exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Lenovo ThinkVantage Communications Utility 3.0.42.0 Privilege Escalation
Posted Oct 20, 2016
Authored by Joey Lane

Lenovo ThinkVantage Communications Utility version 3.0.42.0 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
SHA-256 | a92ca47eccd01ae4654243d47f3b098b100eb14af6a58f14d8f5b8f4bd1c1453

Related Files

Red Hat Security Advisory 2012-1149-01
Posted Aug 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1149-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. An insecure temporary file use flaw was found in the sudo package's post-uninstall script. A local attacker could possibly use this flaw to overwrite an arbitrary file via a symbolic link attack, or modify the contents of the "/etc/nsswitch.conf" file during the upgrade or removal of the sudo package. This update also fixes the following bugs:

tags | advisory, arbitrary, local, root
systems | linux, redhat
advisories | CVE-2012-3440
SHA-256 | beba8e6ed13cfb26fb7c7c1854aef7f93f140ed6cc736059b657a68db78e6e8f
Ubuntu Security Notice USN-1511-1
Posted Jul 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1511-1 - Huzaifa Sidhpurwala discovered that the tiff2pdf utility incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3401
SHA-256 | 6d79518b72d5ecf13083c6ab3b54a05a6a053fc38887997dd9f4db4d024afa41
Red Hat Security Advisory 2012-1081-01
Posted Jul 16, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1081-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on hosts not matched by any of the network specifications. All users of sudo are advised to upgrade to this updated package, which contains a backported patch to correct this issue.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2012-2337
SHA-256 | 2dfbfa43bde13f32ff7b638eeb910225f286b002c9fd10e5b654f6375bb16e10
Ubuntu Security Notice USN-1498-1
Posted Jul 5, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1498-1 - It was discovered that the TIFF library incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. It was discovered that the tiff2pdf utility incorrectly handled certain malformed TIFF images. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2088, CVE-2012-2113, CVE-2012-2088, CVE-2012-2113
SHA-256 | 3b79f4af0c1548cb1ed223db3afc67082ff8290dc8746f691a68cb86abbbd616
Sielco Sistemi Winlog 2.07.16 Code Execution / Directory Traversal
Posted Jun 27, 2012
Authored by Luigi Auriemma | Site aluigi.org

Sielco Sistemi Winlog versions 2.07.16 and below suffer from various code execution, stack overflow, and directory traversal vulnerabilities. Proof of concept utility included.

tags | exploit, overflow, vulnerability, code execution, proof of concept
systems | linux
SHA-256 | 2c3d3186116ed66592e68144dac18e5288896dc07ba9846d20cbd79b708917db
Nmap Port Scanner 6.01
Posted Jun 24, 2012
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Multiple bug fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
SHA-256 | e69fbebcebb7d9509ca9133c39b2f91991a44738d1844caf385f1f3f66f73979
Red Hat Security Advisory 2012-0958-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0958-04 - The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file, but did not remove the root user's password from it before adding the file to the resulting archive of debugging information. An attacker able to access the archive could possibly use this flaw to obtain the root user's password. "/root/anaconda-ks.cfg" usually only contains a hash of the password, not the plain text password.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2012-2664
SHA-256 | 03ed5dafab5d4b2b65c9f7dda0dbbc677dca70ad262f3abffdc9d6c85f4d2ea2
Red Hat Security Advisory 2012-0841-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0841-04 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4088, CVE-2012-1106
SHA-256 | bd72154a1c7c9f34d01a0388a2d739ac8d018b2bd3b877ce4278e6dd64c6a0a6
Red Hat Security Advisory 2012-0810-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0810-04 - BusyBox provides a single binary that includes versions of a large number of system commands, including a shell. This can be very useful for recovering from certain types of system failures, particularly those involving broken shared libraries. A buffer underflow flaw was found in the way the uncompress utility of BusyBox expanded certain archive files compressed using Lempel-Ziv compression. If a user were tricked into expanding a specially-crafted archive file with uncompress, it could cause BusyBox to crash or, potentially, execute arbitrary code with the privileges of the user running BusyBox.

