what you don't know can hurt you
Showing 26 - 50 of 100 RSS Feed

Files

Microsoft Windows NtUserSetWindowFNID Win32k User Callback
Posted Jul 16, 2019
Authored by ze0r, Jacob Robles, Kaspersky Lab | Site metasploit.com

An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86.

tags | exploit, x86
systems | windows, 7
advisories | CVE-2018-8453
MD5 | 410d26c4ad5d959638a9e5d77947143e

Related Files

Valve Steam Client Application v1559/1559 Local Privilege Escalation
Posted Jun 29, 2011
Authored by LiquidWorm | Site zeroscience.mk

Valve Steam Client Application version 1.0.968.628 is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice.

tags | exploit
MD5 | a520359ea1a44ddeefdb6d50fcde3fdb
Microsoft Source Code Analyzer For SQL Injection 1.3 Improper Permissions
Posted Mar 16, 2011
Authored by LiquidWorm | Site zeroscience.mk

Microsoft Source Code Analyzer for SQL Injection is a static code analysis tool for finding SQL Injection vulnerabilities in ASP code. The package suffers from an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exists due to the improper permissions, with the "C" flag (Change(write)) for the "Everyone" group, for the binary file msscasi_asp.exe and the package itself, msscasi_asp_pkg.exe.

tags | exploit, vulnerability, sql injection, asp
MD5 | 841332e88c593a6f6026a87099e436da
HP Security Bulletin HPSBMA02572 SSRT100082
Posted Sep 3, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Operations Agent running on Windows. The vulnerabilities could be exploited locally resulting in an elevation of privileges and remotely allowing execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | windows
advisories | CVE-2010-3004, CVE-2010-3005
MD5 | 3a249f396673948dfc9c54350c90b961
Apache Tomcat Insecure Partial Deploy After Failed Undeploy
Posted Jan 26, 2010
Authored by Mark Thomas | Site tomcat.apache.org

Apache Tomcat suffers from an insecure partial deploy after failed deploy vulnerability.

tags | advisory
advisories | CVE-2009-2901
MD5 | c2585e66384b114bf2a39ffdfab80a65
Apache Tomcat Unexpected File Deletion In Work Directory
Posted Jan 26, 2010
Authored by Mark Thomas | Site tomcat.apache.org

Apache Tomcat suffers from an unexpected file deletion in work directory vulnerability. Versions 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 are affected.

tags | advisory
advisories | CVE-2009-2902
MD5 | 5c6028b28581f02f5b89e29c451906a4
Oracle TNS Listener Denial Of Service
Posted Jan 22, 2010
Authored by Dennis Yurichev

Oracle RDBMS TNS Listener proof of concept exploit that causes the listener to crash.

tags | exploit, proof of concept
advisories | CVE-2010-0071
MD5 | 9db9475c08b68a1521a9a1ff413e1c0f
ISC DHCP dhclient Buffer Overflow
Posted Nov 17, 2009
Authored by Jon Oberheide

ISC DHCP dhclient scripts_write_params() stack buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2009-0692
MD5 | 0ec16a6f3d31b4088eedff4643bf281b
Apache Tomcat On Windows Blank Password
Posted Nov 17, 2009
Authored by Mark Thomas | Site tomcat.apache.org

The Apache Tomcat Windows installer insecurely leaves the default install with a blank administrator password. Versions 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 are affected.

tags | advisory
systems | windows
advisories | CVE-2009-3548
MD5 | a7ad56830eb83b64cf4dfde5bc78a28f
Oracle Database AUTH_SESSKEY Exploit
Posted Oct 30, 2009
Authored by Dennis Yurichev

Proof of concept exploit for Oracle Database versions 10.1.0.5 and 10.2.0.4 that relates to an improper AUTH_SESSKEY parameter length validation.

tags | exploit, proof of concept
advisories | CVE-2009-1979
MD5 | 660b662ab4b883cfab9655f94f942ca7
Microsoft TCP/IP Orphaned Connections
Posted Sep 10, 2009
Authored by Fabian Yamaguchi | Site recurity-labs.com

The TCP/IP-Stack of the Microsoft Windows XP/Vista Operating System is vulnerable to a remote resource exhaustion vulnerability. By taking advantage of this vulnerability, an attacker can cause a connection's Transmission Control Block (TCB) to remain in memory for an indefinite amount of time without the need for the attacker to further maintain the connection's activity.

tags | advisory, remote, tcp
systems | windows, xp
advisories | CVE-2009-1926
MD5 | a6db4b7c9fc168d5c98697fc58b7a950
Adobe Reader Collab.getIcon() Buffer Overflow
Posted Sep 3, 2009
Authored by Kralor

Adobe Reader Collab.getIcon() buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2009-0927
MD5 | 4cce506924a5ac785d4dae13690d8666
Linux 2.6 Stack Disclosure
Posted Sep 1, 2009
Authored by Jon Oberheide

Linux 2.6 kernel versions prior to 2.6.31-rc7 AF_IRDA 29 byte stack disclosure exploit.

tags | exploit, kernel
systems | linux
MD5 | 8f5d17ba50188d6e80c694c11d316c19
Linux Kernel procfs Memory Disclosure
Posted Aug 5, 2009
Authored by Jon Oberheide

procfs memory disclosure exploit for Linux kernel versions prior to 2.6.14.6.

tags | exploit, kernel
systems | linux
advisories | CVE-2005-4605
MD5 | 8cc2cbdef15eb432257ab82c2a6f20ab
Oracle Network Foundation Vulnerability
Posted Jul 25, 2009
Authored by Dennis Yurichev

The Network Foundation component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 suffers from an unspecified vulnerability. Proof of concept code included.

