exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Fibaro Home Center MITM / Missing Authentication / Code Execution
Posted Apr 20, 2021
Authored by Marton Illes, USER | Site iot-inspector.com

Fibaro Home Center Light and Fibaro Home Center 2 versions 4.600 and below suffer from man-in-the-middle, missing authentication, remote command execution, and missing encryption vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992
SHA-256 | 61fbf8e898e5647475b75b14d238a14e644554ce2d678e64107b734ed94f6275

Related Files

Adobe Flash Player 11.3 Font Parsing Code Execution
Posted Aug 17, 2012
Authored by sinn3r, Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.3.300.271. By supplying a corrupt Font file used by the SWF, it is possible to gain arbitrary remote code execution under the context of the user, as exploited in the wild.

tags | exploit, remote, arbitrary, code execution, activex
advisories | CVE-2012-1535, OSVDB-84607
SHA-256 | b495613b72210817067894eb7ff5c08f46dcd44c9088ea935d0a7be729049d9a
Zero Day Initiative Advisory 12-144
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2012-0409
SHA-256 | 6b5f97b1c544b37daf25f97b0b52fcbb7493e4537b578d0236271819a3ac573e
Zero Day Initiative Advisory 12-143
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-143 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DWGDP.DLL, which is responsible for parsing DXF files. When processing MTEXT strings in the ENTITIES section of the DXF file, certain characters are sought after to end the string copy function. If these characters are not found, the copy function will continue to copy data outside of the stack buffer, causing memory corruption. An attacker can utilize this vulnerability to execute code under the context of the program.

tags | advisory, remote, arbitrary
advisories | CVE-2012-1888
SHA-256 | 29879fb724204896caa7ed97dd1f02f239316276d4f0957c222aefe4cf9c59fb
Zero Day Initiative Advisory 12-142
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-142 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the BasicService.showDocument Java Webstart function. This function allows additional parameters to be passed to the browser. Depending on which browser the user has set as default browser this could lead to remote code execution under the context of the current user.

tags | advisory, java, remote, arbitrary, code execution
advisories | CVE-2012-1713
SHA-256 | 4b4d0a01355713d6b9b2023bec9de5d8a94b9df2193510d724d023512bc800da
Zero Day Initiative Advisory 12-141
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the .NET Framework. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within Microsoft .NET XAML Browser Application (XBAP) handling of Clipboard object data. It is possible to cause unsafe memory access within System.Windows.Forms.Clipboard, allowing an attacker to control the memory used by an object's native code. This unsafe access allows for control of a function pointer, which can be exploited to remotely execute code. In the case of Internet Explorer, execution of attacker code occurs outside of the Protected Mode sandbox.

tags | advisory, remote, arbitrary
systems | windows
advisories | CVE-2012-1855
SHA-256 | 8a9c280b793fd5689ee6d1eab372451da1a6ddfa522f51fffe5b3eeaf469a90f
Zero Day Initiative Advisory 12-140
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-140 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee SmartFilter Administration Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Method Invocation (RMI) component which is exposed by SFAdminSrv.exe process. This process exposes various RMI services to TCP ports 4444 (JBoss RMI HTTPInvoker), 1098 (rmiactivation), 1099 (rmiregistry). Requests to these services are not authenticated and can be used to instantiate arbitrary classes or to upload and execute arbitrary archives. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 6d44dbf9f816ae47b69459fc6a3ae55af8b47454af0c493a2b31bcdd640effcb
Alpha Networks ADSL2/2+ Wireless Router ASL-26555 Password Disclosure
Posted Aug 17, 2012
Authored by Alberto Ortega

Alpha Networks ADSL2/2+ Wireless Router version ASL-26555 suffers from a remote administration password disclosure vulnerability. Tested on firmware version 2.0.0.30B_ES.

tags | exploit, remote
SHA-256 | 0acc750576387e5c5c8428df81f18e8f0e01592d9d5308c8ea0f94e991b8de78
Zero Day Initiative Advisory 12-139
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-139 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. Authentication is not required to exploit this vulnerability. The flaw exists within the ebus-3-3-2-7.dll component which is used by the crystalras.exe service. This process listens on a random TCP port. When unmarshalling GIOP ORB encapsulated data the process invokes a memcpy constrained by a user controlled value. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | b5cd95c093a6d7c698cda8f5b0501a67a51fa6615c044079dd187f2f91b82aa0
Zero Day Initiative Advisory 12-138
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-138 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Business Objects Financial Consolidation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CtAppReg.dll. In the Check function, there is a vulnerability in the handling of the username parameter. If an overly long string is used as the username, it can overwrite heap memory. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary
SHA-256 | 71f5cfb590cb170041ac772bc7eb8657757c72abff12510ade4581f83a51f776
Zero Day Initiative Advisory 12-137
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-137 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability. The flaw exists within the libsecurity_cdsa_plugin which implements routines defined in libsecurity_cssm. The library defines an allocation routine as having an argument type uint32. The implemented methods in the cdsa_plugin accept parameter having type size_t, this value is truncated from 64 bits to 32 bits when being passed to the library routine. This can lead to an underallocated memory region and ultimately a write out of bounds. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2012-0651
SHA-256 | 46ab23dd80c0f29f56b1529836ab00f816dadca849f9f53aba67524769c8cb32
Zero Day Initiative Advisory 12-136
Posted Aug 17, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within how the application handles a malformed atom type when playing a movie encoded with uncompressed audio. When decoding the audio sample the application will use a 16-bit length for allocating a buffer, and a different one for initializing it. This can cause memory corruption which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-3220
SHA-256 | 279769476bb55b52fb4a1cfea0a3fa4d6c15f5a797a70b8f549cd186ec7efd2d
SAP AG Netweaver 7.02 Remote Code Execution
Posted Aug 17, 2012
Authored by Michael Jordon | Site contextis.co.uk