tags | advisory, arbitrary, shell
systems | linux, redhat
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | 692a17a1637832054a96a9ba834f72d74f07559261d87ec14a946255edfa3450
Samsung AllShare 2.1.1.0 NULL Pointer
Posted Jun 20, 2012
Authored by Luigi Auriemma | Site aluigi.org

Samsung AllShare versions 2.1.1.0 and below suffer from a NULL pointer vulnerability. Proof of concept utility included.

tags | exploit, proof of concept
systems | linux
SHA-256 | 83cd80b6e2edbb33b8a4976ea647724003619c7fb8d84f66b2a16fcef95d2296
DeXSS 1.2
Posted Jun 12, 2012
Site dexss.org

DeXSS provides a SAX2 Parser to help protect against cross site scripting (XSS) attacks. DeXSS uses TagSoup to parse potentially malformed input, followed by a SAX2 filter pipeline to remove JavaScript from HTML. You can use the DeXSS parser in place of your existing SAX2 parser, or you can use the DeXSS utility to provide a string-to-string conversion.

Changes: This release adds a CSS sanitizer, uses the OSBCP CSS Parser, canonizes CSS in @style, and attempts to remove javascript: and expression(). Inline <style> CSS is still elided.
tags | tool, web, javascript, xss
SHA-256 | 6b2ac847ccc68a5a4b369c54df3b011afeef4702562ef4d6304a3355e16ed115
OpenSSL 1.0.1 Buffer Overflow
Posted Jun 1, 2012
Authored by David M. Anthony, Vincent J. Buccigrossi III

OpenSSL version 1.0.1 suffers from a local buffer overflow vulnerability in the command line utility.

tags | advisory, overflow, local
SHA-256 | a5fcc3832f2520c9e1f546ab32a9b27fdfd7926a5b3de285d09980efe0d00fff
Nmap Port Scanner 6.00
Posted May 22, 2012
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: NSE has been enhanced, there is better web scanning, full IPv6 support added, a new nping tool, better zenmap gui, and faster scans. First major release since 2009.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
SHA-256 | 54a6978fdaae8c9a83798016669aebaf82c92f549478b0be940844cd0189258e
Red Hat Security Advisory 2012-0677-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0677-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0868
SHA-256 | 99eb758e26ad01db7e3e088f497dd8ec98005e8f4fdef7cb43e51787e609733a
Red Hat Security Advisory 2012-0678-01
Posted May 22, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0678-01 - PostgreSQL is an advanced object-relational database management system. The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-0866, CVE-2012-0867, CVE-2012-0868
SHA-256 | a11a5493acd610cf7f4bfdc27b2eba1d9d44ea753011012d38733b38292f077e
Zone-H Multithreaded Poster
Posted May 21, 2012
Authored by miyachung

Zone-H posting utility that is multi-threaded.

tags | tool
systems | unix
SHA-256 | b66e0936308863c1f7d366e259b553da4eb8876a94121e392bd577f7c622e4b7
oclHashcat+ Advanced GPU Hash Cracking Utility 32-Bit 0.08
Posted May 2, 2012
Authored by dropdead | Site hashcat.net

oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 32-bit version.

Changes: Various speed changes, kernel additions, and other improvements.
tags | cracker
SHA-256 | 619a15cfcb80ab0c595c05dd9771cef8edb986716110df6007e589fb9313db05
oclHashcat+ Advanced GPU Hash Cracking Utility 64-Bit 0.08
Posted May 2, 2012
Authored by dropdead | Site hashcat.net

oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. 64-bit version.

