what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2017-06-07

Windows UAC Protection Bypass (Via FodHelper Registry Key)
Posted Jun 7, 2017
Authored by amaloteaux, winscriptingblog | Site metasploit.com

This Metasploit module will bypass Windows 10 UAC by hijacking a special key in the Registry under the current user hive, and inserting a custom command that will get invoked when the Windows fodhelper.exe application is launched. It will spawn a second shell that has the UAC flag turned off. This Metasploit module modifies a registry key, but cleans up the key once the payload has been invoked. The module does not require the architecture of the payload to match the OS. If specifying EXE::Custom your DLL should call ExitProcess() after starting your payload in a separate process.

tags | exploit, shell, registry
systems | windows
SHA-256 | c734bdb09edf5376d5107b207ff1878647e190574e19ad03d2b4f421847dc7b9
WiMAX CPE Authentication Bypass
Posted Jun 7, 2017
Authored by Stefan Viehboeck | Site sec-consult.com

Various WiMAX CPEs are vulnerable to an authentication bypass. An attacker can set arbitrary configuration values without prior authentication. The vulnerability is located in commit2.cgi (implemented in libmtk_httpd_plugin.so).

tags | exploit, arbitrary, cgi
SHA-256 | 1c406ac717264e13cef5f2341197c0e2013b4a9fe6fe7c509442d497b4bb32b7
Craft CMS 2.6 Cross Site Scripting / File Upload
Posted Jun 7, 2017
Authored by Ahsan Tahir

Craft CMS version 2.6 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
SHA-256 | c98687bb8a81ec2a03f13a02cfbe7e2e119136bbee628f62d5afd32a52e3737d
Red Hat Security Advisory 2017-1409-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1409-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
SHA-256 | 6655aa3f4ba69e9f79cc5aa9277208f3d94f6edd15fbc74efeaf60b97f6ff9a1
Red Hat Security Advisory 2017-1414-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1414-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-6304, CVE-2016-7056, CVE-2016-8610, CVE-2016-8740, CVE-2016-8743
SHA-256 | e31cbbf43e6335aa07238e1960a554f893a663a6add6b13476337524256e651a
Red Hat Security Advisory 2017-1413-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1413-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-6304, CVE-2016-7056, CVE-2016-8610, CVE-2016-8740, CVE-2016-8743
SHA-256 | fc5d578ab608d805766f010632eaa528562b46809479d52a698f7d9a3c64dc63
Red Hat Security Advisory 2017-1415-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1415-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-6304, CVE-2016-7056, CVE-2016-8610, CVE-2016-8740, CVE-2016-8743
SHA-256 | 24687afd6a4178ce7a6bea57d07ffe21c8d73aff655ff9ce66ec2a3fe153139e
Ubuntu Security Notice USN-3253-2
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3253-2 - USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause Nagios to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Nagios incorrectly handled certain long messages to cmd.cgi. A remote attacker could possibly use this issue to cause Nagios to crash, resulting in a denial of service. Dawid Golunski discovered that Nagios incorrectly handled symlinks when accessing log files. A local attacker could possibly use this issue to elevate privileges. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, local, cgi, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-1878, CVE-2016-9566
SHA-256 | 9cd930c45365b94384d95a76fd5e0a17478d59a64a006c5ca2020bd550784c72
Ubuntu Security Notice USN-3316-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3316-1 - Stefan Winter and Lubos Pavlicek discovered that FreeRADIUS incorrectly handled the TLS session cache. A remote attacker could possibly use this issue to bypass authentication by resuming an unauthenticated session.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-9148
SHA-256 | 095195c45fa27a9a6c3e00820edba58d36e88390c73d39c422476dfce9054aca
Red Hat Security Advisory 2017-1411-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1411-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
SHA-256 | fd7a33b7eceadc56b5ecab3789c2aaa775779137936c0e2bd3ab4d7e04ccb77f
Red Hat Security Advisory 2017-1412-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1412-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.6.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
SHA-256 | 572ff322bc0ba231d7d9932fa3ba4c52df7238dcebe07b0ad7b7b4629a1d48b7
Red Hat Security Advisory 2017-1410-01
Posted Jun 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1410-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.6 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.5, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670
SHA-256 | ddf58742aa1e9de8bddcd533b647ee82fd2161e4db937faa29aa9d0c2d41a023
Suricata IDPE 3.2.2
Posted Jun 7, 2017
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: This release fixes a fairly small number of issues. It also improves the unix-socket runmode by allowing both single and autofp runmodes to be specified.
tags | tool, intrusion detection
systems | unix
SHA-256 | b1d8e5e53a76fbc89712d10ca8e2208f68f6fc2def0e6ac82e9693bb586a49cb
DC/OS Marathon UI Docker Privilege Escalation
Posted Jun 7, 2017
Authored by Erik Daguerre | Site metasploit.com

