from a remotely exploitable use-after-free vulnerability due to a design issue in the GC engine.

tags | exploit
systems | windows
advisories | CVE-2017-8540
MD5 | b3d45bc0bcfc72ee99f5a1e8c697ddc5
Intel SSD Toolbox 3.4.3 DLL Hijacking
Posted May 31, 2017
Authored by Stefan Kanthak

Intel SSD Toolbox version 3.4.3 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | cfd10a2e92d00e760fa07674700e0a87
Microsoft Azure Recovery Services Agent DLL Hijacking
Posted May 28, 2017
Authored by Stefan Kanthak

MARSAgentInstaller.exe, the Microsoft Azure Recovery Services Agent, suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 37834c3390d4392e132c3984f6c15039
Veritas Backup Exec Remote Agent For Windows Use-After-Free
Posted May 27, 2017
Authored by Matthew Daley

Veritas Backup Exec Remote Agent for Windows suffers from a use-after-free vulnerability. All versions before Backup Exec 16 FP1, Backup Exec 15 14.2.1180.3160, and Backup Exec 2014 14.1.1187.1126 are affected.

tags | advisory, remote
systems | windows
advisories | CVE-2017-8895
MD5 | a2f19b80d629adbcdd824fab754c16dc
Microsoft Windows LoadUvsTable() / LoadFont() Overflows
Posted May 23, 2017
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. An error within the "LoadUvsTable()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. An integer overflow error within the "LoadFont()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. Successful exploitation of the vulnerabilities allows execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
systems | windows
advisories | CVE-2017-0014
MD5 | 9ea266579c96614001066291a5387054
VX Search Enterprise GET Buffer Overflow
Posted May 23, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | d253f613c50ab1d748ea4f581c269908
VMWare Horizon 5.4 DLL Hijacking
Posted May 22, 2017
Authored by Owais Mehtab, Tayeeb Rana

VMWare Horizon client version 5.4 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | c00ff52553fc03783e70e427c0ab7515
Sync Breeze Enterprise GET Buffer Overflow
Posted May 20, 2017
Authored by Daniel Teixeira | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | f3556ba8acc91d809655f9aaf8017697
Microsoft Windows 7/2008 R2 x64 EternalBlue Remote Code Execution
Posted May 20, 2017
Authored by sleepya

Microsoft Windows 7/2008 R2 x64 EternalBlue SMB remote code execution exploit that leverages MS17-010.

tags | exploit, remote, code execution
systems | windows, 7
advisories | CVE-2017-0144
MD5 | 376497a061ce1620c9f18e1a8d725067
Microsoft Windows 8/2012 R2 x64 EternalBlue Remote Code Execution
Posted May 20, 2017
Authored by sleepya

Microsoft Windows 8/2012 R2 x64 EternalBlue SMB remote code execution exploit that leverages MS17-010.

tags | exploit, remote, code execution
systems | windows
advisories | CVE-2017-0144
MD5 | 06316808bbb73cda0328efe988402af7
Microsoft Windows ROTFLAGS_ALLOWANYCLIENT Privilege Escalation
Posted May 18, 2017
Authored by Google Security Research, forshaw

Microsoft Windows suffers from a running object table register ROTFLAGS_ALLOWANYCLIENT privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2017-0214
MD5 | 7824d2ba33b19311032329f4e36f8dea
Microsoft Windows COM Aggregate Marshaler/IRemUnknown2 Privilege Escalation
Posted May 18, 2017
Authored by Google Security Research, forshaw

Microsoft Windows suffers from a COM aggregate marshaler/IRemUnknown2 type confusion privilege escalation vulnerability.

tags | exploit
systems | windows
advisories | CVE-2017-0213
MD5 | 77406ac2d1bdd9f30ebc46435d3c30c1
Stealing Windows Credentials Using Google Chrome
Posted May 18, 2017
Authored by Bosko Stankovic

This paper describes an attack which can lead to Windows credentials theft, affecting the default configuration of the most popular browser in the world today, Google Chrome, as well as all Windows versions supporting it.

tags | paper
systems | windows
MD5 | a16cf3db1d86c6bd43dd6a775f759374
Microsoft Windows 32-bit / 64-bit cmd.exe Shellcode
Posted May 18, 2017
Authored by Filippo Bersani

