exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 93 RSS Feed

Files

nmrc-14Jan2006.txt
Posted Jan 15, 2006
Authored by Simple Nomad | Site nmrc.org

This advisory documents an anomaly involving Microsoft's Wireless Network Connection. If a laptop connects to an ad-hoc network it can later start beaconing the ad-hoc network's SSID as its own ad-hoc network without the laptop owner's knowledge. This can allow an attacker to attach to the laptop as a prelude to further attack.

tags | advisory
SHA-256 | 78cd0166cc3fdf94d948b2a5271ecace8556a14b625a9e730b15c0da1b9c63fa

Related Files

Signal Desktop HTML Tag Injection Variant 2
Posted May 16, 2018
Authored by Juliano Rizzo, Alfredo Ortega, Javier Lorenzo Carlos Smaldone, Ivan Ariel Barrera Oro, Matt Bryant

This advisory documents proof of concept flows for manipulation the HTML tag injection vulnerability discovered in Signal Desktop. Versions affected include 1.7.1, 1.8.0, 1.9.0, 1.10.0, and 1.10.1.

tags | exploit, proof of concept
advisories | CVE-2018-11101
SHA-256 | 5f9aa1e1147648a40479bc5b43a72f60f8b6d73aedadd62e3613fc7f5288b2b5
Huawei P8 wkupccpu debugfs Kernel Buffer Overflow
Posted Dec 19, 2017
Authored by Maor Shwartz | Site beyondsecurity.com

This advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 - wkupccpu debugfs driver.

tags | exploit, overflow
SHA-256 | d40d38e0a9f14578c574f26fe0869def5ba0555d6b646ec1c96d3aea5c4ed0ce
Windows Kernel Pool Ntfs!LfsRestartLogFile Memory Disclosure
Posted Oct 16, 2017
Authored by Google Security Research, mjurczyk

This advisory discusses a Microsoft Windows kernel pool memory disclosure into NTFS metadata ($LogFile) in Ntfs!LfsRestartLogFile.

tags | advisory, kernel
systems | windows
advisories | CVE-2017-11817
SHA-256 | 79957168f93861bbb46f21290a78b65b360080d54ec073682cd4e16fbff74b4b
LightDM (Ubuntu 16.04/16.10) Privilege Escalation
Posted Apr 26, 2017
Authored by G. Geshev

This advisory describes a local privilege escalation via guest-account in LightDM found in Ubuntu versions 16.10 / 16.04 LTS.

tags | exploit, local
systems | linux, ubuntu
advisories | CVE-2017-7358
SHA-256 | 7eb1528e323459cf945e526fa778e82b210bbab5581e8b3874acbbb6985be89b
Crowd LDAP Java Object Injection
Posted Oct 31, 2016
Authored by David Black

This advisory discloses a critical severity security vulnerability which was introduced in version 1.4.1 of Crowd. Versions of Crowd starting with 1.4.1 before 2.8.8 (the fixed version for 2.8.x) and from 2.9.0 before 2.9.5 (the fixed version for 2.9.x) are affected by this vulnerability. The Crowd LDAP directory connector allowed an attacker to gain remote code execution in Crowd by injecting malicious attributes in LDAP entries.

tags | advisory, remote, code execution
advisories | CVE-2016-6496
SHA-256 | 00e91976667b938daa14e3aa6743fb0498e57d84e1eb456c7cb1f29f942fcf81
Bamboo Deserialization Issue
Posted Jul 26, 2016
Authored by David Black, Moritz Bechler

This advisory discloses a critical severity security vulnerability which was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) and from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x) are affected by this vulnerability.

tags | advisory
advisories | CVE-2016-5229
SHA-256 | dbfb17c0ede40ea6f49b801493783efdda5b7f9fcc1178a440c9e193c5f682f4
Bamboo Deserialization / Missing Authentication Checks
Posted Jan 22, 2016
Authored by David Black

Bamboo suffers from deserialization and missing authentication check vulnerabilities. This advisory discloses multiple critical severity security vulnerabilities of which the earliest vulnerability was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.9.9 (the fixed version for 5.9.x) are vulnerable.

tags | advisory, vulnerability
advisories | CVE-2014-9757, CVE-2015-8360, CVE-2015-8361
SHA-256 | 27f3a84e5ff5328e43491d29c853f00c327b6ccf574c0b242b8a87e43667a2da
Kaseya Browser 7.0 Android Path Traversal
Posted Jan 29, 2015
Authored by Denis Andzakovic | Site security-assessment.com

