what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2016-08-18

QNAP QTS 4.2.1 Build 20160601 Lang Parameter Command Injection
Posted Aug 18, 2016
Authored by Sebastian Nerz | Site syss.de

QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.

tags | exploit
SHA-256 | 448d8a4712caf953aec99fadb1be4168c93a5e989fce7c009cd8577b1290902f
QNAP QTS 4.2.1 Build 20160601 Arbitrary File Overwrite
Posted Aug 18, 2016
Authored by Sebastian Nerz | Site syss.de

QNAP QTS version 4.2.1 Build 20160601 suffers from an arbitrary file overwrite vulnerability.

tags | exploit, arbitrary
SHA-256 | 1b6b302fa261390c5f0c6aa9787378c2eaa3685d815a17a90ab3bfb40b207096
QNAP QTS 4.2.0 Build 20160311 / Build 20160601 Cross Site Scripting
Posted Aug 18, 2016
Authored by Sebastian Nerz | Site syss.de

QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 96a4d53ecd91f1a17608c43886a495fcf40a7eca582c4989e48e047118b247ce
QNAP QTS 4.2.0 Build 20160311 / Build 20160601 Command Injection
Posted Aug 18, 2016
Authored by Sebastian Nerz | Site syss.de

QNAP QTS versions 4.2.0 Build 20160311 and Build 20160601 suffer from an OS command injection vulnerability.

tags | exploit
SHA-256 | 892e6af51235735fae4ad4873dc7e3cc493bcb86a765cb905cdf1117cf7df8a9
QNAP QTS 4.2.1 Build 20160601 imbgName Parameter Command Injection
Posted Aug 18, 2016
Authored by Sebastian Nerz | Site syss.de

QNAP QTS version 4.2.1 Build 20160601 suffers from an OS command injection vulnerability.

tags | exploit
SHA-256 | e766f0f6ff858161e23849a3310ffff9e284a377d2850c7d0aacd1f4541b45de
SIEMENS IP Camera CCMW1025 x.2.2.1798 Change Admin User / Password
Posted Aug 18, 2016
Authored by Todor Donev

SIEMENS IP Camera CCMW1025 version x.2.2.1798 remote change admin user / password exploit.

tags | exploit, remote
SHA-256 | e574218048ed693e31f4c6c1c0307b79dfa61879f56aa22331545be561d97c39
Debian Security Advisory 3650-1
Posted Aug 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3650-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of Libgcrypt's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, debian
advisories | CVE-2016-6313
SHA-256 | efa2674601472cec1e98270928a4f9e5f05edc5bf53fa17755195d156213cafe
Debian Security Advisory 3649-1
Posted Aug 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3649-1 - Felix Doerre and Vladimir Klebanov from the Karlsruhe Institute of Technology discovered a flaw in the mixing functions of GnuPG's random number generator. An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output.

tags | advisory
systems | linux, debian
advisories | CVE-2016-6313
SHA-256 | ace6c155c376eb89be0ddc0b2ea842d1d45347d5464a43149266d99a003d042a
Cisco Security Advisory 20160817-asa-snmp
Posted Aug 18, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in the affected code area. An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. The attacker must know the SNMP community string to exploit this vulnerability. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed and transparent firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 traffic only. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

tags | advisory, remote, overflow, arbitrary, protocol
systems | cisco
SHA-256 | 1cc7055698db7b94225beda27e11474bac5e54b3e15ca2e65c3696e7fef491c0
Honeywell IP-Camera HICC-1100PT Credential Disclosure
Posted Aug 18, 2016
Authored by Yakir Wizman

Honeywell IP-Camera HICC-1100PT suffers from an unauthenticated remote credential disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | c7e6e374ae953f8fbd0f9c1b224048c318f5e2d2a813014e246f1c1b1a4bc230
EXTRABACON Cisco ASA Remote Code Execution
Posted Aug 18, 2016

EXTRABACON is a zero day remote code execution exploit for Cisco Adaptive Security Appliance (ASA) devices. It leverages an SNMP overflow and relies on knowing the target's uptime and software version. Versions affected include 802, 803, 804, 805, 821, 822, 823, 824, 825, 831, 832, 841, 842, 843, 844. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. Cisco is providing mitigations as a patch currently does not exist.

tags | exploit, remote, overflow, code execution
systems | cisco
SHA-256 | 83777ebca2044d8fa4a7a63d7e547773a5635a73a48c9ed4b6c12e3c3006b0b2
ESCALATEPLOWMAN WatchGuard Privilege Escalation
Posted Aug 18, 2016

ESCALATEPLOWMAN is a privilege escalation exploit for WatchGuard firewalls of unknown versions that injects code via the ifconfig command. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.

tags | exploit
SHA-256 | c37b22787e9ddaa9d60b82f9dc16308b3ba221cdbf08473ee961d51b5a3415c6
EPICBANANA Cisco ASA / PIX Privilege Escalation
Posted Aug 18, 2016

EPICBANANA is a privilege escalation exploit for Cisco Adaptive Security Appliance (ASA) and Cisco Private Internet eXchange (PIX) devices. Exploitation takes advantage of default Cisco credentials (password: cisco). ASA versions affected include 711, 712, 721, 722, 723, 724, 80432, 804, 805, 822, 823, 824, 825, 831, 832 and PIX versions affected include 711, 712, 721, 722, 723, 724, 804. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.

tags | exploit
systems | cisco
SHA-256 | 7a40affbc0fdeff9a5ab9a5130ea940d7fbd8480e3928286a3ef77ba66d79aad
ELIGIBLECONTESTANT TOPSEC Remote Code Execution
Posted Aug 18, 2016

ELIGIBLECONTESTANT is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP POST parameter injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.

tags | exploit, remote, web, code execution
SHA-256 | 59848b46c37a5bd79164b01f6f26b13556c38be3e0e97299b73831a70f6daca1
ELIGIBLECANDIDATE TOPSEC Remote Code Execution
Posted Aug 18, 2016

ELIGIBLECANDIDATE is a remote code execution exploit for TOPSEC firewalls. It leverages an HTTP cookie command injection vulnerability. Versions affected include 3.3.005.057.1 to 3.3.010.024.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.

tags | exploit, remote, web, code execution
SHA-256 | 01f69cb478b24ecc0b6ad0ff932da831c3cc213dfc04d3eb8664416465ac2181
ELIGIBLEBOMBSHELL TOPSEC Remote Code Execution
Posted Aug 18, 2016

ELIGIBLEBOMBSHELL is a remote code execution exploit for TOPSEC firewalls. It exploits an HTTP cookie command injection vulnerability and uses ETag examination for version detection. Versions affected include 3.2.100.010.1_pbc_17_iv_3 to 3.3.005.066.1. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.

tags | exploit, remote, web, code execution
SHA-256 | 37995ac0e31ed0e1c4a5e6e4e4cf4250865281120cfb9042fed627c4fe480fa2
BLATSTING / BANANAGLEE / BANANABALLOT Implants
Posted Aug 18, 2016

This bundle contains various implants such as BLATSTING, BANANAGLEE, and BANANABALLOT. They are firewall and BIOS implants. Note that these implants are part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content.

tags | tool, rootkit
systems | unix
SHA-256 | 461b46c0bfedff8d2e789d7f1566faa182c6a8c4d926210c1e842f88d00087b5
ELIGIBLEBACHELOR TOPSEC Firewall Exploit
Posted Aug 18, 2016

This is an exploit with an unclear attack vector for TOPSEC firewalls running TOS operating system versions 3.2.100.010, 3.3.001.050, 3.3.002.021 and 3.3.002.030. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.

tags | exploit
SHA-256 | ae4f378ecbad405382fac8e24df03e338500f8f2240c84275feef4f4de371f1d
EGREGIOUSBLUNDER Fortigate Remote Code Execution
Posted Aug 18, 2016

EGREGIOUSBLUNDER is a remote code execution exploit for Fortigate firewalls. It leverages an HTTP cookie overflow and is different from CVE-2006-6493 as noted by Avast. Models affected include 60, 60M, 80C, 200A, 300A, 400A, 500A, 620B, 800, 5000, 1000A, 3600, and 3600A. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. This archive also includes the BLATSTING implant that works in conjunction with this exploit.

tags | exploit, remote, web, overflow, code execution
SHA-256 | cb7ca3937e0c84ef93eb8359bf23c3cc67d0f661d4cae04a22803efdb1413e40
Windows x86 InitiateSystemShutdownA() Shellcode
Posted Aug 18, 2016
Authored by Roziul Hasan Khan Shifat

599 bytes small Microsoft Windows x86 InitiateSystemShutdownA() shellcode.

tags | x86, shellcode
systems | windows
SHA-256 | 5736ca0d96a750974d24a8ed3e34272c56bad031e258f30171af527cb36dc980
Metasploit Service Persistence Module
Posted Aug 18, 2016
Authored by h00die | Site metasploit.com

This Metasploit module will create a service on the box, and mark it for auto-restart.

tags | exploit
SHA-256 | 79da7c70153554395ef5348119b04ecdb39ab60cb29fef4eae875f83f0352191
Metasploit Cron Persistence Module
Posted Aug 18, 2016
Authored by h00die | Site metasploit.com

This Metasploit module will create a cron or crontab entry to execute a payload. The module includes the ability to automatically clean up those entries to prevent multiple executions. syslog will get a copy of the cron entry.

tags | exploit
SHA-256 | 9793155803f506f6e27c18e5277bed947632ef874e5664d5251d4e9d7cb8c507
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close