718 byte small Microsoft Windows 32-bit/64-bit cmd.exe shellcode.

tags | shellcode
systems | windows
MD5 | eaad65dd236ae9932624072a1621ec69
Dup Scout Enterprise 9.5.14 Buffer Overflow
Posted May 17, 2017
Authored by Daniel Teixeira, vportal | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Dup Scout Enterprise v9.5.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.

tags | exploit, web, overflow, x86
systems | windows, 7
MD5 | 56aad3822c1d8c83c5c90f04a016891e
Serviio Media Server checkStreamUrl Command Execution
Posted May 17, 2017
Authored by LiquidWorm, Brendan Coles | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service (on port 23423 by default) exposes a REST API which which does not require authentication. The 'action' API endpoint does not sufficiently sanitize user-supplied data in the 'VIDEO' parameter of the 'checkStreamUrl' method. This parameter is used in a call to cmd.exe resulting in execution of arbitrary commands. This Metasploit module has been tested successfully on Serviio Media Server versions 1.4.0, 1.5.0, 1.6.0 and 1.8.0 on Windows 7.

tags | exploit, remote, arbitrary
systems | windows, 7
advisories | OSVDB-41961
MD5 | ab1da9f50ece75772d5c07e501778759
Microsoft Windows win32k!xxxClientLpkDrawTextEx Memory Disclosure
Posted May 16, 2017
Authored by Google Security Research, mjurczyk

Microsoft Windows suffers from a stack memory disclosure vulnerability in win32k!xxxClientLpkDrawTextEx.

tags | exploit
systems | windows
advisories | CVE-2017-0245
MD5 | e28d56ebf83a884d63fcc05a4f318288
Microsoft Windows Kernel nt!NtTraceControl Memory Disclosure
Posted May 16, 2017
Authored by Google Security Research, mjurczyk

The handler of the nt!NtTraceControl system call (specifically the EtwpSetProviderTraitsUm functionality, opcode 0x1E) discloses portions of uninitialized pool memory to user-mode clients on Microsoft Windows 10 systems.

tags | exploit
systems | windows
advisories | CVE-2017-0259
MD5 | 699f4cfcc05dedec9020e6ad6bfac9f4
Microsoft Windows Kernel DACL Descriptor Uninitialized Memory
Posted May 16, 2017
Authored by Google Security Research, mjurczyk

Microsoft Windows kernel suffers from an uninitialized memory issue in the default DACL descriptor of system processes token.

tags | exploit, kernel
systems | windows
advisories | CVE-2017-0258
MD5 | 360c787ff1a36b6077f7619614ae0805
Microsoft Windows Kernel bind() Out-Of-Bounds Read
Posted May 16, 2017
Authored by Google Security Research, mjurczyk

Two related bugs have been discovered in the Microsoft Windows kernel code responsible for implementing the bind() socket function, specifically in the afd!AfdBind and tcpip!TcpBindEndpoint routines. They both can lead to reading beyond the allocated pool-based buffer memory area, potentially allowing user-mode applications to disclose kernel-mode secrets. They can also be exploited to trigger a blue screen of death and therefore a denial of service condition.

tags | exploit, denial of service, kernel
systems | windows
advisories | CVE-2017-0175, CVE-2017-0220
MD5 | fb714457eb0672ef6032af4d1179f3ea
Apple Security Advisory 2017-05-15-5
Posted May 15, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-05-15-5 - iCloud for Windows 6.2.1 is now available and addresses memory corruption issues.

tags | advisory
systems | windows, apple
advisories | CVE-2017-2530
MD5 | 7fdd597fe5d7842a178b2462f14855ae
Microsoft IIS WebDav ScStoragePathFromUrl Overflow
Posted May 11, 2017
Authored by Dominic Chell, FireFart, Zhiniang Peng, Chen Wu, zcgonvh, Rich Whitcroft | Site metasploit.com

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Original exploit by Zhiniang Peng and Chen Wu.

tags | exploit, remote, web, overflow, arbitrary
systems | windows
advisories | CVE-2017-7269
MD5 | 95f8dd847406e195cfd9f81ff602c626
Page 3 of 207
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close