Changes: Various speed changes, kernel additions, and other improvements.
tags | cracker
SHA-256 | 216e918ae767ffdc89f9582d7d8b22672195a20158c9d05a9d674edb52ea5325
SHA-1 MySQL Bruteforcer
Posted Apr 30, 2012
Authored by baltazar

SHA-1 MySQL database brute forcing utility. Written in Python.

tags | cracker, python
SHA-256 | 0068129733662bae54b4b7a0b553891a45edd277617355e6aec8c7aae793b8ad
Ubuntu Security Notice USN-1416-1
Posted Apr 5, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1416-1 - Alexander Gavrun discovered that the TIFF library incorrectly allocated space for a tile. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service. It was discovered that the tiffdump utility incorrectly handled directory data structures with many directory entries. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. This issue only applied to Ubuntu 8.04 LTS, Ubuntu 10.04 LTS, Ubuntu 10.10 and Ubuntu 11.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-1173, CVE-2010-4665, CVE-2010-4665, CVE-2012-1173
SHA-256 | 681cde6032e82ac9b21d67f935de062ade203b655ea767682858a6b7da05457c
cryptmount Filesystem Manager 4.3
Posted Mar 30, 2012
Authored by RW Penney | Site cryptmount.sourceforge.net

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

Changes: Support for environment variable within configuration files was added (e.g. allowing mounting beneath the calling user's $(HOME) directory). Compatibility with LUKS encrypted filesystems was improved to mirror cryptsetup-1.4. Various improvements to the build system were implemented.
tags | kernel, encryption
systems | linux, unix
SHA-256 | d55c0d9a11ef35fbbf7fd3a4557f43d670069ca55b97907fda8e756b11c3812d
Mandriva Linux Security Advisory 2012-035
Posted Mar 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-035 - Multiple out-of heap-based buffer read flaws and invalid pointer dereference flaws were found in the way file, utility for determining of file types processed header section for certain Composite Document Format files. A remote attacker could provide a specially-crafted CDF file, which once inspected by the file utility of the victim would lead to file executable crash. The updated packages for Mandriva Linux 2011 have been upgraded to the 5.11 version and the packages for Mandriva Linux 2010.2 has been patched to correct these issues.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2012-1571
SHA-256 | 4047982958ece3e56808e6732bee8a5b66fdecf385ac7aecc0043d63cb942a06
Simple Fuzzing Utility 0.7.0
Posted Mar 4, 2012
Authored by aaron conole | Site aconole.brad-x.com

Simple Fuzz is a simple fuzzer. It has two network modes of operation, an output mode for developing command line fuzzing scripts, as well as taking fuzzing strings from literals and building strings from sequences. It is built to fill a need - the need for a quickly configurable black box testing utility that does not require intimate knowledge of the inner workings of C or require specialized software rigs. The aim is to just provide a simple interface, clear inputs/outputs, and reusability.

Changes: Fixed a long standing bug in the memory block replacement code. Added the ability to fuzz via blocks (ala spike/sulley fuzz frameworks). Added the ability to trap crashes via a harness program.
tags | fuzzer
SHA-256 | a65bb4d048c713dd9ecc4b42b98cc124516fd5c1df19deddfc664476aad7caac
Red Hat Security Advisory 2012-0309-03
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0309-03 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the sudo password checking logic. In configurations where the sudoers settings allowed a user to run a command using sudo with only the group ID changed, sudo failed to prompt for the user's password before running the specified command with the elevated group privileges. Various other issues have also been addressed in this advisory.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2011-0010
SHA-256 | a827591da4fea2ba8c870bb76c75ed69cda355d31fcd569f1ba1cd76fc27be43
Red Hat Security Advisory 2012-0153-03
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0153-03 - Sos is a set of tools that gather information about system hardware and configuration. The sosreport utility incorrectly included Certificate-based Red Hat Network private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access Red Hat Network content available to the host. This issue did not affect users of Red Hat Network Classic. This updated sos package also includes numerous bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4083
SHA-256 | 72f02d3ff7245ab41813002e88e09e0957605f7db822e4b33daab5eebda5e2ed
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close