This Metasploit module uses the "evaluate" request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to other system commands. The port (default 5858) is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration.
260e98e4a2de2ba0114c147e14bfe31cFLIP Systems thermal cameras have an issues where Input passed through several parameters is not properly verified before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files from local resources.
4332adce3a8ca1290398c21e9a461f0eFLIR Camera PT-Series suffers from multiple unauthenticated remote command injection vulnerabilities. The vulnerability exist due to several POST parameters in controllerFlirSystem.php script when calling the execFlirSystem() function not being sanitized when using the shell_exec() PHP function while updating the network settings on the affected device. This allows the attacker to execute arbitrary system commands as the root user and bypass access controls in place.
5ddf109d3a422df75105565034f680b0Gentoo Linux Security Advisory 201709-25 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.100 are affected.
f80f94ad5d876eb0d68553260041a12eGentoo Linux Security Advisory 201709-24 - Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. Versions less than 5.5.0_p20170811 are affected.
744dcd51a8f0144278e893e8f3a2a61bFLIR FC-S/PT series suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user.
636a089048b47449c889902485301766This Metasploit module exploits a vulnerability in the Supervisor process control software, where an authenticated client can send a malicious XML-RPC request to supervisord that will run arbitrary shell commands on the server. The commands will be run as the same user as supervisord. Depending on how supervisord has been configured, this may be root. This vulnerability can only be exploited by an authenticated client, or if supervisord has been configured to run an HTTP server without authentication. This vulnerability affects versions 3.0a1 to 3.3.2.
72e2b4eea477f27f5a652ee4327d9755Gentoo Linux Security Advisory 201709-23 - Multiple vulnerabilities have been found in Tcpdump, the worst of which may allow execution of arbitrary code. Versions less than 4.9.2 are affected.
ff8a03c4dc3fd32708e44ae07f1a71a2Red Hat Security Advisory 2017-2792-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 61.0.3163.100. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
af9a395b5c81640f5171a1af26e95dbfGentoo Linux Security Advisory 201709-22 - Multiple vulnerabilities have been found in Oracle's JRE and JDK software suites, and IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 1.8.0.141 are affected.
702931abb96a5de04ac95434ba1896f0Gentoo Linux Security Advisory 201709-21 - Multiple vulnerabilities have been found in PHP, the worst of which could result in the execution of arbitrary code. Versions less than 5.6.31:5.6 are affected.
e37ef91858dce51d5410cc67c898748fGentoo Linux Security Advisory 201709-18 - Multiple vulnerabilities have been found in Mercurial, the worst of which could lead to the remote execution of arbitrary code. Versions less than 4.3 are affected.
6d02a0446582a8ec15b99209a9eab5ecGentoo Linux Security Advisory 201709-17 - A command injection vulnerability in CVS may allow remote attackers to execute arbitrary code. Versions less than 1.12.12-r12 are affected.
171398e6faeace9a376cb8e0553dd671Gentoo Linux Security Advisory 201709-16 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 27.0.0.130-r1 are affected.
8e180349adc073694cc7b8486abdbf34Gentoo Linux Security Advisory 201709-15 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the execution of arbitrary code. Versions less than 61.0.3163.79 are affected.
d048c4800c946e9207820e838da49cd1Claydip Airbnb Clone version 1.0 suffers from an arbitrary file upload vulnerability.
3b1a920c2682d6ed3e074acbcd898316Ubuntu Security Notice 3428-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
0ad0f2d28e272eaec11afd8faea9d360Ubuntu Security Notice 3427-1 - Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
90491b275c7839b7a56f2df76dcd5546Ubuntu Security Notice 3425-1 - Hanno Boeck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed.
bfa83093442c8cb0223e5a49b009a8b1Red Hat Security Advisory 2017-2771-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Security Fix: A command injection flaw within the Emacs "enriched mode" handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user.
cb35a154f38364f0cf86d57de243546bThe Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
f0f811c3905f66d55df59c33e5694479Debian Linux Security Advisory 3978-1 - Marcin Noga discovered a buffer overflow in the JPEG loader of the GDK Pixbuf library, which may result in the execution of arbitrary code if a malformed file is opened.
92eb019192491487bee25ce39aeaf919Ubuntu Security Notice 3424-1 - It was discovered that a type confusion error existed in libxml2. An attacker could use this to specially construct XML data that could cause a denial of service or possibly execute arbitrary code. It was discovered that libxml2 did not properly validate parsed entity references. An attacker could use this to specially construct XML data that could expose sensitive information. Various other issues were also addressed.
4b0652d2acb742ad23250a852a802397Ubuntu Security Notice 3420-1 - It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service. It was discovered that the Flash-Friendly File System implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
50cbfd60ce8d412743faebabf34f8de2Debian Linux Security Advisory 3975-1 - Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data (e.g. when using Emacs-based mail clients).
1c717296dc95acc705d595fd391da5b0
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed