what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-12-19

Huawei P8 wkupccpu debugfs Kernel Buffer Overflow
Posted Dec 19, 2017
Authored by Maor Shwartz | Site beyondsecurity.com

This advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 - wkupccpu debugfs driver.

tags | exploit, overflow
SHA-256 | d40d38e0a9f14578c574f26fe0869def5ba0555d6b646ec1c96d3aea5c4ed0ce
BSidesLjubljana 2018 Call For Papers
Posted Dec 19, 2017
Site bsidesljubljana.si

B-Sides Ljubljana will be held March 10th, 2018 in Ljubljana, Slovenia.

tags | paper, conference
SHA-256 | 75dbe608b259f7af46e607005c25a461191ae85ac18fc61d3d7cca58690f0231
Microsoft Windows Hello Face Authentication Bypass
Posted Dec 19, 2017
Authored by Matthias Deeg, Philipp Buchegger | Site syss.de

Microsoft Windows 10 offers a biometric authentication mechanism using "near infrared" face recognition technology with specific Windows Hello compatible cameras. Due to an insecure implementation of the biometric face recognition in some Windows 10 versions, it is possible to bypass the Windows Hello face authentication via a simple spoofing attack using a modified printed photo of an authorized person.

tags | advisory, spoof
systems | windows
SHA-256 | a28797336445a321ee3b9f535cf1f6527d20a26299595c9bcfc659a304c665cd
Palo Alto Networks PAN-OS Cookie Injection
Posted Dec 19, 2017
Authored by Zerial

Palo Alto Networks PAN-OS versions before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.

tags | exploit, remote, arbitrary
advisories | CVE-2017-15944
SHA-256 | 7be48f21d06d8e8fb84d281ea3b5bbbd64537ad06a4e2cece5e4add5ee476653
Joomla! NextGen Editor 2.1.0 SQL Injection
Posted Dec 19, 2017
Authored by Ihsan Sencan

Joomla! NextGen Editor component version 2.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 52af61736d740de8c66194d01206bf54c6c6ef4d9a32676a8ae038bc8e9120a3
BrightSign Digital Signage XSS / Traversal / File Upload
Posted Dec 19, 2017
Authored by singularitysec

BrightSign Digital Signage suffers from cross site scripting, directory traversal, and file upload vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, file upload
advisories | CVE-2017-17737, CVE-2017-17738, CVE-2017-17739
SHA-256 | 678a401a7541d4d0addd1eeaee281beaed46829a9f840998ee351e02911c92dd
Intel Content Protection HECI Service Privilege Escalation
Posted Dec 19, 2017
Authored by James Forshaw, Google Security Research

The Intel Content Protection HECI Service exposes a DCOM object to all users and most sandboxes (such as Edge LPAC and Chrome GPU). It has a type confusion vulnerability which can be used to elevate to SYSTEM privileges.

tags | exploit
advisories | CVE-2017-5717
SHA-256 | d649e78ec90ab2bb58cabd020a0732e51ddfd767b2218861290b8350505c13e9
Red Hat Security Advisory 2017-3485-01
Posted Dec 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3485-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Security Fix: A buffer underflow was found in ruby's sprintf function. An attacker, with ability to control its format string parameter, could send a specially crafted string that would disclose heap memory or crash the interpreter.

tags | advisory, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064
SHA-256 | b19febc2e65ff51a5e7e50e13c140bf754767a3fbfaae851f26d0fc137086b0b
WordPress Itinerary 1.0.0 Cross Site Scripting
Posted Dec 19, 2017
Authored by Ricardo Sanchez

WordPress Itinerary plugin version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d7b3333fd0d887d35ddf459bc14c8687a77f87b251544d2303feba0514813b16
Tuleap 9.6 Second-Order PHP Object Injection
Posted Dec 19, 2017
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap <= 9.6 which could be abused by authenticated users to execute arbitrary PHP code with the permissions of the webserver. The vulnerability exists because of the User::getRecentElements() method is using the unserialize() function with data that can be arbitrarily manipulated by a user through the REST API interface. The exploit's POP chain abuses the __toString() method from the Mustache class to reach a call to eval() in the Transition_PostActionSubFactory::fetchPostActions() method.

tags | exploit, arbitrary, php
advisories | CVE-2017-7411
SHA-256 | b7ed3767d2e556f3c32b4d333b7a61ed02e66ba71ca064fedea6edb456ce4664
Jenkins XStream Groovy Classpath Deserialization
Posted Dec 19, 2017
Authored by Arshan Dabirsiaghi | Site metasploit.com

This Metasploit module exploits CVE-2016-0792 a vulnerability in Jenkins versions older than 1.650 and Jenkins LTS versions older than 1.642.2 which is caused by unsafe deserialization in XStream with Groovy in the classpath, which allows remote arbitrary code execution. The issue affects default installations. Authentication is not required to exploit the vulnerability.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2016-0792
SHA-256 | 52a40982d2eed44b68632a3f6deca119172cfb8a682bb8fd52169cc4b2182bba
Joomla! JB Visa 1.0 SQL Injection
Posted Dec 19, 2017
Authored by Ihsan Sencan

Joomla! JB Visa component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bc4a4802db9f11d7940f1cf557d637e48781d4599af0630166c45ad7ff9e8933
Man-In-The-Middling TOR
Posted Dec 19, 2017
Authored by Kr1pt0nGirl

This is a brief whitepaper discussing how to perform man-in-the-middle attacks as an exit node on TOR.

tags | paper
SHA-256 | 0f52accc93bc9d4f2ed2e7393a4bc7289bcd92489c25dd669cea0e8b074a2063
Microsoft Windows jscript!RegExpFncObj::LastParen Out-Of-Bounds Read
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an out-of-bounds read in jscript.dll library (used in IE, WPAD and other places).

tags | exploit
advisories | CVE-2017-11906
SHA-256 | 515090618f71572b31595b0c710c2e74b500c7981760cbca93b60481466fa253
Microsoft Windows Array.sort jscript.dll Heap Overflow
Posted Dec 19, 2017
Authored by Ivan Fratric, Google Security Research

There is an heap overflow vulnerability in jscript.dll library (used in IE, WPAD and other places). The bug affects 2 functions, JsArrayStringHeapSort and JsArrayFunctionHeapSort.

tags | exploit, overflow
advisories | CVE-2017-11907
SHA-256 | deac9cd1e6753834b079b602c10a506a085746a6093d25bcb66aa97015e0c366
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close