This advisory details a vulnerability found within Kaseya Browser Android application. A path traversal vulnerability was discovered within an exported content provider, resulting in the disclosure of arbitrary files, including internal application files.

tags | exploit, arbitrary, file inclusion
SHA-256 | cd0eed73304887bcbc11bac4f7dca27d8f196f11666aa9eebef47a9489785ca8
Kaseya BYOD Gateway 7.0.2 SSL Certificate Validation / Redirection
Posted Jan 29, 2015
Authored by Denis Andzakovic | Site security-assessment.com

This advisory details multiple vulnerabilities found within the Kaseya BYOD Gateway software. By chaining a combination of lacking SSL verification, poor authentication mechanisms and arbitrary redirection vulnerabilities, a malicious entity may potentially compromise any Kaseya BYOD installation. The Kaseya BYOD Gateway software uses a redirection feature, wherein users are redirected to their local Kaseya installation via Kaseya's hosted servers. The update request from the BYOD Gateway software to the Kaseya hosted servers was not found to verify SSL certificates and fails to implement any form of authentication, instead relying on the length of the gateway identifier to provide security. Thus, the security of the solution depends on an attacker's ability to enumerate the gateway identifier. Once a malicious user enumerates the Gateway identifier, then they may update the redirect rule for that customer in Kaseya's hosted servers, redirecting customers to a malicious Kaseya BYOD Gateway. Version 7.0.2 is affected.

tags | exploit, arbitrary, local, vulnerability
SHA-256 | 84b242264d948879e1883fb40c965edd3e0f9240397d1c5870d701482625f9be
Facebook Open Redirect
Posted Jan 13, 2015
Authored by Jing Wang

This advisory discusses open redirect issues in Facebook, both old and new.

tags | exploit
SHA-256 | 4aa7a6ba3a89f57a83a96ba40e358dfc5dc69f38da33da44ddb91cbefd30001b
Nagios NRPE Weak Cryptography Implementation
Posted Feb 14, 2014
Authored by Aaron Zauner

This advisory discusses a weak cryptography implementation in NRPE, the remote monitoring agent distributed with Nagios.

tags | advisory, remote
SHA-256 | 9513ca804b2266816b1f59df17644a5e411eb0d568e52e7f93c445b9e778b63c
PayPal Cross Site Scripting
Posted Feb 13, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

This advisory documents the 17th PayPal bug bounty Vulnerability Labs received for a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c3159303306fc3e4bd5a3833fb174c160953470d614af33b1969327a5efddea0
Oracle Web Logic Node Manager UNC Path Remote File Execution
Posted Mar 20, 2012
Authored by Darren McDonald

This advisory documents the Oracle Web Logic Node Manager UNC path remote file execution exploitation details.

tags | exploit, remote, web
SHA-256 | daaffc0bec7c483c0d88adc5451469a0a0532e7447405434739568711c8fe617
Skype Remote Scripting Injection
Posted May 8, 2011
Authored by Rohit Bansal | Site secniche.org

This advisory discusses a re mote scripting injection issue with Skype on Mac OS X.

tags | advisory
systems | apple, osx
SHA-256 | 709d209d6b139b30f4f885a39c7413251dcb2f639592c6e221e4bcd8027a2517
Joomla Components Remote File Inclusion
Posted Oct 13, 2010
Authored by jos_ali_joe

This advisory documents a large amount of remote file inclusion vulnerabilities in numerous Joomla components.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 58b131c80a539ceae3408fb3b0abcf155b28e84326413db44b9b2eb5a5ab76a6
Core Security Technologies Advisory 2010.0121
Posted Feb 6, 2010
Authored by Core Security Technologies, Dan Crowley | Site coresecurity.com

Core Security Technologies Advisory - This advisory describes multiple vulnerabilities based on quirks in how Windows handles file names. Nginx, Cherokee, Mongoose, and LightTPD webservers suffer from related vulnerabilities. Details are provided.

tags | exploit, vulnerability
systems | windows
SHA-256 | d14c8eb014b778de314270ccadfa10820be40c7e4cb58c2ae40cd08b564722b4
Core Security Technologies Advisory 2009.0625
Posted Feb 4, 2010
Authored by Core Security Technologies, Jorge Luis Alvarez Medina, Federico Muttis | Site coresecurity.com

Core Security Technologies Advisory - This advisory describes two vulnerabilities that provide access to any file stored in on a user's desktop system if it is running a vulnerable version of Internet Explorer. These vulnerabilities can be used in attacks combined with a number of insecure features of Internet Explorer to provide remote access to locally stored files without the need for any further action from the victim after visiting a website controlled by the attacker.

tags | exploit, remote, vulnerability
advisories | CVE-2010-0255
SHA-256 | c800a9c7100145533df8300c9ca9eb4514a7c1bea12adc78a2c14e81e1b7f5a6
HMS HICP Modification / Intellicom NetBiterConfing.exe Stack Overflow
Posted Dec 15, 2009
Authored by Ruben Santamarta | Site reversemode.com

This advisory documents vulnerabilities in the HMS HICP protocol as well as an Intellicom NetBiterConfing.exe remote stack overflow vulnerability. Proof of concept code included.

tags | exploit, remote, overflow, vulnerability, protocol, proof of concept
SHA-256 | 568bd797eaf1f7ed214afde142e6f10f82177d14ce3e3f83f9c7be7f09b32e90
ftpd-xsrf.txt
Posted Sep 27, 2008
Authored by Maksymilian Arciemowicz | Site securityreason.com

This advisory discusses the idea of leveraging ftp using the likes of a cross site request forgery attack.

tags | advisory, csrf
SHA-256 | 7fb17ffceff5669295410473648b9b821097dd9a109cceaa4c8721d590ce1646
vimfiletype-exec.txt
Posted Jul 23, 2008
Authored by Jan Minar

This advisory discusses the filetype.vim vulnerability in Vim version 7.2b.10 that allows for arbitrary code execution and also notes that the Vim patch 7.1.300 did not fix the vulnerability.

tags | advisory, arbitrary, code execution
SHA-256 | ce5ac1fb0fa0e4f7d6ca3213e51c52d637564fd39e7c05602f63456e5bd83fcd
TRSA00001.txt
Posted Jun 27, 2006
Authored by Martin Herfurt | Site trifinite.org

This advisory describes a vulnerability that affects Toshiba Bluetooth Host Stack implementations up to version 4.0.23. A vulnerability has been discovered that enables the attacker to remotely perform a denial of service (DoS) against the host.

tags | advisory, denial of service
SHA-256 | afac835d95351affa9150b1c3de9d4648a67d9b51242cbbca4586e35acbec055
Hardened-PHP Project Security Advisory 2005-20.79
Posted Nov 1, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

During the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the file upload code, that allows overwriting the GLOBALS array when register_globals is turned on. Overwriting this array can lead to unexpected security holes in code assumed secure. This vulnerability can allow for remote PHP code execution. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.

tags | advisory, remote, php, vulnerability, code execution, file upload
SHA-256 | f8dc972de9ab9723e24e079bb1aa1db52acccf6b34d75a662360600fa9ba97a0
Hardened-PHP Project Security Advisory 2005-19.78
Posted Nov 1, 2005
Authored by Stefan Esser, Hardened-PHP Project | Site hardened-php.net

During the development of the Hardening-Patch which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered. This advisory describes one of these flaws concerning a weakness in the implementation of the parse_str() function. Under certain conditions triggering the memory_limit request shutdown during a parse_str() call will result in the core of PHP believing that the register_globals directive is turned on (for the rest of the lifetime of the involved webserver process). This may allow an attacker to exploit security flaws in PHP applications that exist due to uninitialized global variables. Affected versions are PHP4 versions 4.4.0 and below and PHP5 versions 5.0.5 and below.

tags | advisory, php, vulnerability
SHA-256 | 10f101097fd39138422e2a7874bdb94d072b4fbdce038e8405003d6abe5001f5
yager_multivulns.txt
Posted Apr 24, 2005
Authored by Luigi Auriemma | Site aluigi.altervista.org

Yager, an online air-combat simulation game, is vulnerable to several overflows as well as several Denial of Service attacks. This advisory details issues in versions up to 5.24.

tags | advisory, denial of service, overflow
SHA-256 | 3e9e1377c6d538e2c6ab12326ddfb1a9889cb7aee4dbb8d4f3c1fecd7afb77aa
Debian Linux Security Advisory 569-1
Posted Oct 18, 2004
Authored by Debian | Site debian.org

Debian Security Advisory 569-1 - invalid free(3) in netkit-telnet-ssl. This advisory describes patching for a hole found in netkit-telnet-ssl which may allow for remote code execution as whatever user runs telnetd, which would typically be the telnetd user. The issue is corrected in 0.17.17+0.1-2woody2 (stable) or 0.17.24+0.1-4 (unstable). Issue discovered by Michal Zalewski.

tags | advisory, remote, code execution
systems | linux, debian
advisories | CVE-2004-0911
SHA-256 | 4c9cedabacc6129768c28a491660d95ee2da7fdf06dfe2847138a00934f1b34f
Page 1 of 4
Back1234Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close