SAP AG Netweaver version 7.02 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
SHA-256 | bc9fad193d6f2e04e8df1bf4cfc5a190a25e5a0138df0d303bf2c0d262bf1e51
Mandriva Linux Security Advisory 2012-138
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-138 - Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask. A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. The updated packages have been patched to correct this issue.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2011-4578
SHA-256 | 0bc07732113abfe4a4d47247e6e85dbe5ba0d3f2ba67d9ce240dd0715687d2eb
HP Security Bulletin HPSBUX02806 SSRT100789
Posted Aug 17, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02806 SSRT100789 - A potential security vulnerability has been identified in HP Serviceguard. This vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2012-3252
SHA-256 | 949c8c74067a27868fd5841215f2f72a17ba553b4c20f6211ace8ca5c018dcc3
Mandriva Linux Security Advisory 2012-137
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-137 - Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges. Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask. A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask. The updated packages have been patched to correct these issues.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2011-2777, CVE-2011-4578
SHA-256 | bf64566f3857d8378c5f530d05dddf5ae935df9d405244ca913d69759b5cc8fb
Mandriva Linux Security Advisory 2012-136
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-136 - Multiple cross-site scripting vulnerabilities was discovered by using the Database structure page with a crafted table name. This upgrade provides the latest phpmyadmin version to address this vulnerability.

tags | advisory, vulnerability, xss
systems | linux, mandriva
advisories | CVE-2012-4345
SHA-256 | 4f113b7473341f4b5b1404d9fbf72c22dd8466370f6b383c45f0eb638cb6c89e
Lsoft ListServ 16 Cross Site Scripting
Posted Aug 17, 2012
Authored by Jose Carlos de Arriba

Lsoft ListServ version 16 suffers from a cross site scripting vulnerability. The issue is fixed in WA revision r4276.

tags | exploit, xss
SHA-256 | ffe1f02e0f063983d7edcebebc145edd536e5798c84727d1e438b00cb820d5c1
Jaow CMS 2.3 Cross Site Request Forgery
Posted Aug 17, 2012
Authored by DaOne

Jaow CMS version 2.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c657173514edace566f414ca34f718968863e18646b9923687c4ad2e09b82608
Elastix 2.2.0 Local File Inclusion
Posted Aug 17, 2012
Authored by cheki

Elastix version 2.2.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | e3766268449894cd90fba749cdfdc3b110bd29043924e14cf6418689bfa23382
Hastymail2 Webmail 1.1 RC2 Cross Site Scripting
Posted Aug 17, 2012
Authored by Shai rod

Hastymail2 Webmail version 1.1 RC2 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e5603aa49a000259245c4d8c25c238c4b532a5ced67a9626f40e89c41de66dc6
T-dah Webmail 3.2.0 Cross Site Scripting
Posted Aug 17, 2012
Authored by Shai rod

T-dah Webmail version 3.2.0 suffers from stored cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f849cce7db945350fcf31a0846493b9158d0a5016e1c297b052c01017c41218b
ICS-CERT Advisory - Tridium Niagara Issues
Posted Aug 17, 2012
Authored by ICS-CERT | Site ics-cert.org

ICS-CERT Advisory ICSA-12-228-01 - Independent security researchers Billy Rios and Terry McCorkle have identified multiple vulnerabilities in the Tridium Niagara AX Framework software. The vulnerabilities include directory traversal, weak credential storage, session cookie weaknesses, and predictable session IDs, all of which can be exploited remotely. All known versions of the Tridium Niagara AX Framework software products are susceptible to these vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-4027, CVE-2012-4028, CVE-2012-3025, CVE-2012-3024
SHA-256 | a321597efe4a62df5a3a2266cf1f16eb392c55adffe8c8fa35b7747b79ea649b
GNU Transport Layer Security Library 3.1.0
Posted Aug 17, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release adds support for using and storing cryptographic keys in the system's TPM module and several other improvements.
tags | protocol, library
SHA-256 | 4fdb58572fb91fc0afbdfcd7845d4467d4b13ef2f9141bdaa955b959a319f8cc
GIMP 2.6 Script-Fu Command Execution
Posted Aug 17, 2012
Site reactionpenetrationtesting.co.uk

There is an arbitrary command execution vulnerability in the scriptfu network server console in the GIMP 2.6 branch. It is possible to use a python scriptfu command to run arbitrary operating-system commands and potentially take full control of the host.

tags | advisory, arbitrary, python
advisories | CVE-2012-4245
SHA-256 | 6bb8abc35df548c551fcf9ff102ee8db444b1e273993fe8a725e91885c36da04
Mandriva Linux Security Advisory 2012-135
Posted Aug 17, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-135 - The DCP ETSI dissector could trigger a zero division. The MongoDB dissector could go into a large loop. The XTP dissector could go into an infinite loop. The AFP dissector could go into a large loop. The RTPS2 dissector could overflow a buffer. The CIP dissector could exhaust system memory. The STUN dissector could crash. The EtherCAT Mailbox dissector could abort. The CTDB dissector could go into a large loop. This advisory provides the latest version of Wireshark which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4296, CVE-2012-4291, CVE-2012-4292, CVE-2012-4293, CVE-2012-4290
SHA-256 | ed1f626a9ec66091da1ced33f9dcf94853900a07685bff02a384520cb736cdfc
Page 1 of 4
Back1234Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close