tags | exploit, proof of concept
advisories | CVE-2009-1020
MD5 | 5cbe81ca8ff50bd26315940033c3a0f3
Oracle 11.1.0.6.0 Denial Of Service
Posted Jul 25, 2009
Authored by Dennis Yurichev

Oracle version 11.1.0.6.0 win32 denial of service exploit.

tags | exploit, denial of service
systems | windows
advisories | CVE-2009-1019
MD5 | 56de590482620d9eed57ab2616404d58
Oracle 11g win32 Denial Of Service
Posted Jul 25, 2009
Authored by Dennis Yurichev

This advisory and proof of concept code demonstrates a denial of service vulnerability in Oracle 11g.

tags | exploit, denial of service, proof of concept
advisories | CVE-2009-1963
MD5 | 76fa54dfec37f0978cb2618e5821c487
Oracle Listener Denial Of Service
Posted Jul 25, 2009
Authored by Dennis Yurichev

This advisory and proof of concept exploit demonstrates a denial of service vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7.

tags | exploit, denial of service, proof of concept
advisories | CVE-2009-1970
MD5 | 2b60fd4d71bb8e2e2180830212dae8a9
FreeBSD nmount() Local Root Exploit
Posted Jul 3, 2009
Authored by Patroklos Argyroudis | Site census-labs.com

Local root exploit for FreeBSD nmount(). This affects FreeBSD 7.0-RELEASE and 7.0-STABLE.

tags | exploit, local, root
systems | freebsd
advisories | CVE-2008-3531
MD5 | cb68977abc42fc988ca5f40bc3c2a190
Apache Tomcat Information Disclosure
Posted Jun 9, 2009
Authored by Mark Thomas | Site tomcat.apache.org

When using a RequestDispatcher obtained from the Request in Apache Tomcat, the target path was normalized before the query string was removed. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected by a security constraint or by locating it in under the WEB-INF directory. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | exploit, web
advisories | CVE-2008-5515
MD5 | 96486123553ffe30efdc3b71817233f9
Apache Tomcat Information Disclosure
Posted Jun 4, 2009
Authored by Mark Thomas | Site tomcat.apache.org

Apache Tomcat suffers from a XML parser replacement related information disclosure vulnerability. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | advisory, info disclosure
advisories | CVE-2009-0783
MD5 | 08f1e7ba4435d455f05930aab934f184
Apache Tomcat Denial Of Service
Posted Jun 4, 2009
Authored by Mark Thomas | Site tomcat.apache.org

If Tomcat receives a request with invalid headers via the Java AJP connector, it does not return an error and instead closes the AJP connection. In case this connector is member of a mod_jk load balancing worker, this member will be put into an error state and will be blocked from use for approximately one minute. Thus the behavior can be used for a denial of service attack using a carefully crafted request. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | advisory, java, denial of service
advisories | CVE-2009-0033
MD5 | cddfc0b50c1108553df29136699f5d6c
Tomcat Information Disclosure
Posted Jun 4, 2009
Authored by Mark Thomas | Site tomcat.apache.org

Due to insufficient error checking in some authentication classes, Tomcat allows for the enumeration (brute force testing) of usernames by supplying illegally URL encoded passwords. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | advisory
advisories | CVE-2009-0580
MD5 | 14181015de14c4d7c6ea42ce93b724c8
OpenSSL 0.9.8.h DTLS Denial Of Service
Posted Jun 4, 2009
Authored by Jon Oberheide

OpenSSL versions below 0.9.8i DTLS ChangeCipherSpec remote denial of service exploit.

tags | exploit, remote, denial of service
advisories | CVE-2009-1386
MD5 | 0f9054c289a0fab81f30c48e4f2e32df
OpenSSL 0.9.8k Memory Exhaustion
Posted May 19, 2009
Authored by Jon Oberheide

OpenSSL versions 0.9.8k and 1.0.0-beta2 DTLS remote memory exhaustion denial of service exploit.

tags | exploit, remote, denial of service
advisories | CVE-2009-1378
MD5 | 455eeeeabcfe361fef23f6b0686933fa
Linux Kernel 2.6 UDEV Privilege Escalation
Posted May 1, 2009
Authored by Jon Oberheide

Linux 2.6 kernel udev versions below 1.4.1 local privilege escalation exploit.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2009-1185
MD5 | 88076ff8f3391f74c8c6c77d8b8343ff
Page 2 of 4
Back1234Next

File Archive:

March 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    2 Files
  • 2
    Mar 2nd
    18 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    12 Files
  • 5
    Mar 5th
    19 Files
  • 6
    Mar 6th
    8 Files
  • 7
    Mar 7th
    1 Files
  • 8
    Mar 8th
    1 Files
  • 9
    Mar 9th
    11 Files
  • 10
    Mar 10th
    15 Files
  • 11
    Mar 11th
    9 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    13 Files
  • 14
    Mar 14th
    10 Files
  • 15
    Mar 15th
    13 Files
  • 16
    Mar 16th
    27 Files
  • 17
    Mar 17th
    15 Files
  • 18
    Mar 18th
    23 Files
  • 19
    Mar 19th
    25 Files
  • 20
    Mar 20th
    10 Files
  • 21
    Mar 21st
    6 Files
  • 22
    Mar 22nd
    1 Files
  • 23
    Mar 23rd
    22 Files
  • 24
    Mar 24th
    15 Files
  • 25
    Mar 25th
    22 Files
  • 26
    Mar 26th
    20 Files
  • 27
    Mar 27th
    15 Files
  • 28
    Mar 28th
    10 Files
  • 29
    Mar 29th
    1 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close