This archive contains all of the 146 exploits added to Packet Storm in May, 2014.
c278623d0274d1fdb907f694d94808e28742ee1e8d31bef5c45e064f6f6894ddA user who creates a GCE VM with compute-rw privileges, who subsequently has that single VM compromised, can lead to a global compromise of all VMs inside of the account.
84a88f6be8ba62330e5f81858beb2371ac0e62574b8d7738caa92531e3dc04d3pam_fprintd local root proof of concept exploit that spawns a shell. pam_fprintd uses net.reactivated.Fprint service to trigger finger swiping and registers DBUS signal inside the PAM authentication function. Then, when the DBUS signal arrives, the signal argument is basically just checked to be the "verify-match" string; which however is expected to come from the legit net.reactivated.Fprint service. Since there is no message filter registered in either pam_fprintd, nor inside dbus-glib which it is using, such signals can be spoofed by anyone.
d7d878eac758bfcc9a041d7672f578aa68bacf6ae2cbd54d692e6da69a937360Videos Tube version 1.0 suffers from remote SQL injection vulnerabilities.
2a0c8fbefd4cb32a3a95c179b8a11890513347579e7c81722ade6e82bc23447fPixie CMS version 1.04 suffers from multiple POST cross site scripting vulnerabilities.
44f2f2eb8165bcff34e009a24bd9116339537e4a7a92bbd61f1e3495c632eb87This Metasploit module exploits a remote command execution vulnerability in ElasticSearch, exploitable by default on ElasticSearch prior to 1.2.0. The bug is found in the REST API, which requires no authentication or authorization, where the search function allows dynamic scripts execution, and can be used for remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully on ElasticSearch 1.1.1 on Ubuntu Server 12.04 and Windows XP SP3.
c25b90194192ece4e2507d09180295dea5fba7ac37136f5c31b76e2291ebeeb2RedTeam Pentesting discovered an SQL injection vulnerability in the file browser component of webEdition CMS during a penetration test. Unauthenticated attackers can get read-only access on the SQL database used by webEdition and read for example password hashes used by administrative accounts. webEdition versions 6.3.8.0 svn6985 down to 6.3.3.0 is affected.
81fbc39f2a3459ae92ce585e8a2427adfa9b14d16218f83cd98c65bec9a49df0RedTeam Pentesting discovered a remote command execution vulnerability in the installer script of the webEdition CMS during a penetration test. If the installer script is not manually removed after installation, attackers cannot only reinstall webEdition, but also gain remote command execution. webEdition CMS version 2.8.0.0 is affected.
b332b23b88f8524f6cc6ee224e2fcf3d34291eb580aa3efc4d12528bed131019Sharetronix version 3.3 suffers from cross site request forgery and remote SQL injection vulnerabilities.
d46d88dbb711265ddacc4c672a39fb54647c6147fbdecdb9a29530d5d18a6cadNICE Recording eXpress versions 6.0.x, 6.1.x, 6.2.x, 6.3.x, and 6.5.x suffer from cross site scripting, root backdoor, unauthenticated access, fail authorization, insecure cookie handling, and remote SQL injection vulnerabilities.
bdb30edda34d4ff17e66fa273b232b2211afee38439c1a357eb28084a440f5d2Fiyo CMS version 1.5.7 suffers from a cross site scripting vulnerability.
08fed02f9f2b63e9e1312b61486223ac28bb6b6a3ced74fc74a2776b5d4d06abTORQUE Resource Manager versions 2.5.x through 2.5.13 suffer from a stack buffer overflow vulnerability.
01db40756d23f2ac4bcfe60e33e9ff8f16a701a683f0b663f33585f704651449Castor Library version 1.3.3-RC1 suffers from a file disclosure vulnerability via XXE injection.
c745856a0985244400e7849e695d5c5af94674a689876f8d473e189ed7ba90caThis Metasploit module injects a malicious udp packet to crash Wireshark 1.8.0 to 1.8.7 and 1.6.0 to 1.6.15. The vulnerability exists in the capwap dissector which fails to handle an incomplete packet.
f45824d8ae8f2f2ded6c62979f4a3f1eca4605da3e5dba3170672adc46202f24InterScan Messaging Security Virtual Appliance version 8.5.1.1516 suffers from a cross site scripting vulnerability.
1fa2cc407ed2a82d337ba4d3cae67361db3f1a6cbca2e745fe0e6c1ced5eceb3WordPress DZS Video Gallery plugin suffers from cross site scripting and content spoofing vulnerabilities.
2e373512b83a272d99befda185bacf93325506cc1ef0040fac331aedbde92dc5Easy File Sharing FTP Server version 3.5 suffers from a stack buffer overflow vulnerability.
6d4e2b3a8ea09bda8b36163e3010795b7044177b5476f516d56a6748cda9590eProtonMail.ch suffers from cross site request forgery, header injection, and out of date software vulnerabilities. Note that this finding houses site-specific data.
3d088ba11847cc70c4f57d4cfaf4266199b8c8da68a1d4fbf240d3513b40af99Sites created by NeginGroup suffer from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.
73bf857fa364642f3fa21c1fb9d3e05d25d39ed86e9f9879052560a5cb108b6fAuraCMS version 3.0 suffers from cross site scripting and local file inclusion vulnerabilities.
5a35bc77f37b80e3b6ae5d1eaf892a6a012cf4c579dda292eeb102b6f33561daCheck_MK suffers from an arbitrary file disclosure vulnerability.
29ea17ad8196b8ca5a593382f3d744479bd2f4a883b8f7db788780575f11978eHandsomeWeb SOS Webpages versions 1.1.11 and below suffer from backup and password hash disclosure vulnerabilities.
95fa3a37604887c4a9477550b3793f175517c90416e587a425c76050ebc648dbinfo.vmware.com suffers from a cross site scripting vulnerability.
93f373ddd0b15311720ffb4ee10d3fa2ff732de4c159ce7664fe62e6a357c9bcWebBoard CMS suffers from a cross site scripting vulnerability.
b29c1580f47d8601f307bc2caa6aecf04ecec822a34b0158d188ae66779fdd6dZyxel P-660HW-T1 version 3 suffers from a cross site request forgery vulnerability.
fd9b20b0d05fd77557aae1de1ada5ed4176bd0b607d5532fa11878fa9e8108c1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed