Twenty Year Anniversary
Showing 1 - 25 of 13,140 RSS Feed

Arbitrary Files

QNAP Q'Center change_passwd Command Execution
Posted Jul 17, 2018
Authored by Ivan Huertas, Brendan Coles | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in the change_passwd API method within the web interface of QNAP Q'Center virtual appliance versions prior to 1.7.1083. The vulnerability allows the 'admin' privileged user account to execute arbitrary commands as the 'admin' operating system user. Valid credentials for the 'admin' user account are required, however, this module also exploits a separate password disclosure issue which allows any authenticated user to view the password set for the 'admin' user during first install. This Metasploit module has been tested successfully on QNAP Q'Center appliance version 1.6.1075.

tags | exploit, web, arbitrary
advisories | CVE-2018-0706, CVE-2018-0707
MD5 | 53cb0615ae05a91ee87abd7989407825
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Arbitrary File Attacks
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from an issue where due to the hidden and undocumented File Editor (Filesystem Browser) shell script 'system-editor.sh' an attacker can leverage this issue to read, modify or delete arbitrary files on the system. Input passed thru the 'path' and 'savefile', 'edit' and 'delfile' GET and POST parameters is not properly sanitized before being used to modify files. This can be exploited by an authenticated attacker to read or modify arbitrary files on the affected system. Many versions are affected.

tags | exploit, arbitrary, shell
MD5 | c7aa24d69a51dbc46e0636cc8eb7baae
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Hidden Features
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have undocumented and hidden features present via the web management interface. These features allow an authenticated attacker to take full control of the device and/or modify internal OS settings, read arbitrary files or even render the device unusable. Many versions are affected.

tags | exploit, web, arbitrary
MD5 | 4a92f4d86bb220e897be6dc5df1fa026
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Denial Of Service
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems have an undocumented and hidden feature that allows an authenticated attacker to list running processes in the operating system and send arbitrary signals to kill any process running in the background including starting and stopping system services. This impacts availability and can be triggered also by CSRF attacks that requires device restart and/or factory reset to rollback malicious changes. Many versions are affected.

tags | exploit, arbitrary
MD5 | c7e76548cf7a9abfd546cfa5d7af587e
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway Remote Root
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems suffer from multiple authenticated arbitrary remote code execution vulnerabilities with highest privileges. This is due to multiple hidden and undocumented features within the admin interface that allows an attacker to create crontab jobs and/or modify the system startup script that allows execution of arbitrary code as root user. Many versions are affected.

tags | exploit, remote, arbitrary, root, vulnerability, code execution
MD5 | 21e4fe6dfbdca8fc7b0eeebde7b04dd1
Microhard Systems 3G/4G Cellular Ethernet And Serial Gateway XSS
Posted Jul 16, 2018
Authored by LiquidWorm | Site zeroscience.mk

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway systems are prone to multiple reflected and stored cross-site scripting vulnerabilities due to a failure to properly sanitize user-supplied input to several parameters that are handled by various servlets. Attackers can exploit this issue to execute arbitrary HTML and script code in a user's browser session. Many versions are affected.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 4335daff61aee85b79cf9f7773893b4c
Debian Security Advisory 4245-1
Posted Jul 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4245-1 - This update fixes several vulnerabilities in Imagemagick, a graphical software suite. Various memory handling problems or incomplete input sanitising could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2018-11251, CVE-2018-12599, CVE-2018-12600, CVE-2018-5248
MD5 | 42d09e327d9eca7860d8d2d288091992
Debian Security Advisory 4244-1
Posted Jul 14, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4244-1 - Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code, denial of service or attacks on encrypted emails.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-17689, CVE-2018-12359, CVE-2018-12360, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374, CVE-2018-5188
MD5 | 46d8ef10ef74156ca929a33f35d7ac3b
Total AV 4.6.19 Insecure Permissions
Posted Jul 13, 2018
Authored by Felipe Xavier Oliveira

A vulnerability allows local attackers to escalate privilege on TotalAV versions 4.1.7 through 4.6.19 because of weak "C:\Program Files\TotalAV" permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM.

tags | exploit, arbitrary, local
advisories | CVE-2018-5313
MD5 | faa27411003777a314b1bfe60253a563
Apache CouchDB Arbitrary Command Execution
Posted Jul 12, 2018
Authored by Max Justicz, Joan Touzet | Site metasploit.com

CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequently launched by CouchDB. This allows an admin user in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to execute arbitrary shell commands as the CouchDB user, including downloading and executing scripts from the public internet.

tags | exploit, web, arbitrary, shell
advisories | CVE-2017-12635, CVE-2017-12636
MD5 | 646205692a311200bb3f3d798f50c670
HP Security Bulletin MFSBGN03811 1
Posted Jul 12, 2018
Authored by HP | Site hp.com

HP Security Bulletin MFSBGN03811 1 - An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC) allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. Revision 1 of this advisory.

tags | advisory, remote, arbitrary
advisories | CVE-2018-12463
MD5 | 75a010aafc6ea519d2a1836b45466d5b
RSA Identity Governance And Lifecycle Bypass / XSS
Posted Jul 12, 2018
Authored by Lukasz Plonka | Site emc.com

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a malicious user could potentially run arbitrary system commands at the OS level with application owner privileges on the affected system. RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a vulnerable web application, which is then reflected back to the victim and executed by the web browser.

