Wipro Holmes Orchestrator version 20.4.1 unauthenticated arbitrary file reading proof of concept exploit.
aa43fdedfc7f5227a2a020d9bd25796fe6699fb9bbb47484e3814e5633c6039bMicrosoft Office OneNote 2007 proof of concept exploit for a OnePKG file parsing remote code execution vulnerability. Upon decompressing files from .ONEPKG archives (using MS CAB format), a failure to sanitize file paths and file contents allows for arbitrary file planting in arbitrary locations on the OS, including the startup folder.
a2e1f0872cb6d8139581f87f3c37e90d1829d74bca8d610a3d0ffadd03dd7e9dJavaScriptCore suffers from a crash condition due to an uninitialized register in slow_path_profile_catch. Proof of concept that affects Safari is included.
8dd2cde7c2edb66fc6061ca48debe795fc639981944e4354c301b47af6a7c4b1Firebase's PHP-JWT suffers from an algorithm confusion issue. Proof of concept code included.
bb3896b28adac75139b54397d609f1fd54d05c94094f3213dbc7a00f3fa5c0c6Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.
0c0b69962c7c4951fd574d5a8b85049490d77ada7568b05cfb4bce7ca40aa09aProof of concept code for a time-based blind remote SQL injection vulnerability in Online Shopping Portal version 3.1. This is a variant of the original discovery of SQL injection in this version by Umit Yalcin in July of 2020.
767219aec319fdaf3843c6a3cee1e6adffa3ddc30ff33399b70b01cfabe1a3d6XNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of concept code included.
a1d06d7c40ef5cee75dbfed56b2263d072ffb407a0a5a9ac79847d59421ad896This is a proof of concept for a Windows TCP/IP denial of service vulnerability due to a NULL dereference in tcpip.sys. This was patched by Microsoft in February 2021. It is triggerable remotely by sending malicious UDP packet over IPv6.
0516b2a0dc860ebf19e63ce4021cd59c81f89b4c0605fd9ecea4c32742d682e0Proof of concept exploit for an out-of-bounds access vulnerability in the Realtek RTKVHD64.sys, leading to pool corruption.
bb5ee485c5648076add9bf2abf25ea37396550a4e2aa9b60094cc8338c092692This is a proof of concept for CVE-2021-28476 ("Hyper-V Remote Code Execution Vulnerability"), an arbitrary memory read in vmswitch.sys (network virtualization service provider) patched by Microsoft in May 2021.
48a1cc3a6acb78d90f7e5beca74fe39f754180b4d7a5529002e913fac71d8976Proof of concept exploit for a path traversal vulnerability in Pallets Werkzeug version 0.15.4.
4f5c6bd91b62008c37cb7bf8cbae42390e891388493b81718362ca9738d106b3PrintNightmare remote code execution proof of concept exploit for the Windows Spooler Service.
65f3a8fdee04d68517612f8bbb28b7e29a2396d68991acfedf0892a70576c47aThis is the Impacket implementation of the PrintNightmare proof of concept originally created by Zhiniang Peng and Xuefeng Li that leverages a privilege escalation vulnerability in the Windows Print Spooler.
573d07da8eca58f9ce096e858ed133d273214a6db6d390271660e11698decd25This document illustrates proof of concept exploitation of a vulnerability in WordPress versions 5.6.0 through 5.7.0 that gives a user the ability to upload files on a server and exploit an XML parsing issue in the Media Library using an MP3 file upload that leads to an XXE attack.
6f2b6fbc58bcb6f703bd6d4a439b0bd64de13c645bc50f0f2f21b49152561b36KnFTP Server version 1.0.0 LIST denial of service proof of concept exploit.
6e992b00b4404656da10a5211abde600ea5faa319eb07349de5de184d6afe3dePCMan FTP Server version 2.0.7 USER denial of service proof of concept exploit.
1ffb0cae68a951a3083217ac56d66b7415bc772ed03135d4020bb8195b4bf865memono Notepad 4.2 denial of service proof of concept exploit.
6e0c80eeec1f14cb6c54d8b2608794aad97b58dbd5466fd0e4ea84a35c530d90EasyFTP Server version 1.7.0.11 XRMD denial of service proof of concept exploit.
4f7789b1d4176284fefe0a8f3b908427852a8228b67f9e6a4263e89a59386e80Proof of concept exploit for a remote code execution vulnerability in Microsoft's RDP service.
6d22c79340f19a7303c4fe1251a1c8e3e6781fc8551886316a0e4e976e9a6dbfExim versions prior to 4.90.1 remote buffer overflow proof of concept exploit.
ee8228224f1f993d6d2342e211a9be7a153342208313db672c854f83eba4d705Cisco SD-WAN vManage version 19.2.2 remote root shell proof of concept exploit that leverages multiple vulnerabilities.
a39fed0dc5f1a0ca97a329bad76e86ccb0fe30addc423eef4129602dce1d82e6Proof of concept exploit for the OpenSLP heap overflow in VMware ESXi versions 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, and 6.5 before ESXi650-202102101-SG.
98867efbb2edfda9477bf58e3bab8759183c512ddba44753e9f0bd5f3ee885b5DupTerminator version 1.4.5639.37199 denial of service proof of concept exploit.
c86dcc5656b1dad3e200b7e81bddc3feb1ad96c4d8903f169acce6233b5ae773Postbird version 0.8.4 suffers from cross site scripting, local file inclusion, and insecure data storage vulnerabilities. Included in this archive is a whitepaper and proof of concept exploit.
2fe1bba3a63538bc31c8f324c6075a4d7a94d198f0d2cc9c21a732f03fedcf03The document in this archive illustrates using the included proof of concept exploit to achieve root on Ubuntu systems using a flaw in the OverlayFS file system. The exploit itself does not have author attribution as the proof of concept came through SSD Disclosures.
7380c1055909d23c493abb4f5067d3428e536c6a0041025856be420b9c8732fb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed