what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2018-01-12

Transmission RPC Session-ID Mechanism Design Flaw
Posted Jan 12, 2018
Authored by Tavis Ormandy, Google Security Research

The Transmission bittorrent client suffers from an RPC session-id mechanism design flaw.

tags | exploit
SHA-256 | eb5116fc215d9b67c48fcbe0240a784bca401f22dcc20bf7faa2ae78c70be6d1
PyroBatchFTP Buffer Overflow
Posted Jan 12, 2018
Authored by Manuel Garcia Cardenas

PyroBatchFTP versions prior to 3.19 suffer from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | d77d45c7bad084b6fcb3230a46213c7869126eea32557d1780a58338256762a4
Taxi Booking Script 1.0 Cross Site Scripting
Posted Jan 12, 2018
Authored by Tauco

Taxi Booking Script version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1066647b4a8947a9d6b581e903deadb9eebcf874a4c29af662d5933aefb74498
Xnami Image Sharing 1.0 Cross Site Scripting
Posted Jan 12, 2018
Authored by Dennis Veninga

Xnami Image Sharing version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-5370
SHA-256 | 1f4e751a76e79e29f32160e8f6ebac1d6ab33d14c8a69c909d3579cb8d3d6d8a
Debian Security Advisory 4084-1
Posted Jan 12, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4084-1 - It was discovered that gifsicle, a tool for manipulating GIF image files, contained a flaw that could lead to arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, debian
advisories | CVE-2017-1000421
SHA-256 | 46d87f819b77d435b3b9b6b0247596af63c8560be9571fa55ad7affc041a7fb8
SonicWall GMS 8.1 Filter Bypass / Input Validation
Posted Jan 12, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

SonicWall GMS version 8.1 suffers from filter bypass and input validation vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 46570c916cab43639a7f7af39e7d46bbcbd6feca0cf8c6caa027a5155f24c554
Magento Commerce Server-Side Request Forgery
Posted Jan 12, 2018
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Magento Commerce suffers from a server-side request forgery vulnerability.

tags | exploit
SHA-256 | 1b97b6d0217df01399ed249baa6ccf75d4e0bcb15c924c8dab1f85d9a963a2f3
Kentico CMS 11.0 Stack Buffer Overflow
Posted Jan 12, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Kentico CMS version 11.0 suffers from stack buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2018-5282
SHA-256 | 6d3ac67d4ad715c543877a963af5009906261c9518cbb957cb06177898b18e30
Magento Connect T1 Cross Site Scripting
Posted Jan 12, 2018
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Magento Connect T1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9dd4f20451076e82d19e763c373999dc1a6852006efc110285863089e2fe1674
Piwigo 2.8.2 / 2.9.2 Cross Site Scripting
Posted Jan 12, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Piwigo CMS versions 2.8.2 and 2.9.2 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | dd580421629690e64fe4875d203add7619288fe0f9b476948871305650a5c3e7
MagicSpam 2.0.13 Insecure File Permission
Posted Jan 12, 2018
Authored by Vulnerability Laboratory, Marco Marsala | Site vulnerability-lab.com

MagicSpam version 2.0.13 suffers from an insecure file permission vulnerability.

tags | exploit
SHA-256 | 62e68a870990749c823d5bb5df6fa050450d71755a6d1edc60b793602e0f3e70
Flash Operator Panel 2.31.03 Command Execution
Posted Jan 12, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Flash Operator Panel version 2.31.03 suffers from a command execution vulnerability.

tags | exploit
SHA-256 | 0eee4b15bb282ab8e7bdf6d04aa2a66745183f5cca318f097aa72de7662732cf
ZyXEL P-660HW UDP Denial Of Service
Posted Jan 12, 2018
Authored by Hosein Askari

ZyXEL P-660HW suffers from a UDP fragmentation denial of service vulnerability.

tags | exploit, denial of service, udp
advisories | CVE-2018-5330
SHA-256 | 3e6afd92f56224f00f5636f2eafc877e4a6d54d52ead421fcfe460c731f69208
Zimbra Collaboration Suite Cross Site Scripting
Posted Jan 12, 2018
Authored by Alessandro Zala, Damian Pfammatter

Zimbra Collaboration Suite suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-8802
SHA-256 | 8ea1a03a00eab878b2a7f5d03ce28e7d1814483b6a385bf2eceb87b2f4a48b0f
eBPF 4.9-stable Verifier Bug Backported
Posted Jan 12, 2018
Authored by Jann Horn, Google Security Research

eBPF had the verifier bug backported to version 4.9-stable.

tags | exploit
SHA-256 | 41e8601ba6843f33307afb90ebdb27139a613b1fe100b569142c6d5e05a9d5e2
.NET Instrumentation Via MSIL Bytecode Injection
Posted Jan 12, 2018
Authored by phrack, Antonio Parata

Whitepaper from Phrack called .NET Instrumentation via MSIL bytecode injection.

tags | magazine
SHA-256 | acb5753e7c1dd5a8761e4b64c287b722c9aa218dd3067cfe164c91339c03b03b
macOS process_policy Stack Leak
Posted Jan 12, 2018
Authored by Jann Horn, Google Security Research

macOS suffers from a process_policy stack leak through an uninitialized field.

tags | exploit
advisories | CVE-2017-7154
SHA-256 | 0b61e14b1505449eec0ba268f437fa25ec911aea03a436a711c618048ab77483
Linux/x86-64 IPTables Flush Shellcode
Posted Jan 12, 2018
Authored by 0x4ndr3

43 bytes small Linux/x86-64 execve("/sbin/iptables", ["/sbin/iptables", "-F"], NULL) shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 1793516df39a24c86ea405d34f304bf53d24c9a6ad519a1ee31939fd33144822
Microsoft Edge Chakra AppendLeftOverItemsFromEndSegment Out-Of-Bounds Read
Posted Jan 12, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an out-of-bounds read in AppendLeftOverItemsFromEndSegment.

tags | advisory
advisories | CVE-2018-0767
SHA-256 | 57ff1eeea181d2940888ce4d3b228a20259ea5e0d4182f40d3f28e2391cb03ef
Windows Kernel Exploitation Tutorial Part 5: NULL Pointer Dereference
Posted Jan 12, 2018
Authored by rootkit

Whitepaper called Windows Kernel Exploitation Tutorial Part 5: NULL Pointer Dereference.

tags | paper, kernel
systems | windows
SHA-256 | c56ab10344c2f7e37d124f103c12b298ee2ccb579e8ace4e8d4722eb6446288b
Linux/x86-64 Add Mapping In /etc/hosts Shellcode
Posted Jan 12, 2018
Authored by 0x4ndr3

96 bytes small Linux/x86-64 add mapping (127.1.1.1 google.lk) in /etc/hosts shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | e9d39498e657d019b56c2e00bc1b2425d8f6d49d9982db8f21176ca7a989bcb1
Linux/x86-64 /bin/sh Shellcode
Posted Jan 12, 2018
Authored by 0x4ndr3

24 bytes small Linux/x86-64 execute /bin/sh shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 3ea9081cb52ebaca4857b8dd2ad2bc5abb6b29c35b3b1f40e4ef0f18b13b73b5
Wireshark Analyzer 2.4.4
Posted Jan 12, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple fixes including various security issues being addressed. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2018-5334, CVE-2018-5335, CVE-2018-5336
SHA-256 | 049a758e39422dcd536d7f75cebbfaa44e4f305d602bf22964d6459821126f58
SAP NetWeaver J2EE Engine 7.40 SQL Injection
Posted Jan 12, 2018
Authored by Vahagn Vardanyan

SAP NetWeaver J2EE Engine version 7.40 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2016-1910, CVE-2016-2386, CVE-2016-2388
SHA-256 | cb6e6e7579cc9127153cb46e035b5fd75ccd3b09722fd320906c7fbe7cd42ab6
D-Link Routers 110/412/615/815 Arbitrary Code Execution
Posted Jan 12, 2018
Authored by Cr0n1c

D-Link routers 110/412/615/815 versions prior to 1.03 suffer from a service.cgi arbitrary code execution vulnerability.

tags | exploit, arbitrary, cgi, code execution
SHA-256 | 651186c87c851fe922b89dd1f1984831bd08a44f073434250ee0cab39587d7f9
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close