tags | advisory, remote, web, arbitrary, javascript, xss, bypass
advisories | CVE-2018-1245, CVE-2018-1255
MD5 | 1a57d9533919b282096f7aa641a6e6a8
Ubuntu Security Notice USN-3714-1
Posted Jul 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3714-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass CORS restrictions, obtain sensitive information, or execute arbitrary code. It was discovered that S/MIME and PGP decryption oracles can be built with HTML emails. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12359, CVE-2018-12363, CVE-2018-12364, CVE-2018-12372, CVE-2018-12373, CVE-2018-12374
MD5 | 9d791007b9bcc76460b6215b8af0900e
Ubuntu Security Notice USN-3710-1
Posted Jul 11, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3710-1 - Peter Wu discovered that curl incorrectly handled certain SMTP buffers. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0500
MD5 | 28725962f56048e64461b4495f54a8cd
Monstra CMS Authenticated Arbitrary File Upload
Posted Jul 11, 2018
Authored by Touhid M.Shaikh, Ishaq Mohammed | Site metasploit.com

Monstra CMS 3.0.4 allows users to upload arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against Monstra CMS 3.0.4.

tags | exploit, remote, arbitrary, php
advisories | CVE-2017-18048
MD5 | 7dbdf348dbb60d19f6dfcb69ab4f25d5
Ubuntu Security Notice USN-3705-2
Posted Jul 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3705-2 - USN-3705-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, bypass same-origin restrictions, bypass CORS restrictions, bypass CSRF protections, obtain sensitive information, or execute arbitrary code. A security issue was discovered with WebExtensions. If a user were tricked in to installing a specially crafted extension, an attacker could potentially exploit this to obtain full browser permissions. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-12361, CVE-2018-12365, CVE-2018-12369, CVE-2018-12371, CVE-2018-5188
MD5 | 00f2f7e930fadc069fe2280d452d043e
Ubuntu Security Notice USN-3709-1
Posted Jul 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3709-1 - It was discovered that Xapian-core incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-0499
MD5 | be73a1becbb3ecddec20e9c85af579a5
Ubuntu Security Notice USN-3706-2
Posted Jul 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3706-2 - USN-3706-1 fixed a vulnerability in libjpeg-turbo. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that libjpeg-turbo incorrectly handled certain malformed JPEG images. If a user or automated system were tricked into opening a specially crafted JPEG image, a remote attacker could cause libjpeg-turbo to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9092, CVE-2018-11214
MD5 | 40fd89bfaef312ad09d595ea1e7196ee
VLC Media Player 2.2.8 Arbitrary Code Execution
Posted Jul 10, 2018
Authored by Eugene NG

VLC Media Player version 2.2.8 use-after-free arbitrary code execution proof of concept exploit.

tags | exploit, arbitrary, code execution, proof of concept
advisories | CVE-2018-11529
MD5 | 66b5b85b319862615c1b1ff3c0a7c287
Ubuntu Security Notice USN-3706-1
Posted Jul 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3706-1 - It was discovered that libjpeg-turbo incorrectly handled certain malformed JPEG images. If a user or automated system were tricked into opening a specially crafted JPEG image, a remote attacker could cause libjpeg-turbo to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9092, CVE-2018-11213
MD5 | 66ced8f2334ae5d05fccfdfeb837d19c
Ubuntu Security Notice USN-3708-1
Posted Jul 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3708-1 - It was discovered that OpenSLP incorrectly handled certain memory operations. A remote attacker could use this issue to cause OpenSLP to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-17833
MD5 | 662493ab74aaf575c5d1e8159cd8b911
Ubuntu Security Notice USN-3707-1
Posted Jul 9, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3707-1 - Yihan Lian discovered that NTP incorrectly handled certain malformed mode 6 packets. A remote attacker could possibly use this issue to cause ntpd to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. Michael Macnair discovered that NTP incorrectly handled certain responses. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-7182, CVE-2018-7183, CVE-2018-7184, CVE-2018-7185
MD5 | 0647a8b93bace5ed4b5773148d5efb8f
Debian Security Advisory 4242-1
Posted Jul 9, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4242-1 - Orange Tsai discovered a path traversal flaw in ruby-sprockets, a Rack-based asset packaging system. A remote attacker can take advantage of this flaw to read arbitrary files outside an application's root directory via specially crafted requests, when the Sprockets server is used in production.

tags | advisory, remote, arbitrary, root, ruby
systems | linux, debian
advisories | CVE-2018-3760
MD5 | 106d6b21a5ae2a721cddf96019f8467d
Ubuntu Security Notice USN-3704-1
Posted Jul 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3704-1 - It was discovered that devscripts incorrectly handled certain YAML files. An attacker could possibly use this to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-13043
MD5 | de15b4156a52c1d686553bdd713cb501
Ubuntu Security Notice USN-3705-1
Posted Jul 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3705-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, bypass same-origin restrictions, bypass CORS restrictions, bypass CSRF protections, obtain sensitive information, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-12358, CVE-2018-12359, CVE-2018-12360, CVE-2018-12361, CVE-2018-12362, CVE-2018-12363, CVE-2018-12364, CVE-2018-12365, CVE-2018-12366, CVE-2018-12367, CVE-2018-12369, CVE-2018-12370, CVE-2018-12371, CVE-2018-5156, CVE-2018-5186, CVE-2018-5187, CVE-2018-5188
MD5 | 41c5df23f973dc6a183546bb9ccc2c7f
Page 1 of 526
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    4 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close