Utilizing the DCOS Cluster's Marathon UI, an attacker can create a docker container with the '/' path mounted with read/write permissions on the host server that is running the docker container. As the docker container executes command as uid 0 it is honored by the host operating system allowing the attacker to edit/create files owed by root. This exploit abuses this to create a cron job in the '/etc/cron.d/' path of the host server. Note that the docker image must be a valid docker image from hub.docker.com. Further more the docker container will only deploy if there are resources available in the DC/OS cluster.

tags | exploit, root
SHA-256 | 10a3e28a45a0567b678d813b94116bfb80c6f6277258907fff79b23d661ddc57
Xavier 2.4 SQL Injection
Posted Jun 7, 2017
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Xavier PHP Login Script and User Management Admin Panel version 2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 35496196f3effbb70e82163efda2bde296879c8410d68fc560ac6a676428bbe5
Perch CMS 3.0.3 Cross Site Scripting / File Upload
Posted Jun 7, 2017
Authored by Vulnerability Laboratory, SaifAllah benMassaoud | Site vulnerability-lab.com

Perch CMS version 3.0.3 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
SHA-256 | 6a0a152986b08dee8282a0c7c5bcba85795178625c73990c128c31e9835f1609
GravCMS Core 1.4.2 Cross Site Scripting
Posted Jun 7, 2017
Authored by Ahsan Tahir

GravCMS Core version 1.4.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6859904693f59dc1a87f949a9088db27006085c961e75af2505777a6dbb7ac5b
Ubuntu Security Notice USN-3313-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3313-1 - It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-0605
SHA-256 | e3bf0d061eec75957f131a8db8693652f4530bee007574fc11d3087c424a88a0
Ubuntu Security Notice USN-3312-2
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3312-2 - USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information or cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7913, CVE-2016-7917, CVE-2016-8632, CVE-2016-9083, CVE-2016-9084, CVE-2016-9604, CVE-2017-0605, CVE-2017-2596, CVE-2017-2671, CVE-2017-6001, CVE-2017-7472, CVE-2017-7618, CVE-2017-7645, CVE-2017-7889, CVE-2017-7895
SHA-256 | 9bc4f5c509d58e7374d08b91a33f59e8cc908ffa5e09f39be89e361fa0dd271e
Ubuntu Security Notice USN-3312-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3312-1 - It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information or cause a denial of service. Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build function in the Linux kernel. A local attacker could use to cause a denial of service or possibly execute arbitrary code with administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7913, CVE-2016-7917, CVE-2016-8632, CVE-2016-9083, CVE-2016-9084, CVE-2016-9604, CVE-2017-0605, CVE-2017-2596, CVE-2017-2671, CVE-2017-6001, CVE-2017-7472, CVE-2017-7618, CVE-2017-7645, CVE-2017-7889, CVE-2017-7895
SHA-256 | f93b3056d137e6f094a683c78f33de2cfc51578e2b30f5bf0580b49f3136e70e
Gentoo Linux Security Advisory 201706-14
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-14 - Multiple vulnerabilities have been found in FreeType, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.8 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10244, CVE-2016-10328, CVE-2017-7857, CVE-2017-7858, CVE-2017-7864, CVE-2017-8105, CVE-2017-8287
SHA-256 | d5896fe968f276e9777c40ceb6bb2ecf8c61938a3d77fd2a63e307b9529a3f09
Gentoo Linux Security Advisory 201706-13
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-13 - An out-of-bounds data access in minicom might allow remote attackers to execute arbitrary code. Versions less than 2.7.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2017-7467
SHA-256 | af20739aac62fa0e19e3433e95656fbff15e7579d60feb7aaf7cddcd2478abb5
Gentoo Linux Security Advisory 201706-12
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-12 - Multiple vulnerabilities have been found in Wireshark, the worst of which allows remote attackers to cause a Denial of Service condition. Versions less than 2.2.6 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2017-6014, CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703, CVE-2017-7704, CVE-2017-7705
SHA-256 | 77739c806886f874d250eb638f6d93c94224d845afd46bdcc291ffc971ad5dde
Gentoo Linux Security Advisory 201706-15
Posted Jun 7, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-15 - Multiple vulnerabilities have been found in WebKitGTK+, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.16.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2330, CVE-2015-7096, CVE-2015-7098, CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727, CVE-2016-1728, CVE-2016-4692, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7589, CVE-2016-7592, CVE-2016-7598, CVE-2016-7599, CVE-2016-7610, CVE-2016-7611, CVE-2016-7623, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639, CVE-2016-7640, CVE-2016-7641, CVE-2016-7642, CVE-2016-7645, CVE-2016-7646
SHA-256 | 0f0105d96fbcea6b9b76a7f79a96aabbf255ca8d1f252a50706a3a60ce70ec80
Ubuntu Security Notice USN-3314-1
Posted Jun 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3314-1 - It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-9604, CVE-2017-0605, CVE-2017-2671, CVE-2017-7277, CVE-2017-7472, CVE-2017-7618, CVE-2017-7645, CVE-2017-7889, CVE-2017-7895, CVE-2017-7979, CVE-2017-8063, CVE-2017-8064, CVE-2017-8067
SHA-256 | 97b6224fb0c1440e3c27196c751fe7e85e5f5e540f680453e3395eb740d8b882
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close